diff --git a/eShopOnContainers-MobileApps.sln b/eShopOnContainers-MobileApps.sln
index f70efddf1..cda44c042 100755
--- a/eShopOnContainers-MobileApps.sln
+++ b/eShopOnContainers-MobileApps.sln
@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 15
-VisualStudioVersion = 15.0.26228.9
+VisualStudioVersion = 15.0.26430.16
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "src", "src", "{932D8224-11F6-4D07-B109-DA28AD288A63}"
 EndProject
@@ -473,6 +473,8 @@ Global
 		{A7337243-33B8-463A-87AD-944B75EFD820}.AppStore|x86.Build.0 = Release|x86
 		{A7337243-33B8-463A-87AD-944B75EFD820}.AppStore|x86.Deploy.0 = Release|x86
 		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|Any CPU.ActiveCfg = Debug|x86
+		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|Any CPU.Build.0 = Debug|x86
+		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|Any CPU.Deploy.0 = Debug|x86
 		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|ARM.ActiveCfg = Debug|ARM
 		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|ARM.Build.0 = Debug|ARM
 		{A7337243-33B8-463A-87AD-944B75EFD820}.Debug|ARM.Deploy.0 = Debug|ARM
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs
index 185d227d0..712d01095 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/Services/Identity/IdentityService.cs
@@ -1,16 +1,19 @@
-using IdentityModel.Client;
-using System;
+using System;
 using System.Collections.Generic;
 using System.Net;
+using System.Text;
 using System.Threading.Tasks;
 using eShopOnContainers.Core.Services.RequestProvider;
 using eShopOnContainers.Core.Models.Token;
+using IdentityModel.Client;
+using PCLCrypto;
 
 namespace eShopOnContainers.Core.Services.Identity
 {
     public class IdentityService : IIdentityService
     {
 		private readonly IRequestProvider _requestProvider;
+        private string _codeVerifier;
 
 		public IdentityService(IRequestProvider requestProvider)
 		{
@@ -22,6 +25,9 @@ namespace eShopOnContainers.Core.Services.Identity
             // Create URI to authorization endpoint
             var authorizeRequest = new AuthorizeRequest(GlobalSetting.Instance.IdentityEndpoint);
 
+            // Create code verifier for PKCE
+            _codeVerifier = RandomDataBase64Url(32);
+
             // Dictionary with values for the authorize request
             var dic = new Dictionary<string, string>();
             dic.Add("client_id", GlobalSetting.Instance.ClientId);
@@ -30,6 +36,8 @@ namespace eShopOnContainers.Core.Services.Identity
             dic.Add("scope", "openid profile basket orders locations marketing offline_access");
             dic.Add("redirect_uri", GlobalSetting.Instance.IdentityCallback);
             dic.Add("nonce", Guid.NewGuid().ToString("N"));
+            dic.Add("code_challenge", Base64UrlEncodeNoPadding(Sha256(_codeVerifier)));
+            dic.Add("code_challenge_method", "S256");
 
             // Add CSRF token to protect against cross-site request forgery attacks.
             var currentCSRFToken = Guid.NewGuid().ToString("N");
@@ -54,9 +62,31 @@ namespace eShopOnContainers.Core.Services.Identity
 
 		public async Task<UserToken> GetTokenAsync(string code)
 		{
-			string data = string.Format("grant_type=authorization_code&code={0}&redirect_uri={1}", code, WebUtility.UrlEncode(GlobalSetting.Instance.IdentityCallback));
+			string data = string.Format("grant_type=authorization_code&code={0}&redirect_uri={1}&code_verifier={2}", code, WebUtility.UrlEncode(GlobalSetting.Instance.IdentityCallback), _codeVerifier);
 			var token = await _requestProvider.PostAsync<UserToken>(GlobalSetting.Instance.TokenEndpoint, data, GlobalSetting.Instance.ClientId, GlobalSetting.Instance.ClientSecret);
 			return token;
 		}
+
+        private string RandomDataBase64Url(int length)
+        {
+            byte[] bytes = WinRTCrypto.CryptographicBuffer.GenerateRandom(length);
+            return Base64UrlEncodeNoPadding(bytes);
+        }
+
+        private byte[] Sha256(string input)
+        {
+            byte[] bytes = Encoding.UTF8.GetBytes(input);
+            var sha256 = WinRTCrypto.HashAlgorithmProvider.OpenAlgorithm(HashAlgorithm.Sha256);
+            return sha256.HashData(bytes);
+        }
+
+        private string Base64UrlEncodeNoPadding(byte[] buffer)
+        {
+            string base64 = Convert.ToBase64String(buffer);
+            base64 = base64.Replace("+", "-");
+            base64 = base64.Replace("/", "_");
+            base64 = base64.Replace("=", string.Empty);
+            return base64;
+        }
     }
 }
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/ViewModels/SettingsViewModel.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/ViewModels/SettingsViewModel.cs
index e6db66713..e6e32393f 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/ViewModels/SettingsViewModel.cs
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/ViewModels/SettingsViewModel.cs
@@ -281,13 +281,13 @@ namespace eShopOnContainers.Core.ViewModels
             if (!UseFakeLocation)
             {
                 TitleUseFakeLocation = "Use Real Location";
-                DescriptionUseFakeLocation = "When enabling the use of real location, the app will attempt to use real location from the device.";
+                DescriptionUseFakeLocation = "When enabling location, the app will attempt to use the location from the device.";
 
             }
             else
             {
                 TitleUseFakeLocation = "Use Fake Location";
-                DescriptionUseFakeLocation = "Fake Location are added for marketing campaign testing.";
+                DescriptionUseFakeLocation = "Fake Location data is added for marketing campaign testing.";
             }
         }
 
@@ -295,13 +295,13 @@ namespace eShopOnContainers.Core.ViewModels
         {
             if (!AllowGpsLocation)
             {
-                TitleAllowGpsLocation = "GPS location Denied";
-                DescriptionAllowGpsLocation = "When denying the use of device gps you won't get the location campaigns through your real location.";
+                TitleAllowGpsLocation = "GPS Location Disabled";
+                DescriptionAllowGpsLocation = "When disabling location, you won't receive location campaigns based upon your location.";
             }
             else
             {
-                TitleAllowGpsLocation = "GPS location Allowed";
-                DescriptionAllowGpsLocation = "When allowing the use of device gps you will get the location campaigns through your real location.";
+                TitleAllowGpsLocation = "GPS Location Enabled";
+                DescriptionAllowGpsLocation = "When enabling location, you'll receive location campaigns based upon your location.";
 
             }
         }
@@ -344,7 +344,7 @@ namespace eShopOnContainers.Core.ViewModels
                 if (!locator.IsGeolocationEnabled)
                 {
                     _allowGpsLocation = false;
-                    GpsWarningMessage = "Enable your GPS system in your device";
+                    GpsWarningMessage = "Enable the GPS sensor on your device";
                 }
                 else
                 {
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/project.json b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/project.json
index 5038874fa..31f0b8d52 100755
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Core/project.json
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Core/project.json
@@ -8,6 +8,7 @@
     "Microsoft.Net.Http": "2.2.29",
     "modernhttpclient": "2.4.2",
     "Newtonsoft.Json": "9.0.1",
+    "PCLCrypto": "2.0.147",
     "SlideOverKit": "2.1.4",
     "Splat": "1.6.2",
     "System.ComponentModel.Annotations": "4.3.0",
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj b/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj
index 8443790d8..65754cab8 100755
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/eShopOnContainers.Droid.csproj
@@ -100,6 +100,21 @@
       <HintPath>..\..\..\..\packages\modernhttpclient.2.4.2\lib\MonoAndroid\OkHttp.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="PCLCrypto, Version=2.0.0.0, Culture=neutral, PublicKeyToken=d4421c8a4786956c, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PCLCrypto.2.0.147\lib\MonoAndroid23\PCLCrypto.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.BCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.BCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.BCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Kernel32, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Kernel32.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Kernel32.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.NCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.NCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.NCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Windows.Core, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Windows.Core.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Windows.Core.dll</HintPath>
+    </Reference>
     <Reference Include="Plugin.CurrentActivity, Version=1.0.1.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Plugin.CurrentActivity.1.0.1\lib\MonoAndroid10\Plugin.CurrentActivity.dll</HintPath>
     </Reference>
@@ -149,6 +164,9 @@
     <Reference Include="System.ObjectModel" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Xml" />
+    <Reference Include="Validation, Version=2.2.0.0, Culture=neutral, PublicKeyToken=2fc06f0d701809a7, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\Validation.2.2.8\lib\dotnet\Validation.dll</HintPath>
+    </Reference>
     <Reference Include="Xamarin.Android.Support.Animated.Vector.Drawable, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Xamarin.Android.Support.Animated.Vector.Drawable.23.3.0\lib\MonoAndroid403\Xamarin.Android.Support.Animated.Vector.Drawable.dll</HintPath>
       <Private>True</Private>
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/packages.config b/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/packages.config
index 55c835f31..95cda4ca8 100755
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/packages.config
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Droid/packages.config
@@ -14,6 +14,11 @@
   <package id="modernhttpclient" version="2.4.2" targetFramework="monoandroid70" />
   <package id="NETStandard.Library" version="1.6.0" targetFramework="monoandroid60" />
   <package id="Newtonsoft.Json" version="9.0.1" targetFramework="monoandroid60" />
+  <package id="PCLCrypto" version="2.0.147" targetFramework="monoandroid60" />
+  <package id="PInvoke.BCrypt" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.Kernel32" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.NCrypt" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.Windows.Core" version="0.3.2" targetFramework="monoandroid60" />
   <package id="Plugin.CurrentActivity" version="1.0.1" targetFramework="monoandroid60" />
   <package id="Plugin.Permissions" version="1.1.7" targetFramework="monoandroid60" />
   <package id="SlideOverKit" version="2.1.4" targetFramework="monoandroid70" />
@@ -63,6 +68,7 @@
   <package id="System.Threading.Timer" version="4.0.1" targetFramework="monoandroid60" />
   <package id="System.Xml.ReaderWriter" version="4.0.11" targetFramework="monoandroid70" />
   <package id="System.Xml.XDocument" version="4.0.11" targetFramework="monoandroid70" />
+  <package id="Validation" version="2.2.8" targetFramework="monoandroid60" />
   <package id="Xam.Plugin.Geolocator" version="3.0.4" targetFramework="monoandroid60" />
   <package id="Xam.Plugins.Settings" version="2.6.0.12-beta" targetFramework="monoandroid70" />
   <package id="Xamarin.Android.Support.Animated.Vector.Drawable" version="23.3.0" targetFramework="monoandroid70" />
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/Resources/Resource.Designer.cs b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/Resources/Resource.Designer.cs
index 12d1b3f5c..318676e2f 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/Resources/Resource.Designer.cs
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/Resources/Resource.Designer.cs
@@ -64,6 +64,8 @@ namespace eShopOnContainers.TestRunner.Droid
 			global::AndroidHUD.Resource.Styleable.ProgressWheel_ahTextColor = global::eShopOnContainers.TestRunner.Droid.Resource.Styleable.ProgressWheel_ahTextColor;
 			global::AndroidHUD.Resource.Styleable.ProgressWheel_ahTextSize = global::eShopOnContainers.TestRunner.Droid.Resource.Styleable.ProgressWheel_ahTextSize;
 			global::ModernHttpClient.Resource.String.library_name = global::eShopOnContainers.TestRunner.Droid.Resource.String.library_name;
+			global::PCLCrypto.Resource.String.ApplicationName = global::eShopOnContainers.TestRunner.Droid.Resource.String.ApplicationName;
+			global::PCLCrypto.Resource.String.Hello = global::eShopOnContainers.TestRunner.Droid.Resource.String.Hello;
 			global::Splat.Resource.String.library_name = global::eShopOnContainers.TestRunner.Droid.Resource.String.library_name;
 			global::Xamarin.Forms.Platform.Android.Resource.Attribute.actionBarSize = global::eShopOnContainers.TestRunner.Droid.Resource.Attribute.actionBarSize;
 		}
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj
index 527ff23f4..ded572845 100755
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/eShopOnContainers.TestRunner.Droid.csproj
@@ -51,6 +51,21 @@
     </Reference>
     <Reference Include="Mono.Android" />
     <Reference Include="mscorlib" />
+    <Reference Include="PCLCrypto, Version=2.0.0.0, Culture=neutral, PublicKeyToken=d4421c8a4786956c, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PCLCrypto.2.0.147\lib\MonoAndroid23\PCLCrypto.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.BCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.BCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.BCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Kernel32, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Kernel32.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Kernel32.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.NCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.NCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.NCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Windows.Core, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Windows.Core.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Windows.Core.dll</HintPath>
+    </Reference>
     <Reference Include="Plugin.CurrentActivity, Version=1.0.1.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Plugin.CurrentActivity.1.0.1\lib\MonoAndroid10\Plugin.CurrentActivity.dll</HintPath>
     </Reference>
@@ -76,6 +91,9 @@
     </Reference>
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Xml" />
+    <Reference Include="Validation, Version=2.2.0.0, Culture=neutral, PublicKeyToken=2fc06f0d701809a7, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\Validation.2.2.8\lib\dotnet\Validation.dll</HintPath>
+    </Reference>
     <Reference Include="Xamarin.Android.Support.Animated.Vector.Drawable, Version=1.0.0.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Xamarin.Android.Support.Animated.Vector.Drawable.23.3.0\lib\MonoAndroid403\Xamarin.Android.Support.Animated.Vector.Drawable.dll</HintPath>
       <Private>True</Private>
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/packages.config b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/packages.config
index c2eacca73..0a0cc52e6 100755
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/packages.config
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.Droid/packages.config
@@ -13,6 +13,11 @@
   <package id="modernhttpclient" version="2.4.2" targetFramework="monoandroid60" />
   <package id="NETStandard.Library" version="1.6.0" targetFramework="monoandroid60" />
   <package id="Newtonsoft.Json" version="9.0.1" targetFramework="monoandroid60" />
+  <package id="PCLCrypto" version="2.0.147" targetFramework="monoandroid60" />
+  <package id="PInvoke.BCrypt" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.Kernel32" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.NCrypt" version="0.3.2" targetFramework="monoandroid60" />
+  <package id="PInvoke.Windows.Core" version="0.3.2" targetFramework="monoandroid60" />
   <package id="Plugin.CurrentActivity" version="1.0.1" targetFramework="monoandroid60" />
   <package id="Plugin.Permissions" version="1.1.7" targetFramework="monoandroid60" />
   <package id="SlideOverKit" version="2.1.4" targetFramework="monoandroid60" />
@@ -60,6 +65,7 @@
   <package id="System.Threading.Timer" version="4.0.1" targetFramework="monoandroid60" />
   <package id="System.Xml.ReaderWriter" version="4.0.11" targetFramework="monoandroid60" />
   <package id="System.Xml.XDocument" version="4.0.11" targetFramework="monoandroid60" />
+  <package id="Validation" version="2.2.8" targetFramework="monoandroid60" />
   <package id="Xam.Plugin.Geolocator" version="3.0.4" targetFramework="monoandroid60" />
   <package id="Xam.Plugins.Settings" version="2.6.0.12-beta" targetFramework="monoandroid60" />
   <package id="Xamarin.Android.Support.Animated.Vector.Drawable" version="23.3.0" targetFramework="monoandroid70" />
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj
index 65a346694..9bc77cc6d 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/eShopOnContainers.TestRunner.iOS.csproj
@@ -24,7 +24,8 @@
     <MtouchArch>x86_64</MtouchArch>
     <MtouchLink>None</MtouchLink>
     <MtouchDebug>True</MtouchDebug>
-    <MtouchSdkVersion></MtouchSdkVersion>
+    <MtouchSdkVersion>
+    </MtouchSdkVersion>
     <MtouchProfiling>False</MtouchProfiling>
     <MtouchFastDev>False</MtouchFastDev>
     <MtouchUseLlvm>False</MtouchUseLlvm>
@@ -58,7 +59,8 @@
     <CodesignEntitlements>Entitlements.plist</CodesignEntitlements>
     <CodesignKey>iPhone Developer</CodesignKey>
     <MtouchDebug>true</MtouchDebug>
-    <MtouchSdkVersion></MtouchSdkVersion>
+    <MtouchSdkVersion>
+    </MtouchSdkVersion>
     <MtouchLink>None</MtouchLink>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|iPhone' ">
@@ -107,6 +109,21 @@
     <None Include="packages.config" />
   </ItemGroup>
   <ItemGroup>
+    <Reference Include="PCLCrypto, Version=2.0.0.0, Culture=neutral, PublicKeyToken=d4421c8a4786956c, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PCLCrypto.2.0.147\lib\xamarinios10\PCLCrypto.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.BCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.BCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.BCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Kernel32, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Kernel32.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Kernel32.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.NCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.NCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.NCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Windows.Core, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Windows.Core.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Windows.Core.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.Net.Http.Extensions, Version=2.2.29.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Microsoft.Net.Http.2.2.29\lib\Xamarin.iOS10\System.Net.Http.Extensions.dll</HintPath>
@@ -116,6 +133,9 @@
     </Reference>
     <Reference Include="System.Xml" />
     <Reference Include="System.Core" />
+    <Reference Include="Validation, Version=2.2.0.0, Culture=neutral, PublicKeyToken=2fc06f0d701809a7, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\Validation.2.2.8\lib\dotnet\Validation.dll</HintPath>
+    </Reference>
     <Reference Include="Xamarin.Forms.Core, Version=2.0.0.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Xamarin.Forms.2.3.4.231\lib\Xamarin.iOS10\Xamarin.Forms.Core.dll</HintPath>
     </Reference>
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/packages.config b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/packages.config
index 18d4175f8..611726589 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/packages.config
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.TestRunner.iOS/packages.config
@@ -12,6 +12,11 @@
   <package id="modernhttpclient" version="2.4.2" targetFramework="xamarinios10" />
   <package id="NETStandard.Library" version="1.6.0" targetFramework="xamarinios10" />
   <package id="Newtonsoft.Json" version="9.0.1" targetFramework="xamarinios10" />
+  <package id="PCLCrypto" version="2.0.147" targetFramework="xamarinios10" />
+  <package id="PInvoke.BCrypt" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.Kernel32" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.NCrypt" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.Windows.Core" version="0.3.2" targetFramework="xamarinios10" />
   <package id="SlideOverKit" version="2.1.4" targetFramework="xamarinios10" />
   <package id="Splat" version="1.6.2" targetFramework="xamarinios10" />
   <package id="System.AppContext" version="4.1.0" targetFramework="xamarinios10" />
@@ -57,6 +62,7 @@
   <package id="System.Threading.Timer" version="4.0.1" targetFramework="xamarinios10" />
   <package id="System.Xml.ReaderWriter" version="4.0.11" targetFramework="xamarinios10" />
   <package id="System.Xml.XDocument" version="4.0.11" targetFramework="xamarinios10" />
+  <package id="Validation" version="2.2.8" targetFramework="xamarinios10" />
   <package id="WebP.Touch" version="1.0.3" targetFramework="xamarinios10" />
   <package id="Xam.Plugin.Geolocator" version="3.0.4" targetFramework="xamarinios10" />
   <package id="Xam.Plugins.Settings" version="2.6.0.12-beta" targetFramework="xamarinios10" />
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.Windows/project.json b/src/Mobile/eShopOnContainers/eShopOnContainers.Windows/project.json
index 6acfea559..614b2331b 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.Windows/project.json
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.Windows/project.json
@@ -4,6 +4,7 @@
     "IdentityModel": "1.3.1",
     "Microsoft.NETCore.UniversalWindowsPlatform": "5.3.3",
     "Newtonsoft.Json": "9.0.1",
+    "PCLCrypto": "2.0.147",
     "SlideOverKit": "2.1.4",
     "Xam.Plugin.Geolocator": "3.0.4",
     "Xam.Plugins.Settings": "2.6.0.12-beta",
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj b/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj
index 7faa02a05..8335ea085 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/eShopOnContainers.iOS.csproj
@@ -27,7 +27,8 @@
     <MtouchArch>i386, x86_64</MtouchArch>
     <MtouchLink>None</MtouchLink>
     <MtouchDebug>True</MtouchDebug>
-    <MtouchSdkVersion></MtouchSdkVersion>
+    <MtouchSdkVersion>
+    </MtouchSdkVersion>
     <MtouchProfiling>False</MtouchProfiling>
     <MtouchFastDev>False</MtouchFastDev>
     <MtouchUseLlvm>False</MtouchUseLlvm>
@@ -166,6 +167,21 @@
       <HintPath>..\..\..\..\packages\Newtonsoft.Json.9.0.1\lib\portable-net45+wp80+win8+wpa81\Newtonsoft.Json.dll</HintPath>
       <Private>True</Private>
     </Reference>
+    <Reference Include="PCLCrypto, Version=2.0.0.0, Culture=neutral, PublicKeyToken=d4421c8a4786956c, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PCLCrypto.2.0.147\lib\xamarinios10\PCLCrypto.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.BCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.BCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.BCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Kernel32, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Kernel32.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Kernel32.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.NCrypt, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.NCrypt.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.NCrypt.dll</HintPath>
+    </Reference>
+    <Reference Include="PInvoke.Windows.Core, Version=0.3.0.0, Culture=neutral, PublicKeyToken=9e300f9f87f04a7a, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\PInvoke.Windows.Core.0.3.2\lib\portable-net45+win+wpa81+MonoAndroid10+xamarinios10+MonoTouch10\PInvoke.Windows.Core.dll</HintPath>
+    </Reference>
     <Reference Include="Plugin.Settings, Version=2.6.0.12, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\Xam.Plugins.Settings.2.6.0.12-beta\lib\Xamarin.iOS10\Plugin.Settings.dll</HintPath>
       <Private>True</Private>
@@ -197,6 +213,9 @@
     </Reference>
     <Reference Include="System.Xml" />
     <Reference Include="System.Core" />
+    <Reference Include="Validation, Version=2.2.0.0, Culture=neutral, PublicKeyToken=2fc06f0d701809a7, processorArchitecture=MSIL">
+      <HintPath>..\..\..\..\packages\Validation.2.2.8\lib\dotnet\Validation.dll</HintPath>
+    </Reference>
     <Reference Include="WebP.Touch, Version=1.0.6230.37678, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\..\..\..\packages\WebP.Touch.1.0.3\lib\Xamarin.iOS10\WebP.Touch.dll</HintPath>
     </Reference>
diff --git a/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/packages.config b/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/packages.config
index d13c2c74b..95a56e5e6 100644
--- a/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/packages.config
+++ b/src/Mobile/eShopOnContainers/eShopOnContainers.iOS/packages.config
@@ -12,6 +12,11 @@
   <package id="modernhttpclient" version="2.4.2" targetFramework="xamarinios10" />
   <package id="NETStandard.Library" version="1.6.0" targetFramework="xamarinios10" />
   <package id="Newtonsoft.Json" version="9.0.1" targetFramework="xamarinios10" />
+  <package id="PCLCrypto" version="2.0.147" targetFramework="xamarinios10" />
+  <package id="PInvoke.BCrypt" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.Kernel32" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.NCrypt" version="0.3.2" targetFramework="xamarinios10" />
+  <package id="PInvoke.Windows.Core" version="0.3.2" targetFramework="xamarinios10" />
   <package id="SlideOverKit" version="2.1.4" targetFramework="xamarinios10" />
   <package id="Splat" version="1.6.2" targetFramework="xamarinios10" />
   <package id="System.AppContext" version="4.1.0" targetFramework="xamarinios10" />
@@ -57,6 +62,7 @@
   <package id="System.Threading.Timer" version="4.0.1" targetFramework="xamarinios10" />
   <package id="System.Xml.ReaderWriter" version="4.0.11" targetFramework="xamarinios10" />
   <package id="System.Xml.XDocument" version="4.0.11" targetFramework="xamarinios10" />
+  <package id="Validation" version="2.2.8" targetFramework="xamarinios10" />
   <package id="WebP.Touch" version="1.0.3" targetFramework="xamarinios10" />
   <package id="Xam.Plugin.Geolocator" version="3.0.4" targetFramework="xamarinios10" />
   <package id="Xam.Plugins.Settings" version="2.6.0.12-beta" targetFramework="xamarinios10" />
diff --git a/src/Services/Identity/Identity.API/Configuration/Config.cs b/src/Services/Identity/Identity.API/Configuration/Config.cs
index 412220673..9bd1dd414 100644
--- a/src/Services/Identity/Identity.API/Configuration/Config.cs
+++ b/src/Services/Identity/Identity.API/Configuration/Config.cs
@@ -67,6 +67,7 @@ namespace Identity.API.Configuration
                     },
                     RedirectUris = { clientsUrl["Xamarin"] },
                     RequireConsent = false,
+                    RequirePkce = true,
                     PostLogoutRedirectUris = { $"{clientsUrl["Xamarin"]}/Account/Redirecting" },
                     AllowedCorsOrigins = { "http://eshopxamarin" },
                     AllowedScopes = new List<string>