When we're building apps that have sensitive data or sensitive capabilities in them, we maybe storing somebody's personal memories or we maybe doing something else in the app, it's really important that we employ a principle of design called complete mediation. And what we want to do is whenever some entity or object in our system is accessing one of these sensitive capabilities or pieces of information, we want to check that that access is appropriate and do any type of authentication or other things that we need, to make sure that that access is right. Every time, if possible, we want to check if that access should be happening. If the thing that is accessing it really should have access to it at that point in time, and given the context. Complete mediation is being very, very careful in doling out access to the sensitive capabilities. There are sensitive pieces of information that our app has. Now for example if we build a system where you log in once and then once you've logged in, you always have access to these different capabilities, that maybe not the best idea depending on the environment that we're operating in. For example, let's say that we build an app that has very sensitive banking information in it and you can once you signed in, you can instantly launch that app and see all of the banking information. And then we're not going to check anything that goes on with it. That might be a violation because somebody else may be able to pick up that app, that phone who isn't the owner of that bank account and look at that banking information. Or what if we create a system whereby once you've logged in as the user, you can then issue any transactions you want. You install the app once, you log in, and then you can open the app at any time and make transactions. And we accidentally expose an activity that can receive an intent from the outside. And suddenly the other apps on the device can start requesting that transactions be made and we aren't rechecking that this really an appropriate access. We're not completely mediating these transactions on the bank account and making sure that they should really be happening. This is a really important principle that we're always checking these accesses to secure sensitive information to sensitive capabilities or a device. And we're not just allowing and assuming that just because something's authenticated once, that it's always going to get access and that we shouldn't check those things later down the road. We always want to carefully check what we're doing and ensure that we're not creating in a security issue and this is what a complete mediation is about.