HTTP Public Key Pinning (HPKP) instructs a user agent to bind a site to specific root certificate authority, intermediate certificate authority, or end-entity public key. This prevents certificate authorities from issuing unauthorized certificates for a given domain that would nevertheless be trusted by the browsers.
Maximum risk sites must enable the use of HTTP Public Key Pinning (HPKP).