Important! A new Community experience launched on September 26, 2017. Read more about it here or continue to Base Camp.
Voting: 
Vote up!
5 Votes
1 Replies

security

jayant on Sep 16, 2014 20:56 EDT

Posted In
Kony Answered Certificate
Vote up!
2 votes
Vote down!

Hi Jayant,
 
Kony data security model ensures that any data transaction between the device and server is encrypted using the industry standard mechanisms. This encryption applies to the data stored on the device as well (in case the application logic demands so).
 
Applications developed and hosted by Kony are tested regularly by an approved QSA and are certified to be PCI compliant. Kony follows industry standard practices during the design, development, testing and deployment of the applications to ensure compliance with the PCI requirements. 
 
Coming to device side storage security, Kony provides API for encryption and decryption. Refer the link given below.
http://docs.kony.com/5_6_PDFs/Kony_API_Reference_Guide.pdf
>>under crypto API
 
Also, please refer the link below for Kony Security info.
http://developer.kony.com/twiki/pub/Portal/Docs/Kony_Server_Internals_Guide/Default.htm#Security.htm%3FTocPath%3DSecurity%7C_____0
 
To configure SSL certificates on different handsets like BB, android & iphone,refer the below links 
Android: 
http://www.guyrutenberg.com/2013/03/16/manually-install-ssl-certificate-in-android-jelly-bean/
 
IOS:
http://blog.httpwatch.com/2013/12/12/five-tips-for-using-self-signed-ssl-certificates-with-ios/
 
BB:
http://yourbusiness.azcentral.com/set-up-ssl-certificate-blackberry-19571.html
 
Regarding Kony Apps security, we can bundle the certificates with the app.We are having a feature to configure certificates from application app properties.
 
Steps for the same are as follows
To allow only specific certificates you can use "Allow Bundled Certificates" option IDE -> Application-> Properties (right click on the App)->Native-Android : click on the drop down list box , beside the text "Allow Self Signed /Untrusted Certificates" and select "Allow Bundled" option.
To bundle the certificate in the application please create a folder with name "certs" in assets folder and place the certificate files in this "certs" folder 
<workspace>/<app>/resources/mobile/native/android/assets/certs/"
 
Note: Create "assets" directory under “<workspace>/<app>/resources/resources/mobile/native/android/" if it is already not present.
 
For publishing apps to public store ,follow the below links.
https://developer.apple.com/app-store/review/
http://developer.android.com/distribute/tools/launch-checklist.html
http://developer.android.com/tools/publishing/app-signing.html
 
Please do let us know in case you need any further details around the same topic.
 
Regards
Srinivas Kolaparthi

Sep 17, 2014 06:06 EDT