Version: 5.5
Release Date: 2021-08-30
Introduction
Smart ID Mobile App 5.5 for Android has been released today.
Main new features
Mobile Middleware
Mobile Middleware generally implies the capability to read and use external tokens such as smartcards, passports, and hardware security tokens, from the mobile device.
With this release, Smart ID Mobile App for Android can use the CardOS 5.3 DI smartcard - over the contactless interface (near-field communication, NFC) - as identity holder to perform the same device online authentication via Digital Access. A prerequisite for this is that the CardOS 5.3 DI smartcard is pre-personalized by Nexus, with the correct security profile to allow secure transport of user PIN to allow cryptographic operations on the smartcard.
The primary use case that this release addresses is the so called shared mobile device use case. An example of this scenario is where a mobile device is shared between many employees who require authentication to an online service, typically via a browser, or via an app tied to the organization. There are however some problems with this scenario:
- Using username and password is both cumbersome and leaves security compromised.
- Mobile identities (stored on the mobile device) are not the answer to the problem, as the identity of each employee must be replicated to every mobile device the employee will ever use.
The response to the problem is to combine the mobility of the Smart ID Mobile App, shared between many resources, with a personal physical contactless external smartcard, holding the security information of each employee.
In essence, whenever the employee needs to perform an authentication, the Smart ID Mobile App is triggered and lets the user enter their personal smartcard PIN code before finally tapping the contactless smartcard to the mobile device to execute the authentication.
Secure Visual ID
With this release, the concept of a secure Visual ID is introduced in Smart ID Mobile App for Android, which now provides means to have digitally signed Visual ID to prove its authenticity. The Visual ID issuer is validated by the mobile app and different level of Visual ID issuance like production, test/demo are introduced. As in previous releases, the Visual ID is protected by PIN or biometrics for display, and it has app-level screenshot protection to make it more difficult to copy. The mobile app also has real-time user induced animation overlay for proof of possession.
Detailed feature list
Features
Jira ticket no | Description | Operating system |
---|
PMOB-2948 | Improved security for Visual ID Added support for JWS encoded data in visual data. | Android |
PMOB-2949 | Mobile Middleware CardOS 5.3 DI Support for NFC tokens (CardOS 5.3 DI tokens pre-personalized by Nexus) used for mobile middleware and shared devices. | Android |
Corrected bugs
Jira ticket no | Description | Operating system |
---|
NA | General stability improvements | Android |
For information regarding support, training and other services in your area, please visit our website at www.nexusgroup.com/.
Support
Nexus offers maintenance and support services for Smart ID Mobile App to customers and partners. For more information, please refer to the Nexus Technical Support at www.nexusgroup.com/support/, or contact your local sales representative.