Configuring AppConnect for Android

Applicable derived credential providers and device platforms

Derived credential providers	Entrust
Device platforms	Android

Configuring AppConnect is required for Android device users to use:

the PIV-D Manager app for Android AppConnect
AppConnect apps that use derived credentials

To use AppConnect apps on an Android device, the device must have an AppConnect Device Configuration or the default Android AppConnect Configuration. This procedure assumes you create an AppConnect Device Configuration.

The AppConnect device configuration includes Data Loss Prevention (DLP) settings which you set according to your organization’s security requirements. One of the Android DLP settings allows or disables camera access for taking pictures or video. The PIV-D Manager app for Android uses the camera only for scanning the QR code, not for taking pictures or video. Therefore, you can still use the Android camera DLP setting to disable camera use in AppConnect apps.

Procedure

In the Admin Portal, go to Configurations > +Add.
Select AppConnect Device.
For Name, enter a name for the new AppConnect Device Configuration.
For OS, select Android.
In the AppConnect Passcode section, turn on the Secure Apps Passcode option.
In the AppConnect Passcode section, configure the following passcode settings according to your organization’s requirements. For example, make the passcode requirements NIST SP 800-157 compliant as described in http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-157.pdf.
- 4-digit numeric or alphanumeric
- Minimum passcode length (for alphanumeric passcodes)
- Minimum number of complex characters (for alphanumeric passcodes)
In the AppConnect Passcode section, turn on Allow user to recover passcode.
Fill in the remaining fields in the AppConnect Device Configuration according to your requirements.
Click Next.
Select the devices or device groups that you want to distribute the AppConnect Device Configuration to.
Click Done.