Mobile App Security

Data storage

All data on the device is stored in a sandbox without the ability for other apps to access it (unless the device is jailbroken/rooted, which is usually caused by physical access to the device). On Android, you can enable data encryption as of Android Gingerbread (2.3.x). Companies can also enforce Google device policies to ensure that the data on Android devices is secured. On iOS, data encryption is enabled by default and cannot be disabled.

Data encryption

In addition to the file system encryption of the operating systems, Jedox Mobile App stores all documents downloaded to the device with 256-bit AES-GCM encryption. If you allow the app to store user data (e.g. credentials), then the data is stored encrypted. For iOS, passwords are stored in the system keychain, which in turn is protected by the system's security and the device's password. For Android, the credentials are stored encrypted using 256-bit AES-GCM in the app-specific SharedPreferences.

Data transmission

Jedox Mobile App uses secure (encrypted) HTTPS connections.

Jedox Mobile App communicates with the Jedox In-Memory DB through Jedox Web, which adds another layer of security between the mobile devices and the data. The app uses JSON to communicate with Jedox Web, so no external RPC or RMI calls are needed.

Authentication

Jedox Mobile App uses the credentials given by and configured in Jedox Web. The credentials are stored encrypted in the Jedox In-Memory DB. To log in, Jedox Mobile sends the credentials entered by the app user to the Jedox Web instance, which then decides whether the user gets access to the data or not.

Jedox Mobile supports SAML authentication for iOS and Android.

Authorization

Jedox Mobile App uses the same user rights configured in Jedox Web. Administrators can define what actions a user is allowed to perform within the app, such as adding, changing, or viewing reports, etc.

Hidden Sensitive data

Jedox Mobile App ensures that no sensitive information is displayed when the app is sent to the background. Instead of a screen snapshot, iOS replaces it with a blue color overlay image that protects the data.

Updated December 9, 2024