Latest update: May 29, 2018
1- Device & App history
Does the App allow to view one or more of information about activity on the device, which apps are running, browsing and bookmarks?
Does the App use the device's location: Approximate location (network-based)
Precise location: GPS and network-based?
Yes. The location needs to be enabled for Bluetooth LE to work.
Does the App notify and obtain user consent before collecting, transmitting or using location data?
Yes. The App obtains user consent to use the location permission through Android's runtime request: a dialogue asking to access your location with ALLOW and DENY as choices. Location data does not leave the device. Location data is not used by the app.
Does the App find account on the device? Add or remove accounts?
Does the App use one or more of: files on a device such as images, videos or audio, the device's external storage?
5- Wi-Fi connection information
Does the App allow to view information about wi-fi networking, such as whether wi-fi is enabled and anmeas of connected devices?
6- Device ID & Call information
Does the App allow to determine the phone number and device IDs, whether a call is active and the remote number connected by a call?
The phone identity (IMEI) is used to calculate a device fingerprint, used to encrypt and store some secret data in the phone memory. Determining whether a call is active and determining the remote number connected by a call is not used.
Does the App also record and transmits anonymized network performance data for analysis by Analytic Engine? This data is used for the purpose of assessing network quality of service issues. No personally identifiable information is recorded or transmitted, including no key press information, no contact information, etc.?
7- App description
SafeNet Knox Plugin is a mobile application developed based on Samsung Knox SDK, particularly on the Knox Universal Credential Management (UCM) SDK, for Samsung devices running on the Android platform. With the Knox UCM framework, SafeNet Knox Plugin brings the highest possible security level to other Knox compliant applications by providing access to the Gemalto PKI Secure Elements and acting as a standardized middleware. It is a BYOD-ready technology that protects the confidential information by separating the private and professional environments of the users in two isolated containers. The security policy of the professional container is completely controlled by the IT Administrator, possibly using an MDM (Mobile Device Manager) from Samsung or other vendors.
8- App Permissions
Does the App require access to certain systems within your device? When you install an application, you are notified of all of the following permissions required to run that application:
READ_PHONE_STATE: needed to get device identifiers to calculate a device fingerprint. This is used to encrypt and store secret data.
LOCATION: needed to use Bluetooth LE.
STORAGE: needed to access the microSD card.
Does the App send data over unencrypted (HTTP) or an encrypted (HTTPS) connection?
10- Explain why the data are being collected, when and for what purpose
11- Do you assign an appropriate rating to the App?
12- Can the App be downloaded by children?
13- Does the App comply will all the terms and conditions explained in the Apple iOS Human Interface Guidelines?
This is an Android app.
14- Does the App use trademark, service mark or images of Google, Apple, BlackBerry or other market store owners?
15- Security and Retention
Data storage: The app stores all the data in secure in the phone internal storage with encryption.
Data usage: No identifier to identify the device is sent to the Gemalto server.
Data Transmission: There is no data transfer from device to Gemalto server.