General Information

This General Information section explains the MobileTrust® technology, how it is used, and the purpose for which it is intended.

System Overview

MobileTrust® is an application for mobile devices, such as compatible Android devices, which improves operational security in a multitude of ways. MobileTrust® can launch a securely encrypted mobile browser, a password vault for securely storing any number of login credentials for websites, a one time password (OTP) engine, and a customizable secure password generator. The MobileTrust® app utilizes a system-wide encrypted keyboard which fortifies operational system security both inside and outside of the MobileTrust® app.

System Requirements

The MobileTrust® app is compatible with Android devices running Android 4.0 (and higher versions). Internet connection is required for certain MobileTrust® features to function properly, such as its secure encrypted mobile browser.

User Access Levels

Only registered users can use this application to add, change, and/or delete data to and from its database.

Getting Started

This Getting Started section explains how to install the MobileTrust® app on a compatible Android device.

Installation

Users can find the MobileTrust® app by searching "MobileTrust" in the Play Store for Android devices. For information regarding how to install an app on a compatible Android device, refer to the specific device’s user guide.

Note- In order to access the MobileTrust® app and its features, you must have active login credentials with an up to date software license.

First Launch & Login

After installing the MobileTrust® app, you will be greeted with the following splash screen when opening the app:

First Launch screen

You will then be prompted with the following window which explains how to enable the MobileTrust® secure encrypted keyboard on your Android device:

Login Screen

Once you have enabled the MobileTrust® secure encrypted keyboard in your device’s settings, tap "OK" to bring up the Login menu. In the "Email" text field, enter the email address you registered when subscribing to the MobileTrust® Mobile Protection Service. In the "Password" text field, enter the password you created when signing up for the MobileTrust® Mobile Protection Service. You may now tick the box that indicates "Keep me logged in" if you would like to save your login credentials and have the app automatically log you in next time. If you do not remember your password, you may click the "Recover Password" link on this page to be guided through resetting your password. You may now press "Login":

Login Screen

Default Keyboard Setup

After logging in, you will be greeted by the following screen which instructs you on how to set the MobileTrust® secure encrypted keyboard as the default system-wide keyboard:

Default Keyboard Setup

Setting Default System Keyboard

In order to properly utilize MobileTrust’s® encrypted keyboard, users must set the MobileTrust® keyboard as the default keyboard in the Android system settings. Performing this step will result in the MobileTrust® encrypted keyboard becoming the default system keyboard both inside and outside of the MobileTrust® app.

For Android Users (Version 4.0 and higher):

Open system settings and scroll down to "Language and input". Tap "Language and input".

Login Screen

In the menu "Language and input" menu, tap "Default Keyboard" and then tap "Set Up Input Methods" if the "English (United States) MobileTrust" setting is not available.

Login Screen

In the "Set Up Input Methods" menu, use the toggle switch to enable the "MobileTrust" keyboard, then select the "MobileTrust" keyboard as the default keyboard in the previous menu.

Login Screen

License Profile Selection

After tapping "Done" on the "Before you Begin" window which instructs you how to set the MobileTrust® secure encrypted keyboard as the default system-wide keyboard, you will be greeted with the License Profile window. This window allows you to select the appropriate license profile with which you have subscribed to the MobileTrust® Mobile Protection Service. If multiple license profiles exist, you can now select which license profile you would like to activate on your device. The following sample License Profile window shows an example of multiple License Profiles:

License Profile Selection

Note- The MobileTrust® app will check for an updated license profile every 48 hours until the selected license expires. If your license has expired, you must renew your license with the appropriate vendor. If the currently used license profile has an expired license, the MobileTrust® app will automatically select a different license profile if one exists with an up-to-date license.

Using MobileTrust®

The following image is the main menu of the MobileTrust app. This menu gives you easy access to all of MobileTrust’s functions. You may tap the "i" info icon to access more information about each of MobileTrust’s® functions.

Menu Screen

Secure Keyboard

The MobileTrust® Secure Keyboard is designed to actively encrypt every keystroke you type with it. The following image shows the MobileTrust® Secure Keyboard "Light" theme.

Light Theme

To access different keyboard themes, as well as to access various other keyboard settings, long-press the comma/microphone key located to the left of the spacebar and slide the selector to the settings icon shown below:

Long-Pressed Key

Doing so will bring you to the "Input options" dialog box at which point you can select "Android keyboard settings" shown below:

Input Options

In the "Android keyboard settings" window, you can toggle options such as "vibrate on keypress", "sound on keypress", "popup on keypress", as well as select a "Dark" theme from the "Keyboard Theme" selection window.

Keyboard Settings
Theme Selector
The below image shows the MobileTrust® Secure Keyboard "Dark" theme being used:
Dark Theme

Secure Browser

The secure browser allows the user to browse the internet in a safe and secure encrypted browser. The following image is an example of an Android device running MobileTrust’s® secure browser:

Secure Browser

Tapping the "<" icon will navigate to the previously loaded page.
Tapping the ">" icon will navigate to the next page.
Tapping the "X" icon will close the secure browser.

Password Vault

The Password Vault allows users to store usernames and passwords for website logins. Users are able to enter:

  • Website name: Name/Description of the website that the Password Vault is storing credentials for.
  • Username: Login username for a website.
  • Password: Password associated with the login name
  • URL: A link to the website which allows the MobileTrust® app to automatically login for you.

The following image is a sample empty Password Vault. To add a new entry, you may tap the "Add new password" text or the "+" icon.

Password Vault

Once the Password Vault New Entry window is open, you may enter a website name, username, password, and website URL into the appropriate text fields and tap the green "Save" button:

Password Vault

Once login credentials have been saved in MobileTrust’s® Password Vault, you may view the saved login credentials by tapping the Website Name, which was entered during creation of the password, in the main Password Vault menu. Doing so will display the following window with login credentials, the ability to hide/show the saved password, and a "Launch the Web Page" link which launches the specific website and automatically logs you in to your saved account.

Password Vault

One-Time Passwords

MobileTrust’s® One-Time Password Generator is based on "Open ID". Open ID is a widely used open protocol standard that enabled users to authenticate themselves in a decentralized manner and does not rely on a central authority to authenticate a user's identity. Open ID enables users to consolidate their digital identities. Users may create accounts with their preferred Open ID identity providers, and then use those accounts as the basis for signing on to any website which accepts Open ID authentication.

The following image is MobileTrust's® homepage for One-Time Passwords. The user is able to choose between "Add new OATH OTP" and "Add new ProtectID OTP".

One-Time Passwords

Add New Oath OTP

In this Add New Oath OTP section, users can register themselves using any one of the following three options:

  • Using Key URL: User must input the key URL in the corresponding field and then click on the Register button.
  • Scan Barcode: User must use their Android device camera to scan their barcode then click on the register button.
  • Manually Add Account: Users can also add accounts manually by inputting a username, a secret code, choosing a method, and setting a counter in the corresponding fields and then clicking on the Register button.
One-Time Passwords

Add New ProtectID OTP

In this Add New ProtectID OTP section, users can register themselves by filling in the Username, Password, Company, PIN, Phone, and Method fields with the appropriate information/choice. The user may then begin the registration process by tapping the "Register" button.

One-Time Passwords

After inputting the necessary information and tapping the "Register" button, the app will call the Web method with the inputted username, password, company, PIN, phone number, ticket, locale, and device ID. Upon successful execution on the web method, the app will return a URL corresponding to a specific customer. Using this URL, a separate web method is called. This web method validates the unique User ID and Device ID, registers the data in the server, and returns back a Device PIN.

Password Generator

The MobileTrust® Password Generator is a feature which allows the user to generate a customizable strong password. Using the options in the following image, the user can create a customized strong password with the following optional parameters:

  • Password Length: Allows you to specify the length of your generated password (Up to 99 characters).
  • Lower Case:Toggles whether or not lower case letters will be included in the generated strong password.
  • Upper Case: Toggles whether or not upper case letters will be included in the generated strong password.
  • Numbers: Toggles whether or not numbers will be included in the generated strong password.
  • Non Alpha Numeric: Toggles whether or not characters other than letters and numbers, such as "<", will be included in the generated strong password.
  • Starts With Number: Toggles whether or not the generated strong password will start with a number or a letter.
  • Starts With Letter: Toggles whether or not the generated strong password will start with a letter or number.
Password Generator

The following image is an example of an 8-character generated password. By tapping "Add to Password Vault", you will automatically add this generated password to your password vault which you can then access at any time for any website login credentials of your choosing:

Password Generator

Settings

The MobileTrust® settings allow you to enable certain features and modify certain values of the MobileTrust® app. The following image is an example of the MobileTrust® settings window:

Password Generator

The user is able to change/view the following settings:

  • Stay Logged In: Toggles whether or not you will have to sign in to the MobileTrust® app with your email and password upon each launch.
  • Secure Browser Homepage: Allows the user to set a custom homepage for the MobileTrust® Secure Browser.
  • Backup My Data: Allows the user to back up his/her data within an encrypted zip container located at (/sdcard/mobiletrust/archive.zip) for Android devices.
  • Restore My Data: Allows the user to restore his/her data
  • Version: Displays the currently installed version of MobileTrust®. Cannot be modified.
  • Machine ID: Displays an ID unique to your device. Cannot be modified.

Backup My Data

The MobileTrust® Backup My Data option allows you to backup your Password Vault, amongst other app information and preferences, in an encrypted zip which is then saved locally on your mobile device's internal storage. In some cases, you may find it helpful to store a copy of this encrypted zip on your PC/Mac. In order to do so, follow these steps:

  • Connect your mobile device to your PC/Mac.
  • Open your mobile device's SD card.
  • Navigate into the MobileTrust folder.
  • Copy "archive.zip" to your PC/Mac.

 

MobileTrust® Usage Info Bubbles

Secure Browser

MobileTrust's® Secure Browser is designed to have a multitude of security features beyond those of your average desktop browser. The MobileTrust® Secure Browser implements security features such as:

  • Runs in a sandbox environment.
  • Clears cookie & session caches upon launch.
  • Does not allow potentially malicious and/or vulnerable browser extensions which mitigates the likelihood of man-in-the-browser attacks.
  • Does not allow potentially malicious and/or vulnerable simultaneous tabs which mitigates the likelihood of cross-site request forgery (CSRF) and tabnapping attacks.

 

Password Generator

MobileTrust’s® Password Generator allows the user to automatically create customizable strong passwords of varying lengths. MobileTrust’s® Password Generator allows you to customize the following settings:

  • Password Length: Determines how many characters, in terms of length, the generated password will be.
  • Lower Case: Toggles whether or not the generated password will include lower case letters.
  • Upper Case: Toggles whether or not the generated password will include upper case letters.
  • Numbers: Toggles whether or not the generated password will include numbers.
  • Non Alpha Numeric: Toggles whether or not the generated password will include characters other than numbers and letter such as the ">" character.
  • Starts with Number: Toggles whether or not the generated password will begin with a number as opposed to a letter. *Enabling "Starts with Letter" setting with automatically disable this setting.*
  • Starts with Letter Toggles whether or not the generated password will begin with a letter as opposed to a number. *Enabling "Starts with Number" setting will automatically disable this setting.*

Having a difficult-to-guess password is crucial in protecting your online account login credentials. Using MobileTrust’s® password generator will allow you to easily store the generated password directly into MobileTrust’s® Password Vault.

Password Vault

MobileTrust’s® Password Vault allows you to store, and search through, both generated and manually entered passwords. The Password Vault also enables our secure browser to automatically log you in to the websites for which you have your credentials stored. The Password Vault allows you to enter 4 key pieces of information to save your login credentials:

  • Website Name: In this text field, enter a description of the website for which you would like to save the login credentials.
  • Username: In this text field, enter the username associated with the account for which you would like to save your login credentials.
  • Password: In this text field, enter the password associated with the account for which you would like to save your login credentials.
  • URL: In this text field, enter the URL of the website for which you would like to save your login credentials. An example of a URL would be "www.google.com" without the quotation marks.
  • Add custom field: In this optional text field, you may elect to enter additional notes which expand upon your to-be saved login credentials.

Once you have multiple passwords saved, you may search through your saved passwords with the search bar at the top of the Password Vault menu.

One-Time Password Generator

MobileTrust’s® One-Time Password (OTP) Generator allows you to generate both ProtectID and OATH based one-time passwords for two-factor authentication purposes.