Question: What is MASS?

MASS stands for Mobile Authentication Secure Server. It is the backend part of the Freja Mobile architecture. MASS uses two separate channels to protect users’ identity and data. One channel is for communication with Freja Mobile and another is for communication with the corporate network. This ensures that the end user is protected against threats inherent in using fixed passwords and single channel communication.

Keywords: Freja Mobile/MASS/identity protection

Question: Why does Freja Mobile Core need my MASS certificate?

Freja Mobile Core (FMC) always establishes SSL connection with its server side (MASS). In that sense, we are using certificate pinning to verify that FMC connection is established with the corresponding server. Actually, during the establishment of connection your certificate will be compared with the certificate received from the server.

Keywords: Freja Mobile/FMC/certificate

Question: What key type and encryption algorithm are required for my certificate?

During the key generation process you need to choose:

  • key-type: at least RSA-2048
  • signing algorithm: SHA-256
Keywords: Freja Mobile/key type/encryption algorithm

Question: Which certificate authorities are supported by phones?

Both Android and iOS implicitly trust a number of well known Certificate Authorities (CAs) like Comodo, Symantec, VeriSign, GoDaddy, DigiCert, GeoTrust, GlobalSign, Entrust, etc. However Freja Mobile does not depend on mobile platform’s trusted certificate stores, which are vulnerable to attacks. It uses certificate validation and pinning, requiring the server’s certificate to be embedded in the app and comparing it whenever the connection with the server needs to be established.

Keywords: Freja Mobile/certificate authorities