MASS stands for Mobile Authentication Secure Server. It is the backend part of the Freja Mobile architecture. MASS uses two separate channels to protect users’ identity and data. One channel is for communication with Freja Mobile and another is for communication with the corporate network. This ensures that the end user is protected against threats inherent in using fixed passwords and single channel communication.
Freja Mobile Core (FMC) always establishes SSL connection with its server side (MASS). In that sense, we are using certificate pinning to verify that FMC connection is established with the corresponding server. Actually, during the establishment of connection your certificate will be compared with the certificate received from the server.
During the key generation process you need to choose:
Both Android and iOS implicitly trust a number of well known Certificate Authorities (CAs) like Comodo, Symantec, VeriSign, GoDaddy, DigiCert, GeoTrust, GlobalSign, Entrust, etc. However Freja Mobile does not depend on mobile platform’s trusted certificate stores, which are vulnerable to attacks. It uses certificate validation and pinning, requiring the server’s certificate to be embedded in the app and comparing it whenever the connection with the server needs to be established.