Independent Software Vendors (DA)
Before Knox SDK v3.7.1 (API level 34), there were many APIs geared for Independent Software Vendors (ISVs) who wanted to add security features to their apps. However, to call these APIs, apps need the following:
-
Device Admin permission — The ISV app needs to declare the permission
android.permission.BIND_DEVICE_ADMIN
, which provides powerful system-level control over a device, which device users can opt not to grant. Google deprecated the Device Admin (DA) mode of device management. Although ISV apps can continue to request the DA permission, Google no longer recommends it. -
Knox license — ISV apps need to get or activate a Knox license. The Knox framework on a device authenticates apps calling the ISV APIs, and tracks license activations for paid features like DualDAR.
This section describes older Knox features that work under this DA-based use model:
- Attestation
- DualDAR
- Hardware key mappings
- Network Platform Analytics
- Sensitive Data Protection
- Universal Credential Management
For information about the newer ISV APIs that do not need DA permission or a Knox license, see Independent Software Vendors.
Is this page helpful?