> The bank wants to deposit a key for on-line banking or payments. > They want to be sure that in a non-broken/non-rooted system the > key is only usable by application(s) they have granted (but not > necessarily written). This is a legitimate requirement for enterprise > keys as well.
Sure. So the browser (say) hosts or uses to a key store Service. (Obviously we are no longer talking about the standard Android browser.) When the user clicks on a certain kind of link, the browser gets a key from the web server and stores it its storage Service, along with some kind of policy from the server. The policy might be: "Only give this key out to other apps on the device if they are signed with this site's own Android developer certificate." Then, other apps can try to request the key from the storage Service. If they meet the policy requirements for that key, the Service serves out the key. Otherwise, not. http://developer.android.com/reference/android/app/Service.html > The alternative is to lock down the entire device and that is IMO > not a very attractive position. Actually, depending on the expected volume of transactions, it can make perfect sense. Some banks already do ship high-transaction-value clients special laptops for use only with the bank. A $1,000 laptop is a small price to pay to avoid a bunch of phishing and fraud. A $250 Android-based netbook (for example) is even cheaper. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
