RSA Adaptive Authentication (On-Premise) 7.1 P4 and Later: Google SafetyNet Server Side Validation and Verify Apps Update 

Document created by RSA Product Team Employee on Jan 29, 2020Last modified by RSA Link Team on Sep 22, 2020
Version 6Show Document
  • View in full screen mode

Summary:

RSA announces the following updates to Google SafetyNet for Adaptive Authentication (On-Premise) 7.1 P4 and later:

 

Google SafetyNet Attestation: Server Side Response Validation

To comply with Google security recommendations, Google SafetyNet Attestation response validation can now be performed on the Adaptive Authentication server side component, and collected by the Mobile SDK Data Collection Module.  This option requires the customer to change the configuration in the client application.  Validation on the Adaptive Authentication server side component is performed according to Google recommendations.

To leverage SafetyNet Response Validation on the server side, the Adaptive Authentication SafetyNetValidation component must be deployed.

 

Note:

  • SafetyNet server side response validation is supported only for Adaptive Authentication (On-Premise) 7.1 P4 and later. It is not supported for Adaptive Authentication Cloud or Adaptive Authentication (On-Premise) 13.7 and later.
  • SafetyNet server side validation is independent of the Adaptive Authentication version deployed. The compromised field collected from the Mobile SDK Data Collection Module can be leveraged within Adaptive Authentication using the Mobile Device is Compromised fact in the Policy Management application during rule creation.
  • To incorporate SafetyNet for Adaptive Authentication (On-Premise) 7.1 P4 and later, you must download these files:

For more information, see the RSA Adaptive Authentication Integration Guide, SafetyNet Validation for Adaptive Authentication Mobile SDK Modules chapter.

For more information about configuring the application, see the Adaptive Authentication Mobile SDK Data Collection Module Developer's Guide.


Google SafetyNet Verify Apps

Adaptive Authentication Mobile SDK Modules 4.1 leverages the Google SafetyNet Verify Apps API to detect the device compromised status. This Verify Apps feature is optional, and is implemented using the configuration parameter in the Mobile SDK Data Collection Module.

For Adaptive Authentication (on-Premise) 7.1 P4 and later, the compromised field collected from the Mobile SDK Data Collection Module can be leveraged within Adaptive Authentication using the Mobile Device is Compromised fact in the Policy Management application during rule creation.

For information on integration, see the Adaptive Authentication Mobile SDK Data Collection Module Developer's Guide.

 

For additional documentation, downloads, and more, visit the RSA Adaptive Authentication page on RSA Link.

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes