Question: Enterprise Wallet

TalaoDAO / AltMe

Talao / Altme wallet : Open source Self Sovereign Identity wallet. Multi ecosystem support : EBSI conformant. ARF EUDI wallet implementation, DIIP and more.

https://talao.io

Apache License 2.0

42 stars 13 forks source link

Question: Enterprise Wallet #2893

Open jdsika opened 2 days ago

jdsika commented 2 days ago

Can I enforce through a configuration on the iphone that the installed altme wallet from the app store is only usable/configurable with a dedicated enterprise wallet configuration?

ThierryThevenet commented 2 days ago

@hawkbee1

hawkbee1 commented 2 days ago

I'm not certain I understand @jdsika . You speak about a configuration before the user install the app ? Why on iphone only ?

Once the user get his enterprise configuration he can't remove it without a reset of the wallet.

A configuration beforehand could be done through the installation link. We thought about such configuration some years ago but it was implying to much data given to apple and google, more than we wanted.

jdsika commented 2 days ago

We only use iPhones at BMW - I just wanted to narrow down the scope to reduce complexity.

What you say is that I should block the installation via the official Apple store and use the BMW internal app store using the individual installation link that is provided?

jdsika commented 1 day ago

tagging @HugoNDO as well.

Assume the following sceanario: Altme provides a wide variety of features and supported networks. Only a few of the features and networks are allowed to be used at a specific company. E.g. only Ethereum, no Defi, specific jwt vc protocol version

The IT is responsible to check the security of the application itself and its safe usage by the employees. The IT department will ask for:

terms of service
licenses
documentation
audit reports
origin of company, etc
process definitions of how the app is installed and used

The IT department now asks: How can you ensure that this application is ONLY used in the above specified limited scope?

The answer could be: I document the limited scope and the user is responsible to do it right. (weak) I document the scope and the application is always installed with those restrictions in place (strong)

I am trying to figure out how you intended to solve this issue/question in order.

Best regards Carlo

hawkbee1 commented 1 day ago

We only use iPhones at BMW - I just wanted to narrow down the scope to reduce complexity.

What you say is that I should block the installation via the official Apple store and use the BMW internal app store using the individual installation link that is provided?

I was speaking of deferred deep linking. (https://www.optimove.com/resources/learning-center/deferred-deep-linking)

BMW has an internal app store? You mean they have the enterprise program? (https://developer.apple.com/programs/enterprise/) In this case the best would be, probably, to add a custom Altme in the internal appstore. Doing such you gain:

Best ease of installation
A better control of the scope of the app
BMW can decide when the app is updated