M4060: Application Uses Shared User Certificates
M4060 scans the mobile app to determine if it uses shared user certificates, which enable an application to access software and hardware certificates, such as certificates stored on a Smart card. This capability is typically used for financial or enterprise apps that require a Smart card for authentication.
AdminStudio examines the application’s metadata to determine if the feature is part of the application’s primary functionality, and whether it calls the feature’s APIs.
Test Group/Test Category
Best Practices/Mobile Risk Assessment/Windows Mobile Risk Assessment
Severity
- If the application requires the feature as part of the application’s primary functionality, an Error is generated.
- If the application calls the feature’s APIs, a Warning is generated.
See Also