Entrust Identity App Support
Entrust Identity Enterprise is the new name for the platform formerly known as IdentityGuard.
Entrust Identity App uses Blackberry privileged operations to store data securely, and access the internet to fetch Identity branding. When running the app for the first time, you will be prompted whether to grant Trusted Application Status to the app. You should answer Yes, to allow the app to run as intended.
Beginning May 9, 2012, the Windows Mobile 6.x Marketplace service is no longer available. To replace the service Entrust is now hosting the application download; it is the same version previously available through Microsoft, and there is no need to upgrade.
Entrust Identity App now bundles the .NET Compact Framework component required by the application as part of the download package. Note that this increases the download size to just over 6.7 MB.
- The first step is to download Entrust Identity App to your mobile device. It can be found on the Apple App Store, Blackberry World, and Google Play. For non-Apple devices, you may also be able to download Entrust Identity App directly from the organization where you will use it to strongly authenticate online.
- After you have downloaded the Entrust Identity App, you must activate it and create an Identity. Please consult the website of the organization you wish to use Identity Enterprise with. The organization must have deployed the Identity Enterprise versatile authentication platform to provide this activation.
- Once you have activated Entrust Identity App, you are ready to use it for strong authentication to online and network resources.
What is the Entrust Identity App?
The Entrust Identity App is a next generation mobile application the delivers strong authentication and transaction verification in a convenient application on your mobile device. It is one of many types of authentication delivered as a part of the Identity Enterprise versatile authentication platform, a world leading authentication solution deployed to millions of users today. It is an application that you download for free to your mobile device and activate through a company — such as a bank — that uses Identity Enterprise. After activation, the Entrust Identity App enables you to perform two security functions (depending on the activating company requirement):
- It allows you to securely login in to websites, VPNs etc. by entering a secure one-time passcode generated by Entrust Identity App. This provides added security over your user name and password to help ensure your sensitive information remains safe.
- It allows you to verify transaction details (ex: in a financial transaction it could include the To: From: and Amount: fields) as well as create a corresponding one-time-passcode that can be input in to the web application to confirm the details. This is a highly effective defense against malware attacks such as man-in-the-browser.
How is this different from other vendor's soft tokens?
Entrust Identity App offers a number of features that makes it unique and more effective:
- Entrust Identity App enables users to have a single application with multiple identities, streamlining the process of use for the end user;
- Easy customization of individual identities with the branding of the identity issuer. (ex: Bank A would have their own identity look inside the context of Identity Enterprise). This makes it convenient for you to pick the right identity for what you are doing.
- Entrust Identity App is more than a traditional soft token. It also includes out-of-band transaction notification and verification. This is a key defense against Man-in-the-Browser and other attacks.
What is an Identity?
While sharing a common application (Identity Enterprise), each issuing organization (a bank, your employer, a healthcare organization, etc) can have their own soft token identity within the application, each with its own branding, one-time-passcode generation etc. This is the concept of an Identity.
Can Identity Enterprise support multiple identities?
Yes, Identity Enterprise can support multiple Identities. This allows a you to conveniently access multiple soft tokens from different organizations from one highly usable application.
What platforms are supported?
The following mobile devices and versions are currently supported by Entrust Identity App:
Platform & Supported Versions
- Apple iOS (iPhone, iPod Touch, iPad) -> iOS 7.0 and later
- BlackBerry -> BlackBerry OS 4.2.1, 4.5.x, 4.6.x, 4.7.x, 5.0.x, 6.0.x, 7.0.x, 7.1.x
- BlackBerry 10 -> BlackBerry 10 OS 10.1 and later
- Google Android -> Google Android 2.3 and later
- J2ME -> MIDP v2.0 / CLDC 1.1
- Windows -> Windows Mobile 6.0, 6.1, 6.5.x with .Net Compact Framework v3.5
- Windows Phone 8 -> Windows Phone 8, Windows Phone 8.1
How much does it cost?
The Identity Enterprise mobile application is free to download from the appropriate mobile application store.
How do I activate an Identity in Entrust Identity App?
Entrust Identity App can only be used to authenticate in conjunction with the Identity Enterprise versatile authentication platform. To use the Soft Token functionality, you will need to create an Identity and activate the token. Once you have downloaded the application please consult the organization you wish to use Identity Enterprise with for activation instructions.
I'm having trouble activating the Entrust Identity App.
Where should I go for help Support for Identity Enterprise is obtained through the help desk or help website of the company you are trying to activate the product for.
What is the Entrust Transaction Notification Service?
The Entrust Transaction Notification Service (or TNS) is a subscription service that helps to 'wake up' Identity Enterprise on an individual user's device and notify them that new transaction details are available for retrieval. It does not use SMS to deliver this functionality.
How does Transaction Notification work?
A typical notification process will be:
- The user initiates a transaction on a website that requires confirmation through a mobile device.
- The user's mobile device will receive a message that wakes up the individual user's mobile device, letting them know that a message containing transaction details is waiting for them. Alternatively the user can open their Identity Enterprise application to begin step 3.
- Entrust Identity App on the user's device will retrieve the transaction details directly from the Identity Enterprise server at the deploying organization's website.
- User reviews the information and acts on the details accordingly.
Note: the above steps are all completed transparently, typically in a matter of seconds. The user does not need to do anything besides steps 1 (initiate the transaction) and 4 (act on the final information).