Requirements

File editor

The customization files must be saved in UTF-8 format. You can use any editor that supports UTF-8.

Operating system

To customize the Mobile Authenticator Studio application you need:

• Microsoft Windows 7 or later

• macOS 10.14.4 or later (Mojave)

• Ubuntu 12.04 LTS or later (Precise Pangolin)

Customizing Mobile Authenticator Studio for iOS requires macOS.

Software

• A Java Standard Edition Development Kit version between 8 and 15 must be used. The Long-Term-Support (LTS) release JDK 15 is supported.
  (download JDK version 8 through 15 from https://cdn.document360.io/038f59a7-abd0-4c14-9de7-3434d28b49fd/Images/Documentation/index.html).

  After the JDK installation, verify that the binary folder of the JDK is in the executable path (e.g. C:\Program Files\Java\jdk1.8.0_5\bin).

• Xcode 11.0 or later (only required for the iOS customization of the application): cf. https://developer.apple.com/xcode/.

Signing Certificates

Depending on the target platform, you may have to sign the content of the customized Mobile Authenticator Studio binaries. By doing so, you can confirm the software provider, ensure that no code has been altered since it was signed, and prevent code replacement.

Each signing certificate must be put in the Customization Tool folder of the targeted platform.

You need to use the correct file names for the folder content to be used for customization.

Android

The APK of the Android edition of Mobile Authenticator Studio must be signed with a self-signed certificate with a validity period of at least 25 years. You need to create a private key which is stored in a Java keystore. This private key will be used to sign the binary.

The AAB of the Android edition of Mobile Authenticator Studio must be signed with either an Upload key, or the App signing key. For more information, refer to https://developer.android.com/studio/publish/app-signing#app-signing-google-play.

In this section, the keytool utility, which is located in the \bin folder of the Java SE JDK, is used to exemplify the signing with Mobile Authenticator Studio for Android devices.

To generate a private key

1. Open a terminal window.

2. Type the following command:

   keytool -genkey -keyalg rsa -keystore keystore.sks -alias ALIAS_NAME -keysize 2048 -validity 10000

   where ALIAS_NAME is the name of the certificate.

3. Type the password for the keystore.

4. Provide information about your company (e.g. name, organization, address) as needed.

5. Type the password for the private key.

   A Java keystore file keystore.sks is generated and contains the generated private key.

The generated Java keystore contains your signing data and must be securely stored.

DO NOT LOSE THIS CERTIFICATE AS YOU WILL NEED THE SAME CERTIFICATE TO GENERATE FURTHER UPDATES OF YOUR APPLICATION. WITHOUT THIS SAME CERTIFICATE YOU WILL NOT BE ABLE TO UPDATE YOUR APPLICATION.

For more information, refer to https://developer.android.com/studio/publish/app-signing#generate-key.

The generated keystore must be located in the folder \CustomizationTool\input\sign\Android of the Customization Tool folder.

To sign the Android binary of Mobile Authenticator Studio

• Use the data as provided during private key generation:

  • The keystore password is the value of the -storepass command line parameter.

  • The certificate name is the value of the -alias command line parameter.

  • The certificate password is the value of the -keypass command line parameter.

iOS

The iOS edition of Mobile Authenticator Studio must be signed with an iOS certificate and linked to a provisioning profile associating the iOS certificate and target devices. Before you can request the signing data, you need to create an iOS developer account.

There are two kinds of iOS certificates:

• The development certificate is used to sign your application during testing.

• The distribution certificate is only used to sign and deploy your application on the App Store.

A provisioning profile is linked to an iOS certificate and lists the devices where an application containing this provisioning profile can be installed.

A distribution provisioning profile has a wildcard and can be installed on all iOS devices, but only using the App Store.

To obtain iOS certificates and provisioning profiles

1. Join the iOS developer program at https://developer.apple.com/develop/.

2. Obtain your iOS certificates (development and distribution) from https://developer.apple.com/account/ios/certificate/certificateList.action.

3. Register your test devices in the iOS provisioning portal at https://developer.apple.com/account/ios/device/deviceList.action.

4. Obtain your provisioning profiles (development and distribution) from https://developer.apple.com/account/ios/profile/profileList.action.

The provisioning profile must be named embedded.mobileprovision and located in the \CustomizationTool\input\sign\iOS folder of the Customization Tool.

To sign the binary

1. Use the certificate identifier of the development or distribution certificate. The certificate identifier is the name of the certificate as displayed in the Keychain Access application (e.g. iPhone Developer: FirstName LastName (xxxxxxxxxx)).

2. Use a provisioning file associated with the used certificate.

Binaries customized with a developer certificate can be deployed on a test device via iTunes. The provisioning profile used to customize the binary must be deployed on the device as well.

For more information about how to deploy an application on the Apple Store, refer to the official documentation at https://developer.apple.com/support/app-store/.

Ensure you have a renewed Apple Worldwide Developer Relations Intermediate Certificate added to the keychain. This applies to enterprise certificates issued after September 1, 2020 as well as all signing certificates generated after January 28, 2021.

For more information refer to the official documentation at https://developer.apple.com/support/expiration/.