MASUser.Login() fails when the Android device has not set the OS locking feature

book

Article ID: 140983

calendar_today

Updated On:

Products

CA Mobile API Gateway CA Rapid App Security

Issue/Introduction

Mobile API Gateway 4.2 - RAS 3.0 - Android 7.1.1  

The Customer mobile app is working properly in many devices, but we found an exception on a specific Android device.

This specific Android device is not using the OS functionality of lock the access to the device with a PIN.

This android device has no any biometric feature.

During the enrollment, the app executes a MASUser.login() using the user credentials but two things occurs simultaneously:

1. an OS popup requires the user to set a PIN

2. the MASUser.login() gets an excpetion with the error ""E/MAS: Unable to access client username:". The complete stack trace is attached to the issue.  

 

 

Environment

Release : 3.0

Component : MOBILE API

Resolution

The Android version which in this case is Android 7.1 . In this version the default storage is KeyStore and access to KeyStore requires the device PIN.

RAS SDK 3.1.03 contains mas-foundation-2.0.00 , the latest MAS SDK.

The behaviour what the user is seeing is normal. If the user does not want to have device PIN, there is a change he/she will have to make to msso_config.json to change the default storage.