CAB-13 013, CCA Android Manual, Rev O - Cryptify

Rev O

Manual

CryptifyCallapplicationforAndroid

SecuringCommunication

CCA-13:013,CCAAndroidManual,RevO 2(36)

TableofContents

SCOPE 3

PRE-REQUISITES 3

INTRODUCTION 4

PROCEDURES 5INSTALLATIONANDCONFIGURATION 5INSTALLCRYPTIFYCALL 5PROVISIONINGUSERCREDENTIALS 5MAKEASECURECALL 6CREATINGANDSHARINGCONTACTLISTS 8ANSWERANINCOMINGSECURECALL 11DURINGACALL 12ADDINGFAVORITES 13CONFERENCECALLS 13PARTICIPATINGINACONFERENCECALL 13HOSTINGACONFERENCECALL 14SECURETEXTMESSAGES 16GROUPS 19MANAGINGAGROUP 20JOININGAGROUP 24BEINGAGROUPMEMBER 25CHANNELS 27CRYPTIFYTESTCALL 28THEADVANCEDMENUANDMESSAGEPINLOCK 29APPLICATIONUPDATE 30MANUALKEYREMOVAL/REPLACEMENT 31

CONFIGURATION 32APPLICATIONSPECIFICCONFIGURATION 32

TROUBLESHOOTING 33REASONCODES 33FAQ 34



ScopeThisdocumentdescribeshowtoinstall,configure,operateandmaintaintheCryptifyCallapplicationforAndroid.TargetaudienceisendusersofCryptifyCall.

Pre-requisitesAphonerunningAndroid4.4orlater,preferablythelatestversionofAndroidshouldbeused.



IntroductionCryptifyCallvoiceandmessagingencryptionforAndroidisapprovedbyCESGforHMGcommunicationatlevelRESTRICTED/OFFICIAL.UsingCryptifyCallisassimpleasmakinganordinaryphonecallorSMS.CryptifyCallhaveafamiliaruserinterface,andisusingtheordinaryphonenumbers.Thesolutionworksinparallelwiththeordinaryfunctionsofthephoneenablinguserstochoosewhethertomakeasecureoranordinarycall.CryptifyCallisusingMobileDataserviceinexistingmobilenetworksandcomplementingWi-Fiinfrastructures.BeingabletouseWi-FiinadditiontotheMobileDataservicesensuresacost-efficientsolutionthatprovidesevenbetteravailabilitythanregularmobilevoiceservice.SubjecttoauthorizationbytheCMSoftherespectiveorganization,userscancommunicatewithusersbelongingtootherorganizationsinaend-to-endencryptedandauthenticatedmanner.CryptifyCallisbuiltonreliablestandardsandprotocolsenablingmulti-vendorinteroperability.Thecomprehensivesecurityofthesolutionisbasedonwell-provenstandardalgorithmsandprotocolssuchasAdvancedEncryptionStandard(AES),MIKEY-SAKKE,andSecureReal-timeTransportProtocol(SRTP).IMPORTANT!ToreceivecallsandmessagestheCryptifyCallapplicationmustberunning.Theapplicationisdesignedtoalwaysrun,itwillnotdrainthebatteryandthereisnormallynoreasontoturnitoff.Note!CryptifyCallisaVoiceoverIP(VoIP)solutionandrequiresanInternetconnectiontowork,eitherWi-FiorCellularData.Incaseoftravellingabroad,pleasemakesureDataRoamingisenabledonthecellularservice!Note!WhenusingCryptifyCall,pleasefindasecludedplacetotalk.Thismightbeobviousbutcaneasilybeforgotten.



Procedures

InstallationandconfigurationTherearetwomainwaysinwhichAndroiddevicesareusedinenterprises;administratorsmayhavesetupthedeviceswiththeCryptifyCallapplication,andotherapps,beforedeliveringthemtoendusers,orendusersmaybeabletoinstallandupdatesappthemselves.

InstallCryptifyCallIfusersarepermittedtoinstall,updateormodifytheappsontheirAndroiddevices,theycaninstallCryptifyCallapplicationonthedevicebyopeningthe

GooglePlayStoreapp ,downloadingandinstallingtheCryptifyCallapplicationbyselecting"CryptifyCall"fromthesearchtabandclickingtheinstallbutton.Otherwise,iftheCryptifyCallappisnotinstalled,usersshouldasktheiradministratorstoprovisionitforthem.

ProvisioningusercredentialsThefirsttimetheappisinstalledonthedeviceitmustbeprovisionedwithusercredentialsbeforeitcanbeused.TheusercredentialsisencodedinaQRcodeprintedonaninitiationletter.Theinitiationletterwillshallbedeliveredtotheuserinasafeway,forexamplebyregisteredpost.Toprovisiontheapp,starttheCryptifyCallappandusetheembeddedscannertoreadtheQRcodeprovidedintheinitiationletter.

Itisrecommendedthattheinitiationletterbedestroyedoncesuccessfullyscannedinordertoensurethecredentialsdon’tgetintothewronghands.



MakeasecurecallMakingasecurecallisaseasyasdialingthenumberofthepersontocall,andnormallythenumberisthesameasthemobilenumberforthatperson.TheonlyrequirementisthatbothpartiesuseCryptifyCall.Thenumbercanbeenteredusingthedialpad.

An alternative method to make a secure call is to use the Speed dial where favorites and frequently called numbers are displayed. A secure call can be initiated directly from the Speed dial.



The application also has a Recents view where the call log is listed, and a Contacts view displaying all contacts available to the app. Contacts are sourced from the contact book stored on the phone and from distributed contact lists. A secure call can be initiated from the Details view of a selected contact.



TappingthelistsiconontheContactstabshowsallavailablecontactlists.Liststhatareenabled–thatis,areusedasasourceofcontacts–aremarkedwithacheckmark.Toenableordisablealist,tapthelistandtogglethe“Enabled”switch.Sharedcontactlistsareautomaticallykeptup-to-date,andtounsubscribefromfutureupdatesyouneedtocontacttheadminofthelist.Newlistsappearinboldface.

CreatingandsharingcontactlistsContactlistscanbecreatedwithintheCryptifyCallapp,andoptionallysharedwithotherusersinasecuremanner.Tocreateanewcontactlist,tapthe“+”buttonandenteranameforthecontactlist.



Tomodifytheentriesofthecontactlist,tap“Contacts”andthentheeditbutton.

Toaddanewcontact,tapthefloatingactionbuttonandselecteither“Createnewcontact”,tomanuallycreateanewcontactlistentry,or“Pickfromcontacts”tocopyexistingcontactsfromothercontactsources,includingthenativephonebook.



Similarly,thelistofsubscribers–thatis,thosewhowillreceivethecontactlist–iseditedbytapping“Subscribers”.Asbefore,onlyacontactlistthatismarkedas“Enabled”isusedasacontactlistsource,butevendisabledlistsaredistributedtosubscribers.



AnsweranincomingsecurecallAnincomingsecurecallwillbedisplayedtogetherwiththenumberofthepersonwhoiscallingandtheSecurityDomainthatpersonbelongsto.Ifthereisacontactavailableinthedeviceforthatnumber,thecontactnameisdisplayedinsteadofthenumber.

Thecallisacceptedbyswipingtheacceptbuttontotheright,orrejectedbyswipingthehang-upbuttontotheleft



DuringacallWhenasecurecallisactivetheuserispresentedwithrelevantinformationabouttheongoingcall,andcanoptionallyaddathirdparty.

TheNetworkQualityindicatorshowsthequalityofthedataconnection,whichmightdifferfromthesignalstrengthindicatorprovidedbyAndroid.Anexampleiscellcongestions;wherethesignalstrengthmightbeexcellentbutnodatacanbetransmittedoverthecellularnetwork.

SecurityDomainoftheotherparty

Mutebutton(toggle)

Keypad(tosendDTMFtones)

Warning,ifusingBluetoothHang-upbutton

NetworkQualityindicator

AudioSpeaker(toggle)

Name/Numberoftheotherparty Callduration(minutes:seconds)

Addthirdparty

ToggleBluetooth



AddingfavoritesTheusercanaddfavoritestotheSpeeddialviewbyselectingthefavoriteicon.Favoritesareremovedbyuncheckingthefavoriteicon.

ConferencecallsInadditiontothree-partycalls,CryptifyCallalsosupportssecure,end-to-endencryptedconferencecalls.Participatinginasecureconferencecallisjustaseasyascallingaregularconferencebridge,andaconferencecallhostcontrolswhichcallersareallowedtojointheconferencecall.

Participatinginaconferencecall

Toparticipateinaconferencecallyousimplydialthesix-digitnumbergiventoyoubytheconferencecallhostonthedialpad,prefixedby“##”.Whileyouwaitfortheconferencecallhosttoacceptyourparticipation,thecallscreendisplays“Waitingforhost”andanordinaryringbacktoneisplayedinthespeaker.Onceacceptedbythehost,theringbacktonestopsandthedurationtimerstarts.



Toviewthelistofallparticipantsthatthehosthasallowedtojointheconferencecall,tapthe“Participants”button.

Hostingaconferencecall

Tohostaconferencecall,youmustfirstcreateaconferenceroom.Aconferenceroomisidentifiedbyasix-digitnumber,whichthesystemautomaticallygenerates.Onceaconferenceroomhasbeencreated,itcanbeusedindefinitely.Tocreateaconferenceroom,select“Conferences”underthe“More”menu,tapthe“+”buttonandconfirmthecreation.Anewconferenceroomisthencreatedandassignedarandomlyselectednumber,whichisusedbyparticipantstojointheconferencecall.

Ifdesired,youcancreatemultipleconferenceroomsandusethemfordifferentmeetings,butyoucanonlyhostoneconferencecallatatime.Toremoveaconferenceroom,simplylongpressthedesiredrowandtapthedeletebutton.Itisnotpossibletorecreateaconferenceroomonceithasbeendeleted;insteadanewconferenceroomwithanewnumbermustbecreated.



Theconferenceroomnumberisdistributedtotheparticipants,alongwiththedateandtimefortheconferencecall.Astheconferenceroomnumberplaysnoroleinthesecurityoftheconferencecall,thenumbercanbedistributedtotheparticipantsinanyform,forinstanceviaemailorbyusingasharedcalendar.Whentheconferencecallshouldbegin,thehostsimplydialstheconferenceroomnumberonthedialpad,prefixedby“##”,orusesthecallbuttoninthelistofconferences.Thisautomaticallystartstheconferencecall,buttherearestillnoparticipantsapartfromthehost.

Whenparticipants–eitherlatecallersorparticipantswhohavebeenwaitingforthehost–aretryingtojoin,thehost’sphonevibratesandacallwaitingtoneisplayedinthespeaker.Toacceptthecallerintotheconference,taptheblueacceptbutton.Ifthecallershouldnotbeallowedintotheconference,longpresstherowandtapthe“Decline”button.Acceptingacallerintoaconferencecallisaone-wayprocess,anditisnotpossibletoforceacallertoleavetheconferencecall.Forthisreason,userswhohavebeenacceptedintotheconferencecallarealsoautomaticallyacceptediftheylosenetworkconnectivityandcallintotheconferenceagain.Thelistofallparticipantsacceptedtojointheconferenceisavailablebytappingthe“Participants”button.Notealsothattheentireconferencecallisprotectedbyasecretrandomlygeneratedbytheconferencecallhosteachtimeheorsheopenstheconferencecall.Iftheconferencecallhosthangsup,thentheconferencecallcontinues,butnewparticipantscannotbeaccepted.Shouldtheconferencecallhostdialinagain,theconferencecallwillstartanewafterabriefinterruption.Bestpracticeforallowinganexternalparty,say,toparticipateonlyinthelatterpartofaconferencecallistomaintaintwoconferencerooms,andmovetothesecondconferenceroomwhentheexternalpartyshouldjoin.



SecuretextmessagesTostartanewconversation,tapthenewmessagefloatingactionbuttonintheMessagesviewortapthenewmessagebuttonontheContactDetailsview.

To post a new message in an existing conversation, open that conversation and select the input field to bring up the keyboard. To attach an image or a video to the message, tap the paper clip and select an image from the phone’s library or take a new picture or video. Press the send button to send.



Theadministratorcanlimitforhowlongmessagescanbeviewedintheapp,inwhichcasemessagesexpireataspecificpointintime.Notethatmessagesmayexpirebeforetherecipienthasviewedthem.Themaximumlifetimecannotbeincreased,butitispossibletoselectashortermessagelifetimebyselecting“Messagelifetime”fromtheoverflowmenu.

Amessagethatwillexpireismarkedwithatimericonnexttothemessagetimestamp.Toshowwhenthemessagewillexpire,longpressthemessageandselect“Status”.Thestatusofanoutgoingmessageisdisplayednexttothetimestamp:

• Sending–themessageisbeinguploadedtotheserver.• Sent–themessagehasbeentransferredtotheserver.• Delivered–themessagehasbeendeliveredtotherecipient.• Read–therecipienthasopenedtheconversation.• Failed–sendingthemessagefailed;longpressthemessageandselect

“Status”formoreinformationor“Resend”toimmediatelytryagain.Toshowthesender’scomposetimeofanincomingmessage,longpressthemessageandtap“Status”.Ifthistimestampdiffersmorethan5minutesfromwhenthemessagewasreceived,awarningiconisshown.



GroupsThegroupconceptinCryptifyCallenablescontactslistsmanagementaswellastheabilitytosendandreceivegroupmessages.Thepersonwhocreatesthegroupisalsotheadministratorofthegroup.Tocreateagrouptheadministratoraddscontactswherebyaninvitationwillbesent.Uponacceptanceoftheinvitationthecontactbecomeamemberofthegroup.Membersofthegroupwillbeupdatedofchanges,e.g.whennewmembersarriveandwhenmembersleave.AgroupcanconsistofmembersbelongingtodifferentSecurityDomains.NB!IncasemembersbelongtomultipleSecurityDomainstheymustallbeconnectedwitheachotherforgroupmessagingtowork,i.e.itisnotsufficientthatonlytheadministrator’sdomainisconnected.Toviewandeditgroups,taptheGroupsiconintheMessagesview.

GroupsforwhichyouaretheadministratorarelistedundersectionAdministrator,groupswhereyouareamemberarelistedundersectionMember,andpendinginvitationsarelistedundersectionInvitations.Groupswhereyouarenolongeramember,eitherbytheinitiativetoleavethegroupyourselforremovedbytheadministrator,arelistedunderthesectionOther.



ManagingagroupTocreateanewgroup,selectthenewgroupfloatingactionbutton.Theonecreatingthegroupwillalsobetheadministratorofthegroup.Typeanameforthegroup,andstarttoaddcontacts.Contactsarepickedfromthenativeaddressbookoftheyourdevice.NB!ThegroupnamecannotbechangesafterwardsPressINVITEwhenready.Eachcontactwillreceiveaninvitationthatmustbeacceptedtojointhegroupasamember.



TovieworchangethepropertiesofagrouppleaseopentheGroupDetailsview.

ModifythegrouppropertiesbytappingtheEditbutton.Ineditmodememberscanbeaddedordeleted.



Thereisalsoanoptionto“refreshgroup”tomanuallytriggeraresendingincasenetworkerrorshaveoccurredwheninviteorgroupupdateswassentout.



ThestatusofeachmemberislistedandcanbeanyofthefollowingStatus DescriptionInvitationsent AgroupinviteissentbutnoanswerreceivedyetReady Memberisup-to-dateUpdatesent Agroupupdateissentbutnotyetconfirmedby

member.WhenreadyselectDonetoconfirmchangesandupdatethegroup,orbacktocancel.TheadministratorcanalsodeletethegroupbyselectingDeleteGroup.



JoiningagroupTojoinagroupyoumustbeinvitedbytheadministratorofthegroup.Onlywhentheinvitationisacceptedwillyoubeamemberofthegroup.Intheinvitationtheadministratorhavesuggestedanameforyou.Thisisthenamethatwillbeusedinthecontactinformationforyouinthatgroup.Pleasevalidatethefollowingbeforeacceptinganinvitation:

• Yournameiscorrect• Youtrusttheadministrator• Thegroupnameisnotmisleading



BeingagroupmemberAsamemberyoucansendandreceivegroupmessages.TapthemessagefloatingactionbuttonwithintheGroupDetailsviewtosendanewmessage.GroupconversationsarelistedintheMessagesview.Amembercanviewthehistoryofthegroupmembership,i.e.viewmembersthathavejoinedorleftthegroup.Pleasenotethatamembercannotvieweventsthatoccurbeforejoiningorafterleavingthegroup.



Eachreceivedmessageismarkedwiththeidentityofthesenderaswellasatimestampofwhenthemessagewasreceived.

Toviewthedeliverystatusapostedmessage,longpressonthemessagetobringupapopovermenuandselectStatus



ChannelsInadditiontoGroups,CryptifyCallalsosupportssocalledchannels,whicharemessagegroupsthatarecentrallymanagedbytheCMSoperator.Channelsareparticularlywellsuitedforlargegroups,suchaseveryoneinanorganization,andthereisnoextrastepwheretheuseracceptsordeclinesmembership.ChannelsareshowninthelistofGroupsunder“Member”andworkjustasregularmessagegroups.However,aschannelssupportsthousandsofusers,itisforperformancereasonsnotpossibletoseewhenaparticularuserhasreceivedorreadamessage.

Bydefault,andjustasforregulartextorgrouptextmessages,eachincomingmessagetoachannelrendersanotification.Itis,however,possibletomuteachannel,whichpreventsnotificationsonincomingmessagestothatchannel.Onlythenotificationisblocked,ensuringthatthemessagescanbereadiftheyaredecryptedwithin14days(unlesspreventedbymessageexpiry).Itisalsopossibletoconfigurethatincomingmessagestoachannelshouldbediscardedimmediatelywhenreceived,withouteverbeingdecryptedornotified.Discardedmessagesarepermanentlydeletedandcannotberetrievedatalatertime.Ifadeviceistobeofflineforanextendedperiodoftime,itisrecommendedtoconfigureanyhightrafficchannelstodiscardincomingtraffic.Otherwise,oncethedevicegoesonline,theappmaybecomeunresponsivewhileitdecryptsthemessagesthathavebeenqueuedup.ThechannelsettingsarealsovisibleunderSettings>Channels.



CryptifyTestCallAusercanmakeaCryptifyTestCalltoverifythecallquality.IntheMoremenuselectCryptifyTestCallandfollowtheaudioinstructions.



TheAdvancedmenuandmessagePINlockIntheMore–menuselectAppdetailstodisplaydetailedinformationoftheCryptifyCallapplication.ThemessagetabcanbelockedwithaPINcodebytapping“Lock”andenteringa4digitPINcode.IfthePINcodeisforgotten,themessagetabcanbeunlockedwithaPUKcodeavailableintheCryptifyManagementSystem.

Name DescriptionPublicID ThisistheuserspubliccryptographicidentitySecurityDomain

ThisistheidentityoftheCryptifyManagementSystem(CMS)thathasissuedthecryptographickeysfortheuser

CRSAddress ThisistheFullyQualifiedDomainName(FQDN),orIPaddressoftheCryptifyRendezvousServer(CRS)servingtheuser

Keys Validkeysarelisted.Therecouldbetwokeysduringthegraceperiod.SyntaxisYYYY-MM-XXXXXXXXX,whereYYYY-MMistheyearandmonththekeyisvalid

NB!EraseKeydatawillprompttheusertoeraseallcontentandsettingsfortheCryptifyCallapplication!TheappwillnotbeusableuntilanewQRcodehasbeenscanned.



ApplicationupdateToguaranteefullfunctionalityandsecuritywithintheapplicationitisimportantthatuserskeepCryptifyCalluptodate.Ifusersarepermittedtoupdatetheirapps,theywillreceivenotificationsfromthePlayStorewhenanewversionisavailable.WhenthePlayStoreindicatesthatanupdateisavailable,theusershouldopenthePlayStoreapp,selecttheupdatetab,andclicktheupdatebuttonforCryptifyCallifshown.PlayStoreenablesautomaticupdatesofapps.Todisableautomaticupdates,pleaseopenGooglePlayStore.

Allapps• Menu->Settings• Un-check“Auto-updateapps”

CryptifyCallspecifically• Select“CryptifyCall”under“Myapps”• Menu->uncheck“Auto-update”

Otherwise,administratorsforthelocalsystemmayasktoupdatetheappswhentheseupdatesareavailableonbehalfoftheirusers.



Manualkeyremoval/replacementThisprocedureisincasethekeysshouldbedeletedfromthedevice,oriftheCMSadministratordecidestoperformamanualkeyreplacement.Normallykeysareupdatedautomaticallywithoutanyuserintervention.IntheMoreview,selectAppdetailsandthenErasekeydataandpresstheYESbutton.

TheapplicationwillnowsearchfortheQRcodecontainingthekeyupdate.NB!ErasekeydatawillprompttheusertoeraseallcontentandsettingsfortheCryptifyCallapplication,includingstoredmessages,callhistory,andstoredfavorites!NewkeysmustbereceivedbytheuserintheformofaQRcode,seeProvisioningusercredentialsabove.



Configuration

ApplicationspecificconfigurationParametersthatcanbeconfiguredbytheusersarepresentedintheSettingsmenuRingtoneThisistheringtoneplayedduringincomingcalls.Theusercanselectfromalistofdifferentringtones.NotificationsoundThisisthesoundplayedduringincomingmessages.Theusercanselectfromalistofdifferentringsounds.



Troubleshooting

ReasonCodes

UnsuccessfulcallestablishmentReasonCode DescriptionNotFound Thereisnomatchforthecallednumber.

EitherthecallednumberdoesnothaveaCryptifyCallsubscription,orthecallednumberbelongstoanotherCryptifyCalldomainnotconnectedtocallers’domain.TorequestanotherCryptifyCalldomaintobeconnected/approved,pleasecontactYourlocalCryptifyCallsupport.

NotAvailable Thecallednumberiscurrentlynotconnectedtothesystem,e.g.whenthephoneispoweredoff,orinairplanemode,orifthecalledpartyhavemanuallyterminatedtheCryptifyCallapplication.

Busy Thecalledpartydeclinedthecall,oriscurrentlyoccupiedbyanothercall,eitheranordinarycallorasecureCryptifyCall.

CommunicationFailure Thiscouldbecausedbyanincompatiblesoftwareversion.PleasemakesureYourandcalledparty’sCryptifyCallapplicationsareup-to-date.IfthishappensrepeatedlypleasecontactYourlocalCryptifyCallsupport.

AuthenticationFailure Cryptographicfailure.PleasecontactYourlocalCryptifyCallsupport!

NoAnswer Thecalledpartyhasnotansweredthecallwithinoneminute.

DroppedcallReasonCode DescriptionNetworkFailure Noaudioreceivedthelast30seconds.Thenetwork

problemcouldbeeitheryou,ortheotherparty.Thisproblemisnormallytriggeredwhengoingoutofcellularcoverage,e.g.abuilding,underground,etc.

UnsuccessfulmessagingReasonCode DescriptionFailed,usernotfound Thereisnomatchfortherecipientnumber.

EithertherecipientnumberdoesnothaveaCryptifyCallsubscription,orthatnumberbelongstoanotherCryptifyCalldomainnotconnectedtocallers’domain.TorequestanotherCryptifyCalldomaintobeconnected/approved,pleasecontactYourlocalCryptifyCallsupport.



Failed,badnetwork Severalfailedattemptstosendthemessage.Thisiscausedbyunstablenetworkconnection.IfYouareusingWi-Fi,pleasedisableWi-Fiandtryagain.IfthishappensrepeatedlypleasecontactYourlocalCryptifyCallsupport.

Failedtoauthenticate Cryptographicfailure.PleasecontactYourlocalCryptifyCallsupport!

Failed,invalid Thiscouldbecausedbyanincompatiblesoftwareversion.PleasemakesureYourandcalledparty’sCryptifyCallapplicationsareup-to-date.IfthishappensrepeatedlypleasecontactYourlocalCryptifyCallsupport.

Failed,nosupport Thiscouldbecausedbyanincompatiblesoftwareversion.PleasemakesureYourandcalledparty’sCryptifyCallapplicationsareup-to-date.IfthishappensrepeatedlypleasecontactYourlocalCryptifyCallsupport.

FAQQ: WhydoIgetafailurewhenscanningaQRcode?

A: FailuretoscanaQRcodecanbesubcategorizedintothefollowing

subcategories1. Videoqualityproblem

Symptom:TheappisunabletodetecttheQRcodeandkeepsonrecording



Description:ifthecapturedvideofeeddoesnothavehighenoughqualityitwillnotbepossibletodecodeimagescontainingtheQRcode.Remedy:ThisisnormallyduetoamalfunctioningcameraordistortedpapercopyoftheQRcode.

2. QRcodenotcreatedbyaCryptifyManagementSystemSymptom:Errormessagestating,“NovalidQRcodedetected”Description:theCryptifyCallappwillonlyacceptaQRcodethatiscreatedbyaCryptifyManagementSystemRemedy:PleaserequestaQRcodefromyoursystemadministrator

3. ObsoleteappversionSymptom:Errormessagestating,“NovalidQRcodedetected”Description:IncasethesystemadministratorenablesmandatorypoliciesonlyCryptifyCallversioncompliantwithsuchpolicieswillaccepttheQRcode.Remedy:PleaseupdatetothelatestversionoftheCryptifyCallappintheGooglePlayStore.

Q: Whydoesn’tmyappgetthemonthlyupdate?A: Failuretogetmonthlyupdatecanbesubcategorizedintothefollowing

subcategories1. Networkproblem

Symptom:“Unabletoconnect”intheCryptifyCallservicenotificationDescription:TheappmustbeabletoconnecttotheCryptifyRendezvousServerinordertodownloadnewupdatesandtousetheCryptifyCallservice.Remedy:PleaseacquirenetworkconnectivityinorderforthedevicetoconnecttotheCryptifyRendezvousServer

2. ObsoleteappversionSymptom:KeyfortheperiodisnotlistedunderMore->Appdetails.KeysforSeptember2017willhavethesyntax“2017-09-NNNNNNNNNN”Description:IncasethesystemadministratorenablesmandatorypoliciesonlyCryptifyCallversioncompliantwithsuchpolicieswillaccepttheupdate.Remedy:PleaseupdatetothelatestversionoftheCryptifyCallappintheGooglePlayStore.

3. ChangedupdatekeySymptom:KeyfortheperiodisnotlistedunderMore->Advanced.KeysforSeptember2017willhavethesyntax“2017-09-NNNNNNNNNN”Description:Incasethesystemadministratorhasdeletedtheaccountorperformeda“re-key”operationtheexistingupdatekeystoredisnolongervalid.



Remedy:PleaserequestaQRcodefromyoursystemadministrator

CAB-13 013, CCA Android Manual, Rev O - Cryptify

Documents

Transcript of CAB-13 013, CCA Android Manual, Rev O - Cryptify