When it comes to publishing the App via Apple's App Store, Google's Play Store or Huawei's App Gallery, doing things in the right order can be a bit tricky, since there is the KOBIL's App Integrity Security feature where the Security Server ensures that nobody can tamper with your app before, during or after you download it from the app store. Therefore, here is a description of the recommended sequence of doing things, especially the differences to standard rules of the platform or app stores..
We assume you already created your app with a specific AstAppName and a specific AstAppVersion (set in Start Event) that you now want to upload to the app store.
Add your App in Security Server
If you are about to release an app with a new app name, the app must be added to the Security Server first, see how to add an app to the security server (More specifically, either follow the [instructions for KOBIL Shift Lite)(add_app_shift) or the instructions for KOBIL Digitanium / KOBIL Digitanium+, depending on which of the two platforms you use). Of course, if you are just releasing a new version of an app that already is known to your Security Server, this step is not needed.
Register your App Version in Security Server
Each KOBIL Secured app version must be "registered" in KOBIL's Security Server as a protection mechanism against unauthorized connections from invalid apps, see how to register an app version. For KOBIL Shift Lite follow this set of instructions, for KOBIL Digitanium / KOBIL Digitanium+ follow these instructions.
- Make sure that App Integrity check is disabled. It will be enabled in a later step. (App packages you can download from the app store often are slightly different from what you uploaded, so if you enable integrity check right away, you risk to see invalid registration values being stored in the security server, thus triggering the need to first remedy this before being able to use the published app.)
- Also make sure to use the correct value for the AstAppVersion.
Prepare app upload to app stores
Create new user onboarding credentials for each app store reviewer. Our "standard" is to create a specific userId and either create 10 activation codes (KOBIL Digitanium) or set the authentication method to "password" and set some password (KOBIL Digitanium+ or KOBIL Shift Lite). However, this depends on the customer project and might be different in your case.
⚠️ Note: Onboarding credentials should be valid for 14 days. Add them to the information sent to the app store reviewer.
Once these preliminaries are done, we get to the details that are specific to the different app stores, so please continue with either the iOS section or the Android section. As far as app stores ask for information about cryptography, KOBIL MasterController uses open source libraries and strong standard encryption algorithms.