Skip to main content


Access TokenThese token allows internet users to access applications, services, websites, and application programming interfaces (APIs) without having to enter their login credentials each time they visit.
ActivationProcess to activate a user account in a KOBIL Secured App on a Device.
Activation OTPOne Time Password sent in Activation process via a second channel (e.g. EMail) to the user.
AST ClientThe activated user account in a KOBIL Secured App. If a user activates his account on multiple Devices, multiple AST Clients are created.
AST PropertiesProperty values bound to user account or AST Client, stored and transported securely via Security Server.
AST ServicesSecurity Server in KOBIL Shift based environments.
Client MonitoringService to collect and visualize error data (e.g. crash reports, logical errors) and performance analyzing data of apps. KOBIL recommends to use, available as external cloud service or on-premises.
DeviceThe smartphone of a user, where a KOBIL Secured App is installed.
KOBIL DigitaniumKOBIL Secured environment using SSMS on server side.
KOBIL Digitanium+KOBIL Secured environment using KOBIL IDP and SSMS on server side.
IDP-Token Login with AST ServicesLogin mode in KOBIL Shift or KOBIL Shift Lite based environments.
IDP-Token Login with SSMSLogin mode in Digitanium+ based environments.
KOBIL IDP (aka Identity Provider)Identity Provider based on Keycloak, extended with KOBIL Security and connected to Security Server, so only proven user devices get access to the system. It provides User authentication for Single-Sign-On for all KOBIL services, Step-up User onboarding with increasing trust levels, user consent management and user self service.
KOBIL PortalRole based Web UI for manage and monitor a KOBIL Shift environment. Not used for KOBIL Digitanium or KOBIL Digitanium+, here Web UI of KOBIL IDP and SSMS is used.
KOBIL Security (aka KOBIL Secured)Different client and server side techniques to protect users identity and it's data against (e.g. KOBIL Hardening shields the app against other apps, device binding, app integrity checks, PKI, obfuscation).
KOBIL Secured AppApps using MC and MCW to benefit from KOBIL Security.
KOBIL ShiftKOBIL Secured environment using KOBIL IDP, AST Services, SCP Notifier and services on server side. In addition to KOBIL Shift Lite it also allows features for KOBIL SuperApp that are not supported with MC SDK like KOBIL MiniApp, KOBIL Connect (Chat, PDF Document Signing) and KOBIL Pay.
KOBIL Shift LiteMinimal set of services to support all MC SDK features like KOBIL Security, KOBIL Transaction Signature and KOBIL Trusted WebView.
KOBIL Transaction Signature (aka TMS)PKI-based transaction authorization solution.
KOBIL Trusted WebView (aka TWV)Software stack to add additional security WebView inside a KOBIL Secured App, e.g. SSL/TLS certificate pinning.
LoginProcess to login with an already activates user account.
MaverickDevelopment name of AST Services.
MC (aka MasterController)Easy to use software development kit that allows the app to communicate with Digitanium, Digitanium+ or KOBIL Shift services in a secure manner. MC and all of it's sub components are written in C++.
MCW (aka MC-Wrapper)API wrapper to access MC API written in C++ by apps written in iOS-Swift, iOS-Objective-C, Android-Kotlin or Android-Java.
MC SDK (aka MasterController SDK)SDK package (MC and MCW), documentation and GettingStartedApps for external developer that wants to write KOBIL Digitanium, KOBIL Digitanium+ or KOBIL Shift Lite apps for iOS-Swift, iOS-Objective-C, Android-Kotlin or Android-Java.
Offline TokenOffline Tokens are a kind of longliving refresh token, they are used to request new Access Token and Refresh Token.
Pin Login with SSMS (aka 'Classic AST Login')Login mode in Digitanium based environments.
Push Notification TokenToken created for an app installation, sent via MC and SSMS or SCP Notifier, so push notifications can be sent via push notification provider.
Refresh TokenToken to request new Access Token.
RegistrationProcess to create a user account for a user.
SCP NotifierService for KOBIL Shift to send push notifications via push notification provider (Apple's APNs, Google's FCM or Huawei's HPK) to Devices.
Security ServerServer side of KOBIL Security that manages and protects KOBIL Secured Apps, user identity and user data. It's included in process to create IDP-Token.
SSMSSecurity Server and push notification service in KOBIL Digitanium or KOBIL Digitanium+ based environments.
TenantThe users in our environment can be managed in separate groups where each group can be managed by their own administrator(s) - the tenant - and each group can have their own group specific apps. KOBIL Digitanium or KOBIL Digitanium+ based environments have a master tenant which can manage all the other tenants, while the Shift services provide tenants which are independant from each other.
TelemetryService to collect and visualize distributes traces of different client and server services, e.g. stored in Jaeger installation and visualized with Grafana installation. The data is used to visualize how user requests flow across services (including latency times).