Greetings,

I understand that commercial app developers can receive a commerical license to deploy their applications. Typically development keys are used until that point. My question is, does using the development keys compromise the security at all? Is there any security level differences in the underlying cryptography or security features when a development key is used (other than the expiration date of the license)? If an organization were to deploy a trial usage of an application holding sensitive information with a development license, would it be just as secure as using the commercial license?

Thanks

Mikayla N.Samsung SEAP Moderator
Jan 15, 2019
5:36 pm

Hi Ronnie,

The Knox development keys are temporary and are intended for testing use. When you downloaded the Knox SDK, you accepted a license agreement that states that development keys are NOT to be used in a commercial app (The agreement can be found here: https://seap.samsung.com/content/knox-sdk-agreement). So while the commercial keys and development keys have the same permissions and security levels, you are not permitted to use a development key to run a commercial app.

As well, when you request a commercial key, you must bind your app and associate it with the key. This prevents others from obtaining your license key and misusing it. App binding is not required for dev keys. You can also obtain multiple commercial keys at a time, whereas you can only have a single dev key at any given time.

In summary, a development key is just as secure as a commercial key, but the license agreement requires you to obtain a commercial key before releasing your app.

 

Best regards,

Mikayla