How it works
Knox Enabled App (KEA) protects your app data by placing apps in an isolated container environment. Apps outside the container cannot communicate with a Knox Enabled App; more specifically, Android intents from apps outside the container are blocked. Inside a container, SE for Android policies control access between apps.
- You need a Knox license to use the secure Knox container.
- Development license — While you are testing the feature, you get a Knox development license from this website. This license is good for 6 months and 100 devices.
- Production license — When you are ready to deploy and distribute your app, you request approval to register your app as a Knox Enabled App.
- Your app must identify itself as being a Knox Enabled App. To do this, add a special KEA XML tag to your app's Android manifest file, and set up another XML file with additional configuration info.
- To distribute and deploy your app, you can use either:
- public channels — for example, the Google Play store
- private channels — for example, enterprise IT admins could push proprietary company apps over the air to employees through a Mobile Device Management (MDM) system
- A Samsung preloaded agent on the device communicates with the Samsung license server. If an installed app is a Knox Enabled App, the agent creates an invisible Knox container, pushes the app inside that container, and adds the Knox badge to the app's launcher icon to show users that it has been securely contained.