Windows Phone 7 How To Guide
From Swivel Knowledgebase Wiki
Contents |
Overview
The Swivel Windows Phone 7 Mobile client allows the storage of 100 security strings on a Windows Phone 7 (and 7.5). The PIN is not stored on the phone. Requesting a top up from the PINsafe server resets all the security strings on the mobile phone. You can use the device to get one-time codes for PINsafe login and PIN change.
Prerequisites
This application is for phones running Windows Phone 7.x only
User must have Mobile Phone Client or Swivlet enabled to use this Application
The PINsafe server must be reachable from the mobile phone to receive security strings
Security strings must be entered including the comma and sequence number e.g. nnnn,nn
This application is compatible with versions of PINsafe from 3.2 onwards. To download security strings from PINsafe versions 3.8 onwards, the phone must be provisioned first. For versions 3.7 and earlier, provisioning is not required or supported.
Appliances using PINsafe 3.8 may require an upgrade on their proxy to provision a mobile device, see How to upgrade the appliance proxy for PINsafe 3.8
Getting the Application
The application must be downloaded from Windows Marketplace. Search for "Swivel".
Using the Application
When you start the application, you will see the following screen:
Help is available from the application on all pages by pressing the ? button at the top right.
The first time you use this application, you must press Configure to set the PINsafe server details. Your administrator will provide you with these.
Once the PINsafe server details are configured, for PINsafe version 3.8 or later, you must provision your phone before you can request security strings. Press Provision to provision this phone with the PINsafe server. You will need to request a provision code from your helpdesk, which must be used immediately. The code will be sent either to your phone as an SMS, or via email, depending on how your PINsafe server is configured. Provisioning is not necessary for versions of PINsafe earlier than 3.8.
Once the phone is provisioned, you can request new security strings. Press the Top Up buttom to do this. Your phone will be pre-loaded with 100 new security strings.
Once you have carried out the 3 steps above, you can use the Authentication button to request security strings one at a time for PINsafe authentication. Your phone will not need to connect to the PINsafe server again until you have used all your strings.
Configuration
Enter the PINsafe server details on this page.
You will need to get the server details from your system administrator.
WARNING: the "Allow self-signed" option does not work. Unfortunately, there is no way on a Windows Phone 7.x to connect to a web server over HTTPS if the SSL certificate is not valid. There may also be a problem with some servers, even if the certificate is valid, due to an issue with TLS Server Name Indication (SNI). This has been observed and fixed on the PINsafe Taskbar client for Windows 7 (desktop), but unfortunately the same fix cannot be used on Windows Phone. In this case, the only fix is on the server side: either disable HTTPS or ensure that the server (or firewall if PINsafe is being proxied) either has SNI (or TLS) disabled, or has the correct server name(s) configured.
Provisioning
Before you can request security strings, you must provision your phone with the PINsafe server (PINsafe version 3.8 or later). Make sure that the phone is properly configured with the PINsafe server details before doing this.
Ask your administrator or helpdesk to send you a provision code. You will receive this via SMS or email, depending on the configuration of your PINsafe server. You must enter this code into this phone as soon as you receive it, as it has a limited lifespan.
Top Up
Use this page to request more security strings. Before you do this, make sure your phone is correctly provisioned with the PINsafe server (PINsafe version 3.8 or later).
Click Top Up to request more strings. If successful, you will be sent 100 new strings. Any previous strings you had been issued with will no longer be valid.
Authentication
To get the next available security string, click Get Next String. You will be shown the next string and its index.
To authenticate, calculate your one-time code from the security string, then append "," and the 2-digit index shown.
For example, if the security string is "2468013579", the index is "02" and your PIN is 1357, the authentication code will be "2603,02".
Change PIN
To change your PIN, you need to apply the same process to both the current and the new PIN. Use the same security string for both PINs.
For example to use the string above to change your PIN, if your existing PIN is 1357 and your new PIN will be 2468, use "2603,02" as your old one-time code, and "4815,02" as your new one-time code.
Known Issues
Unfortunately, Windows Phone does not support connecting to HTTPS servers with certificate errors. If you are publishing a PINsafe server using HTTPS, make sure that the certificate is valid, and that you use the correct host name when configuring the client.
If you are using a proxy server that supports TLS for HTTPS connections, be aware that you must configure the correct host name for server name indication (SNI), or the phone will reject the connection. There is no way to disable this, or to force the connection to use SSL instead of TLS.
We have had reports that this application is not available in all markets. To the best of our knowledge, the application should be available in all countries supported by the Microsoft Market Place, but if you have difficulty finding the application in your country, please let us know through support@swivelsecure.com, so that we can investigate the problem.
