Security guide for fixed readers

RFID SDK for Android 2.0.2.124

Applicable devices : Fixed Readers

Overview

This guide provides a details about security guide for fixed readers while logging in using RFID3 API

Details

Fixed readers comes up with self-signed certificate in order to have secure communication between application and reader, reader should be configured to use https.

Note: For firmware version above 3.10.30 reader will automatically force the user to switch to https and change the password on first login.

In order for app to communicate with the reader using https, set the secure mode in login_info to HTTPS.

Setting it up

Connecting to a reader with CA signed Certificate

In order to make sure that connection is fully secure between the reader and the app, an appropriate CA signed certificate must be installed on the reader.

Steps for installing certificate to reader : Install-certificates

Note :CA certifate and reader certificate should use algorithm SHA-256 or above.


LoginInfo loginInfo= new LoginInfo("FX9600112233", "username", "Password", SECURE_MODE.HTTPS, false);

Add CA certificate in PEM or DER format to res/raw/cacert

Create a network_security_config.xml file in res/xml/network_security_config.xml and add the following code

In the AndroidManifest.xml file ad the following code:

Note: For more information to customize app’s certificate behavior please refer Network security configuration

Note :Certificate should be CA certificate used to generate the reader certificate and domain name should be the name given when generating certificate.