Security Notes

• Information Access — Oracle Field Service Mobile doesn't change customer or user sensitive information storage against existing secure storage which is implemented in Oracle Field Service.

• Authentication — The feature does not require any additional user authentication against authentication which is implemented in Oracle Field Service.

• Communication

  • The application uses https protocol for any communication out of device

  • Does not support self-signed certificates

  • Obtains access token using secured Oracle Field Service API

• Device Security

  • The application does not manage or control any security related device options and does not require any specific options

  • It is responsibility of client to set reasonable secure options of the device: set password for unlock device, encrypt device, disable any developer mode options, and so on

  • It is responsibility of client to verify any security tools for compatibility with the application