I am currently using MDM on a mobile application (React Native/Expo Build) I have a scenario that I would like discussed:
Preface: Some of the Firms that use our application have an MDM platform (Intune, Mobile Iron, Airwatch) and others do not. Therefore we will have two application package:
- Public users that do not MDM software can simply download application from IOS or Android App store
- A wrapped application version for those firms that use MDM Software
FirmA has Intune applied and the wrapped version of our app User at FirmA decided to go on to the public IOS/GooglePlay store and download application
I need a way to stop this user at FirmA from using the public version of the app and restrict them to ONLY USE the MDM build of application.
Is this possible? Does this need to be applied on the MDM side or application side?
So any application downloaded from the google play store is signed by google and can only allowed to install on the device if the previous version has been also installed from the play store application as the signature of both needs to matched.
If you can supply your APP to the FirmA by just signing with your keys, then user cannot upgrade their App from the play store unless you provide them updated version locally signed by you.
Alternatively you can also think of have two different versions. The one you supply to FirmA is way higher version than the updated one on the play store. So your application running on their devices with higher number will never allowed to any application installed from the play store.