[App] Mobile Device Binding

Version

To enhance the login verification mechanism on mobile terminals and ensure data security, FineReport provides the Device Binding function, allowing you to bind your mobile devices to the system.

Note: 

The function only takes effect for the DataAnalyst app.

Device Binding is disabled by default.

Log in to the decision-making system as the admin, choose System Management > Mobile Platform > App Configuration > Security Configuration, and enable Device Binding, as shown in the following figure.

Binding at the First Time

1. After you enable Device Binding, when a user, whose account has never been authorized on any devices, logs in to the DataAnalyst app on a mobile device for the first time and accesses the project or templates, the server can automatically bind the mobile device.

Note:

Though the device has been bound to other accounts, the new user can still bind the device for the first time.

2. Log in to the decision-making system as the admin, and choose System Management > Mobile Platform > App Configuration > Security Configuration > Device Binding. The newly bound username and device binding code are displayed in the device list. In this case, the device is successfully authorized, as shown in the following figure.

Note: 

1. The device binding codes obtained automatically are as follows.

• Android system: The binding codes of devices of Android6 and earlier versions are the corresponding MAC addresses. The binding codes of devices of Android7 and later versions are the corresponding device IDs and serial numbers.
  

• iOS system: If the advertisement ID is disabled, the device binding codes are the corresponding UUIDs. If enabled, the device binding codes are the corresponding advertisement IDs.

2. If the administrator deletes the authorization, the user cannot log in to the DataAnalyst app on the device automatically. In this case, the administrator needs to manually authorize the device.

Not Binding at the First Time

1. If a user has bound a mobile device automatically once:

• After the administrator deletes the authorized device, when the user logs in to the DataAnalyst app on the device, a prompt "Unauthorized device, mac address XXXXX" is displayed. In this case, the administrator needs to manually authorize the device. Otherwise, the user cannot log in to the DataAnalyst on the device.

• Whether the authorized device is deleted or not, when the user logs in to the DataAnalyst app on another device, a prompt "Unauthorized device, mac address XXXXX" is displayed. In this case, the administrator needs to manually authorize the device. Otherwise, the user cannot log in to the DataAnalyst on the device, as shown in the following figure.

2. After the user fails to log in to the DataAnalyst app on the device, the administrator refreshes the page. A new device record is displayed in the device list on the Device Binding tab page. Moreover, the device is unauthorized.

After the administrator enables the authorization, the user can log in to the DataAnalyst app on the device, as shown in the following figure.

The administrator can add mobile devices manually.

1. Users need to find their device binding codes first.

• Android system: The binding codes of devices of Android6 and earlier versions are the corresponding MAC addresses. The binding codes of devices of Android7 and later versions are the corresponding device IDs and serial numbers.

• iOS system: If the advertisement ID is disabled, the device binding codes are the corresponding UUIDs. If enabled, the device binding codes are the corresponding advertisement IDs.

2. The administrator can add mobile devices manually.

Log in to the decision-making system as the admin, choose System Management > Mobile Platform > App Configuration > Security Configuration > Device Binding > Add Device, enter the username and MAC address, as shown in the following figure.

Refresh the decision-making system. The information of the newly bound device is displayed. The device is authorized by default, as shown in the following figure.

In this case, the user can log in to the DataAnalyst app successfully on the mobile device.

If an authorized device bound to the system is lost, others can access the system through the device, causing data insecurity. Therefore, the user, whose device is lost, must notify the administrator to unbind the mobile device in time.

Log in to the system as the admin, choose System Management > Mobile Platform > App Configuration > Security Configuration > Device Binding, and delete the device, as shown in the following figure.