Mobile2Market Frequently Asked Questions
What is the Mobile2Market program?
What is the difference between application logo certification and application code signing?
Do all applications need to go through logo certification before they can actually be deployed to a device?
Do all Windows Mobile-based Smartphone applications need to be digitally signed before they can actually be deployed to a device?
What are the specific application security settings that a Mobile Operator can choose from when shipping a Windows Mobile-based Smartphone?
What is the difference between Privileged and Unprivileged execution mode?
Why are there different application security policy settings for the different shipping mobile operators?
Q: What is the Mobile2Market program?
A: Microsoft Mobile2Market is a comprehensive program designed to empower developers and independent software vendors to generate incremental revenues through distribution relationships with mobile operators, e-tailers, and retailers, while extending customer reach and reducing time-to-market. The Mobile2Market process is made up of various steps, including application logo certification and inclusion in the Microsoft Application Catalog.
return to top
Q: What is the difference between application logo certification and application code signing?
A: Application logo certification is the process of designing and building your application to adhere to a set of best practice design guidelines. By having applications logo-certified, Independent Software Vendors (ISVs) can benefit greatly by differentiating their applications in the market, and ensuring end-user satisfaction. To see the specific logo certification guidelines for Windows Mobile-based Pocket PCs and Smartphones, see Mobile2Market: Participate Now.
Application code signing applies to Windows Mobile-based Smartphones and refers to a security concept on the device. Specifically, application code signing refers to the process of having your application digitally signed (that is, validated and verified) so that it can be deployed to and run on an actual Windows Mobile-based Smartphone device. The requirement for application code signing is set by the mobile operator and its specific Windows Mobile-based Smartphone device offering.
Microsoft's Mobile2Market program provides a framework to help developers bring their applications to market in an efficient manner and describes the process for application code signing, logo certification and marketing. For more information, see Mobile2Market: Participate Now.
return to top
Q: Do all applications need to go through logo certification before they can actually be deployed to a device?
A: No, application logo certification is not a requirement for developing applications on Windows Mobile-based Pocket PCs or Smartphones, however, Independent Software Vendors (ISVs) can benefit greatly by going through this process to differentiate their applications in the market, and to help ensure end-user satisfaction. Another benefit of obtaining logo certification is inclusion in the Microsoft Application Catalog, which enables ISVs to get broad customer reach. To see the specific logo certification guidelines for Windows Mobile-based Pocket PCs and Smartphones, see Mobile2Market: Participate Now. To visit the Mobile2Market Application Catalog, see: www.microsoft.com/windowsmobile/catalog.
return to top
Q: Do all Windows Mobile-based Smartphone applications need to be digitally signed before they can actually be deployed to a device?
A: Not necessarily. The requirement for application signing is set by the mobile operator and its specific Windows Mobile-based Smartphone device offering. Microsoft's Mobile2Market program provides a framework to help developers bring their applications to market and describes the process for application signing, logo certification and marketing. For more information, see Mobile2Market: Participate Now.
return to top
Q: What are the specific application security settings that a Mobile Operator can choose from when shipping a Windows Mobile-based Smartphone?
A: For Windows Mobile 2002-based Smartphones, the application security configuration matrix is as follows:
Policy | Execution Mode |
Configuration | Unprivileged | Privileged |
Unrestricted | N/A | Open |
Standard | Open | Operator Privileged Root Certificate |
Restricted | Mobile2Market Unprivileged Root Certificate | Operator Privileged Root Certificate |
For Windows Mobile 2003-based Smartphone, the application security configuration matrix is as follows:
Policy | Execution Mode |
Configuration | Unprivileged | Privileged |
Unrestricted | N/A | Prompt |
Standard | Mobile2Market Unprivileged Root Certificate (Prompt) | Mobile2Market Privileged Root Certificate |
Restricted | Mobile2Market Unprivileged Root Certificate | Mobile2Market Privileged Root Certificate |
return to top
Q: What is the difference between Privileged and Unprivileged execution mode?
A: The Windows Mobile-based Smartphone application security model has been designed to be flexible in order to meet varying mobile operator network requirements. The concept of Privileged and Unprivileged applications refers to the level of access to development features and APIs on the device by a given application: Privileged trust: The application has a high-trust certificate and full access to the system and APIs. A signed application with a certificate chain that maps to a root in the Privileged Execution Trust Authorities certificate store is run with this execution privilege. Unprivileged trust: The application has a less privileged certificate and limited access to the system and APIs. A signed application with a certificate chain that maps to a root in the Unprivileged Execution Trust Authorities certificate store is run with this execution privilege.Untrusted: The application is not permitted to load onto Smartphone and has no access to the system or APIs.
For more information about the application security models for both Windows Mobile for Smartphone 2002 and 2003, please see the documentation in the Windows Mobile Smartphone 2003 SDK.
return to top
Q: Why are there different application security policy settings for the different shipping mobile operators?
A: Application code signing applies to Windows Mobile-based Smartphones and refers to a security concept on the device. Specifically, application code signing refers to the process of having your application digitally signed (that is, validated and verified) so that it can be deployed to and run on an actual Windows Mobile-based Smartphone device. The requirement for application code signing is set by the mobile operator and its specific Windows Mobile-based Smartphone device offering.
Microsoft's Mobile2Market program provides a framework to help developers bring their applications to market and describes the process for application code signing, logo certification, and marketing. For more information, see Windows Mobile Participate Now.
In order to target a broad range of Smartphone devices across multiple mobile operator networks, ISVs and developers should consider developing Unprivileged applications that are code signed with one of the participating Mobile2Market code signing partners.
For more information on how Mobile2Market can help you take your applications to market, please visit: msdn.microsoft.com/windowsmobile/partners/mobile2market/.
return to top