Unlocking the full potential of the AirGap Vault. With AirGap Knox you can disable all sorts of connectivity on your smartphone on a system level and create an absolute secure environment for the AirGap Vault. So you are ready to create a secure seed phrase and get total peace of mind.
AirGap Vault’s source code ensures that the seed phrase is stored safely on the secure enclave and that it doesn’t use any network. But it can not ensure what the phone’s environment looks like and if it still uses any network. This is where AirGap Knox comes in. It takes security to the next level by disabling all forms of network on an OS level, thereby achieving true offline security.
Once installed, the AirGap Knox takes control of the system and initiates the blocking of all connections on a deep system level — whether its wifi, cellular, NFC or Bluetooth. The AirGap Knox acts as a device manager and guards the usability by restricting only the launch of the AirGap Vault and limiting other functionalities. After the setup, your seed phrase can then be generated in total privacy and top security.
To setup AirGap Knox simply scan the special QR code with a wiped Android device and Knox get’s setup like magic. The code initiates the instalment of the AirGap Knox bundle and defines it as the device manager, allowing it to handle all setup factors and enabling the lockdown mode.
The AirGap Knox solution currently only works on Android Enterprise recommended devices. There are over 550 supported devices and the number is growing. Those devices offer an additional security setup that lets AirGap Knox turn off the connections on a system level. Check if your spare phone is a recommended device by having a look at this list. Also make sure it has at least Android 10 running on it.
AirGap Knox is easy to set up through a QR code from our website. Users simply need to wipe an Android Recommended device, then boot it up, enter the enterprise setup and scan the provided QR Code. This code initiates the instalment of the AirGap Knox bundle – It sets the Knox application as the device manager and starts to handle all setup factors, including downloading the latest version of AirGap Vault and enabling the lockdown/kiosk mode, which turns off all the connection and limits usage of the device to only the AirGap Knox app.
Updates can be executed by using the APK and a transfer device such as a USB-stick or an SD Card. Follow the instructions here: https://support.airgap.it/guides/airgap-vault-offline-update-android/
AirGap Knox comes with an updatability licence. Allowing you to update the AirGap Vault app during a set time period. You can continue to use AirGap Knox / AirGap Vault without any limitations after the licence has expired. If you wish to update the AirGap Vault to the newest version you will be asked to purchase a new QR-Code.
Android Enterprise was first launched in 2014 to enable setting rules and limitations on devices. These limitations are often used in an enterprise environment to make sure the devices are only used for specific tasks. Hence the name Android Enterprise. At AirGap we leverage this feature in two ways:
The AirGap Vault which is the heart of the whole solution is completely open source:
https://github.com/airgap-it/airgap-vault/releases
The Knox device manger, which is responsible for the device restrictions and the installation is currently not open source. However, this might change in the future.
In a conventional Android Enterprise setup the Device Manager is an IT admin or the cooperation itself. In AirGap Knox’s case it is the program itself that becomes the Device Manager.
There are no privacy concerns since AirGap Knox is managing itself and is cut off by design from the internet from the very beginning.
Yes, you can turn it back into a normal phone. There is a dedicated reset function included.
As mentioned before you MUST have a Android Enterprise Recommended device that runs at least Android 10 on it. To find out more please visit the official Android Enterprise Recommended Devices website to find out if Knox will run on your device: https://androidenterprisepartners.withgoogle.com/devices/
Android Enterprise Recommended devices come in different shapes and price classes. A new device goes for 80$-180$ (Nokia 5, Motorola Moto G8 Power, Samsung Galaxy A32, Google Pixel 2) furthermore, there are devices which are ruggedised (eg. Nokia XR20) or have a removable battery (eg. Samsung Galaxy XCover 5, LG Stylo 2). Depending on your preferred setup you can find the device of your desire.
RECOMMENDED DEVICES (more will follow):
– Google Pixel Devices:
Pixel 7a, Pixel 7 Pro, Pixel 6a, Pixel 6 Pro, Pixel 6, Pixel 5a, Pixel 5, Pixel 4a (5G), Pixel 4a, Pixel 4, Pixel 4 XL, Pixel 3a, Pixel 3, Pixel 3 XL, Pixel 3a XL
– Nokia Devices:
5.4, 8 V 5G UW, 3.4, 8.3 5G, 5.3, G21, G11, G50, XR20, X20, X10, G20, G10, XR21, G22, T21, X30 5G, G60, C31, T10, G11 Plus, X30 4G, G60 5G, T10, G11 Plus, G21,
DEVICES WITH REPORTED ISSUES:
– Xiaomi Devices:
Redmi 12, Redmi 10
(NOTE: Fingerprint can not be added, only PIN or Password is possible. This issue is most probably caused by the MIUI ROM)
