Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsAndroidMicrosoft Authenticator on Huawei running EMUI
Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


#302733 15-Dec-2022 15:28
Send private message

I have a user who has a Huawei phone running EMUI (which Huawei based on Android). We require them to use the Microsoft Authenticator app for MFA, but Huawei phones don't have access to the Google Play Store.

 

We've been able to download the Microsoft Authenticator APK via the Huawei AppGallery and install it, but before attempting to register this to the persons Microsoft account I'd like some advice on if there are any security concerns?

Create new topic
d3Xt3r
697 posts

Ultimate Geek
+1 received by user: 132

Trusted

  #3010562 15-Dec-2022 23:01
Send private message

This is a biased opinion, but personally I'd avoid Huawei like the plague - especially their Android devices - I wouldn't want them anywhere on my networks. In addition to some highly suspicious actions (such as locking their bootloaders soon after some security researchers found suspicious processes running on their phones; closing their doors to the dev communit; not releasing kernel sources etc), its highly unlikely that their non-current/non-flagship devices are receiving the latest Android monthly security patches, so technically they would pose a higher security risk than say a Samsung (which may continue to recieve Play System updates which includes updates to ceetain system components even if Samsung have stopped their updates; but with Huawei, once they stop updates its all over for that device).

In saying that, I don't see any harm in installing the Authenticator app itself, assuming of course you're not installing any other work-related apps like Outlook/Teams etc.



Hammerer
2480 posts

Uber Geek
+1 received by user: 802

Lifetime subscriber

  #3010578 16-Dec-2022 02:30
Send private message

Which badly-behaved conglomerate should I use: Google, Apple, Huawei, …? A plague on all such houses. I got a Huawei-underdog phone simply to see how I could be less dependent upon Google without resorting to the Apple dark side.

 

Anyway, back to the question. Huawei is definitely a greater security risk because the level of deceit from the Chinese state/corporate appendage is clearly worse than almost every other phone company. But most of the concerns are about intellectual property issues rather than any risk of my data being stolen. There do exist some very different and very concerning issues where network infrastructure could be compromised if Huawei equipment is used. But those are a different group of products.

 

Microsoft apps run well without Google’s proprietary software. Obviously Microsoft has no desire to bolster Google’s exclusive products by requiring their apps to depend upon them. So all Microsoft software that I’ve installed runs great on the open version of Android which Huawei still uses. That includes the Microsoft Authenticator app which I prefer to Google Authenticator anyway. It runs faultlessly on Huawei and I’m not concerned about security risks. But if I were an organisation with a different risk profile then I might be more circumspect.

 

It is ironic that Huawei can still run Android - Android itself is backed by the open-source handset project which is sponsored by Google - but Google’s non-free software is embargoed by the US government: Google Chrome, Google Play, and Google Play Services. If Huawei phones were such a confirmed security risk then I doubt that the US government would allow anyone to use them there, not even private individuals. AFAIK, Huawei phones can still be used there, just not by state employees.

 

The biggest problem with Huawei phones is simply that too many third-party apps require one or more of Google’s proprietary apps even if there is no definite need to do so. My security camera app only allows payments through Google (or Apple). Google Play Services are required for: my favourite barometer app, Barometer Reborn; many well-known games like Pokemon Go and not so well-known games like NZ’s own Raiders of the North Sea; the Goodnature rat trap app; probably my new power company app, Octopus; and so on. That’s why I have a pukka Android phone with Google Play and a Huawei sukka phone without it because none of Huawei’s solutions currently bypass the Google embargo. Huawei regularly tells me Google Play is ready to be installed to run on their phones - not a chance.

 

 

 

[edited to add last sentence]

Spyware
3818 posts

Uber Geek
+1 received by user: 1366

Lifetime subscriber

  #3010624 16-Dec-2022 09:45
Send private message

Paul1977:

 

I have a user who has a Huawei phone running EMUI (which Huawei based on Android). We require them to use the Microsoft Authenticator app for MFA, but Huawei phones don't have access to the Google Play Store.

 

 

Heaven forbid that you require employees to use their personal phones for work activities.




Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.



shk292
2915 posts

Uber Geek
+1 received by user: 2040

Lifetime subscriber

  #3010633 16-Dec-2022 10:01
Send private message

Spyware:

 

Heaven forbid that you require employees to use their personal phones for work activities.

 

 

Sometimes it's the best solution (from a user perspective).  If you have the requirement to run the occasional app for work, you have a choice of:

 

     

  1. Having a dedicated work phone, and needing to carry two phones around the whole time
  2. Having just a work phone and using it for personal stuff, with the phone, apps and information on it therefore controlled by the employer
  3. Just using a personal phone and a bit of flexibility

 

I've had (1) for the last 8 years and am now back to (3) which is much better.

Paul1977

5171 posts

Uber Geek
+1 received by user: 2192


  #3010751 16-Dec-2022 13:01
Send private message

shk292:

 

Spyware:

 

Heaven forbid that you require employees to use their personal phones for work activities.

 

 

Sometimes it's the best solution (from a user perspective).  If you have the requirement to run the occasional app for work, you have a choice of:

 

     

  1. Having a dedicated work phone, and needing to carry two phones around the whole time
  2. Having just a work phone and using it for personal stuff, with the phone, apps and information on it therefore controlled by the employer
  3. Just using a personal phone and a bit of flexibility

 

I've had (1) for the last 8 years and am now back to (3) which is much better.

 

 

Exactly. This particular user doesn't need anything work related on their phone except for the Authenticator app, which is required for connecting remotely to work resources via VPN.

 

If it came down to it the company would be willing to provide a work phone for this, but the user doesn't particularly want to carry around two phones.

 

 

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright