I heard about Mocana when SAP partnered with them few months back. And I got a real time mobile app wrapping demo at SAP Teched. The simplicity of the solution in securing enterprise mobile app made me think about it again.So I wrote to Mocana for a free trial, but the reply was disappointing,

ScreenHunter_06 Feb. 11 01.41.jpg Unfortunately, we are currently not providing MAP Free 100 Program outside of North AmericaAhh..

And the good news is that SAP is providing the Mocana trial, lets see how it works.

Mocana Solution simplifies wide-scale deployments by securing apps automatically, it mitigates the complexities of mobile management, while freeing developers from lengthy and expensive security coding. Setting AppPassword, Invalid Login Handling, End user License agreement, Location based control, Encrypted app data storage are major features that we can implement in a mobile app without writing single line of code. Upload, Apply and Download are the steps to do it.

Upload APK File

After Logging into the trial account upload the APK file of the application developed by the mobile app developers.

ScreenHunter_04 Feb. 10 23.45.jpg

Apply the Policies

Select the drop down to apply the Passphrase, Invalid Login Handling and End user agreement policies and click on Apply Policy button. The policies will be applied in few seconds and the APK file will be downloadable.

ScreenHunter_05 Feb. 10 23.45.jpgScreenHunter_06 Feb. 10 23.45.jpg

ScreenHunter_06 Feb. 10 23.57.jpg

Download the APK

Click on the download button to download the APK file that has the policies with it. Once APK file is downloaded install it in an Android device and run it, to see how the policies are applied and how the app was secured in few clicks. The app take us through auto generated security screens like user agreement screen and app password screen. In the demo I am testing the app data wipe out feature of the product.


  • The Passphrase and Invalid Login Handling – It exists in SAP Mobile Platform, it is called DataVault (the developers has to write few lines of code to make it work).
  • Encrypted Data at Rest – Apps developed using SMP has encrypted data, Afaria can provide complete device data encryption too.
  • End User Agreement – I don’t think this as a big feature since bringing a user agreement screen is not a big deal for mobile app developers.
  • Email Enforcement – Afaria provides more options in Email configurations and security.
  • Other features like Geo Fencing, Location Masking, Smart Firewall, App Expiration Date Settings, Copy Paste Protection and Jailbreak/Rooting Detection makes a difference. Existing SMP and Afaria customers have to think before going with Mocana, how worth it will be to the enterprise and what more it can give that is not provided by SMP and Afaria (even MAM is different from MDM). From a implementation stand point Mocana is very simple and straight forward with no hurdles.

You can try the solution here, SAP Mobile Secure – Protection for Devices, Apps, and Content

Midhun VP


To report this post you need to login first.


You must be Logged on to comment or reply to a post.

    1. Midhun VP Post author

      You can use any apps. Mocana is not bothered about what is the uploaded app to apply the policies. Why can’t you give a try, it hardly takes 30 mins.

      – Midhun VP

  1. Suseelan Hari

    Hi Mithun,

    Thanks for sharing information about SAP for Mobile. I am still getting cross training in my organization related to SUP and this blog is very useful to go through in future.

    Good Work!


    Hari Suseelan

  2. Frank Koehntopp

    Seems to take more than 30 minutes – trial won’t let me in with my gmail.com or my sap.com address (“personal or unacceptable email address”???).

    On my _real_ personal address I got the activation mail, but when I get to login it says “”Failed to determine an active instance for customer.”

        1. Midhun VP Post author

          Frank, I tried it again. I am able to register successfully and got another trial with a different account and different domain.

  3. Njål Stabell

    Hi Mithun,

    I also tested out the cloud mobile secure offerings from SAP.

    The Mocana app protection makes the life of a developer easier and keeps you focused on application and not security. Great blog!

    1. Frank Koehntopp

      That is a dangerous perspective.

      Mocana will take care of _some_ critical issues in Mobile, but hardly all of them. If you do not design & test ❗ for security it will come back to bite you.

      1. Njål Stabell

        Not saying that a “project” should not take care about securing their mobile apps. I have been part of 40 + SAP enterprise mobile projects in the last two years. Point is that an application developer is not always the person best fit for that. So if his ipa or apk file can be passcode encrypted, protected from jailbreak/rooting and set up with automatic VPN… that is a big help.

        1. Frank Koehntopp

          It absolutely is.

          I’m just trying to make sure the message is not being diluted into “this is the magic bullet, no need to do security during development”.

          Buffer over/underflow, input validation, privilege escalation, authorization and password management are as important as ever (to name a few).

          If you do an enterprise project, even if it runs on a small screen, you want a security expert in your team.

          1. Njål Stabell

            Agree. Security is a vital part of mobile projects (You are exposing your business critical data to public networks)  

            SAP is now delivering a collection of cloud products that gives new possibilities (on top of zone protection etc. ) such as Mocana, Afaria, SMP Cloud (with the VPN cloud connector) .

            My fear is that security concerns will stop SAP customers from mobilizing their workforce, which is a shame in 2014 where they should stay IT relevant to their employees.

            In that context the new offerings are a great help if not a silver bullet 🙂

            And I totally agree that the security experts should be the ones that considers the various options.

    2. Midhun VP Post author

      Thanks for your comments Njal. I liked the simplicity of the solution. Even though I am expecting more features to the product to make it more worthy since some of the features can be use only by customers who really has that scenario, like geo fencing, Location masking EULA etc.

      – Midhun VP

  4. Shrikant Naidu

    Another great article Midhun VP 🙂 & really helpful.

    This is a good offering from SAP now & i guess it would be interesting to see any product integration with Afaria with unified console for both the products.

    Also, offerings such as cloud versions of Mocana MAP along with Afaria will be a good insight to customers.

    Shrikant N.


Leave a Reply