Mobile encryption security compliance

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Mobile Encryption Security Compliance

    ServiceNow mobile apps are compliant with encryption security standards for FedRAMP and DISA environments, specifically designed for U.S. government customers. These apps ensure high-level security through FIPS 140-2 validated encryption modules, applicable to the Now Mobile, Mobile Agent, and Mobile Onboarding applications.

    Show full answer Show less

    Key Features

    • Encryption: FIPS 140-2 validated encryption is utilized when connecting to FedRAMP and DISA instances.
    • Security Enforcement: Device PIN or biometric authentication is enforced for users connecting to FedRAMP and DISA instances.
    • Local Data Encryption: All locally stored data, including user preferences and offline data, is encrypted.
    • Blur Feature: Automatically blurs app screens when the app is in the background to enhance security.
    • iOS Compliance: ServiceNow apps on iOS use Apple validated cryptographic modules, requiring a device passcode for FIPS compliance.
    • Android Compliance: Android apps integrate with a third-party SDK for FIPS 140-2 compliance, necessitating a device passcode as well.

    Key Outcomes

    With these features, ServiceNow mobile apps help ensure the security of sensitive data for users in government environments. Customers can expect robust protection of their data, compliance with federal security standards, and enhanced user security through enforced device authentication and encryption practices.

    Additionally, specific system properties can be configured to control encryption enforcement and manage offline mode, providing administrators with flexibility in compliance management.

    Learn about how ServiceNow mobile apps comply with encryption security standards for the FedRAMP and DISA environments.

    Device PIN and Blur features in the mobile UI.

    ServiceNow GovCommunityCloud (GCC) compliance is designed for U.S. Federal, State, and local government customers. This environment is FedRAMP High and DoD Impact Level 4 authorized and compliant. Each ServiceNow mobile app (Now Mobile, Mobile Agent, and Mobile Onboarding) use FIPS 140-2 validated encryption modules.

    As part of using these validated modules, ServiceNow mobile apps include the following:

    Encryption
    ServiceNow uses FIPS 140-2 validated encryption when connecting to FedRAMP and DISA instances.
    Enforced security feature enablement
    Enforced device PIN or biometric enablement when connecting to FedRAMP and DISA instances.
    Encryption for locally stored data
    Locally stored app data such as user preferences and offline data are encrypted.
    Blur feature
    The blur feature is automatically enabled when the app is in the background.

    iOS FIPS 140-2 Compliance

    • On iOS devices, ServiceNow mobile apps use the Apple validated cryptographic modules. These modules are available on all devices using iOS 11 and up.

    • To enforce iOS FIPS 140-2 encryption, the ServiceNow mobile apps require that a user’s device has a pass code enabled when connecting to a FedRAMP or DISA instance.

    • All locally stored mobile app data such as user preferences and offline data use FIPS 140-2 validated encryption when pass code enablement is confirmed.

    For more information on the Apple validated cryptographic modules, see Apple Platform Certifications

    Android FIPS 140-2 Compliance

    • On Android devices, ServiceNow mobile apps are integrated with a third party SDK that uses a FIPS 140-2 validated module.

    • With this SDK, Android versions of ServiceNow mobile apps are FIPS 140-2 compliant for data at rest. All locally stored app data such as user preferences and offline data use the same level of encryption.
    • ServiceNow mobile apps also require that a device pass code is enabled when a user connects to a FedRAMP or DISA instance.
      Note:
      This feature requires Android version 7.0 Nougat and up.

    For more information on the certificate used with the third party SDK, see https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3220

    Mobile system properties related to compliance

    Enforcing FIPS 140-2 Encryption
    Use the glide.sg.device_encryption_enabled system property to enforce encryption and require that a device pass code is configured. This system property is automatically added and defaults to true for FedRAMP and DISA instances.
    For non-FedRAMP and non-DISA instances, this property defaults to false. Enable this property on these instances to take advantage of encryption and device pass code enablement.
    Disabling offline mode
    On FedRAMP and DISA instances, offline mode is disabled by default when the offline mode plugin is installed. To enable offline mode on a FedRAMP or DISA instance, an administrator must create the glide.sg.offline.enabled system property on the [sys_properties] table, and set the value of this property to true.
    For commercial instances, offline mode is enabled by default when the offline mode plugin is installed. To disable offline mode on a commercial instance, an administrator must create the glide.sg.offline.enabled system property on the [sys_properties] table, and set the value of this property to false.
    For more information on offline mode, see Offline mode.
    Screen blur on background
    Use the glide.sg.blur_ui_when_backgrounded system property to blur the app screen when in background. This property was introduced in the Madrid release.
    Important:
    • The glide.sg.blur_ui_when_backgrounded system property is supported on both iOS and Android devices.
    • By default, the value for this property is set to false, which turns it off.

    • For Android devices, when this property is enabled by setting the value to true, the following restrictions apply:

      • The screen share feature isn't supported and the shared app screen appears black.
      • Users are prevented from taking screenshots.

      These restrictions don't apply to iOS devices when the glide.sg.blur_ui_when_backgrounded property is enabled.

    This property is not overridden for existing customers who upgrade to the Paris release.

    FedRAMP

    The Federal Risk and Authorization Management Program (FedRAMP) creates a set of processes to ensure cloud security for the government. For more detail on this program, see https://www.fedramp.gov/.