Kiosk Mode on Different Platforms: Challenges and Opportunities

image not found

The kiosk feature offered by Mobile Device Management (MDM) is a popular software configuration that allows an organization to lock down the digital devices of their employees or user to one or more pre-approved applications while disabling all other features of a device. Kiosk mode comes in two modes, single-app or multi-app kiosks depending on the requirements of an enterprise.

The kiosk mode is mostly used in public places such as hospitals, shopping centers, restaurants, etc. where users need to interact with a single application for information gain, place orders, or proceed with checkout without accessing other functionalities of a device.

Likewise, corporates now leverage the benefits of kiosk mode to control and regulate the mobile devices of employees. Since commonly used mobile devices employ Android, iOS, and Windows as operating systems; therefore, they provide support for running kiosks as well. This article explores the benefits and challenges of running kiosks on different platforms along with a discussion of the features provided by each Operating System (OS).

Android Kiosk Mode

Android is an open-source OS and hence provides a range of customization options depending on the needs of a user. The single-app kiosk mode offered by Android OS allows organizations to run one application in the foreground while blocking all other features and functionalities.

It also supports a multi-app kiosk in which the admin can allow a set of approved applications to run on the mobile devices of employees. To enable kiosk mode on an Android device, it is important to activate developer options and screen pinning features.

Advantages

The Android kiosk mode offers several benefits in terms of managing configurations and controls over the device. One of the important advantages of Android kiosk software is the granular control it provides over the device features and settings.

With the help of the Android Device Policy, an IT admin can easily configure different settings including microphone access, controlling the volume, enabling/disabling the camera, Wi-Fi, power button, etc., and managing other peripheral controls.

Limitations

Nevertheless, Android kiosk mode also has several shortcomings. Since devices running the Android operating system come in different hardware configurations; thereby making it difficult to set up and execute kiosk mode smoothly on all devices.

Moreover, Android devices are prone to several security attacks and if kiosk software is not properly configured, it could lead to a high risk of unauthorized access and information disclosure. By exploiting kiosk software, attackers can access other apps and features of devices resulting in exfiltrating sensitive data, creating reverse remote shells for sending commands, and installing backdoors to maintain unauthorized access.

iOS Kiosk Mode

The iOS, also known as the Apple operating system presents a kiosk mode feature by using Guided Access. Guided access is actually a built-in feature of Apple devices that allows organizations to limit access to a single app and lock down the functionality of devices to that specific application. To enable guided access, it is important to activate it from the settings and set a passcode to exit this mode when required.

Advantages

The most important benefit of guided access is the ease of use it provides. It is user-friendly and therefore does not require any additional tool, software, or settings to set it up. Apart from this, the iOS kiosk provides custom configurations that allow the admin to disable some settings and features that may include volume control, touch screen, and keyboard.

Limitations

The Apple kiosk mode also has some drawbacks. The guided mode enabling kiosk only supports a single app, which means multi-app kiosk mode cannot be activated on Apple devices. In addition, Apple OS is popular for its stringent security policies that can act as a hindrance in terms of configuring kiosk mode.

Windows Kiosk Mode:

The most commonly used Windows Operating System also offers kiosk mode to be activated in laptops and desktop systems. To enable kiosk mode in Windows, the Assigned Access feature can be used. It enables admins to create a specific user account that can access one or multiple apps depending on the settings of single-app/muti-app kiosks. To activate assigned access, it is important to create a user account first and then configure the pre-approved applications in the settings of the device.

Advantages

One of the significant benefits of windows kiosks is flexibility. It supports multi-app kiosk mode as well which allows administrators to enable multiple apps to be accessed. Windows kiosk mode provides more customization options in comparison to other platforms that include configuring desktop background, start menu, taskbar, etc.

This kiosk mode also has several limitations. Assigned access works on Windows 10 Education and Enterprise editions only. In case some organization is using a different edition, kiosk mode cannot be enabled. Moreover, activating kiosk mode on Windows 10 Education and Enterprise editions is itself extremely challenging.

Following is the summary of kiosk mode features in tabular form.

 

Feature

Android

iOS

Windows

Supported devices

Various hardware configurations

Apple devices

Desktop and laptop computers

Number of apps supported

Multi-app kiosk mode supported

Single app kiosk mode only

Multi-app kiosk mode supported

Customization options

Granular control over device settings

Custom configurations for individual features

Extensive customization options such as the start menu, taskbar, and desktop background

Security policies

Vulnerable to security threats if not set up correctly

Strict security policies can sometimes be a hindrance

Requires Windows 10 Enterprise and Education editions

Setup process

The screen pinning feature needs to be enabled through developer options

Built-in Guided Access feature that is user-friendly and requires no additional software or tools

 

The Assigned Access feature needs to be configured through user accounts and settings