The DKTB is a personal app. It is therefore assumed, that the User will not share it with other people, and that only the User can access and control their personal DKTB. Ultimately, this means that all attestations in a DKTB are expected to pertain to and only be presented by the same User. This is enforced by requiring the user to authenticate using biometry or PIN-code when using the app and only allowing the DKTB application to be installed on one device per user.
(from the PDF)
This is a false assumption: PIN codes can be bypassed by sharing them with others. Devices can be faked unless using hardware attestation, which prohibits any modifications to the device which may be undertaken by those interested in rooting or installing a custom OS.
Users can initially acquire a DKTB on their smartphone or tablet via Google Play or the Apple App store.
(from the PDF)
This method requires the use of a vanilla, unmodified device, effectively prohibiting modifications to devices that one might wish to alter.
This is a false assumption: PIN codes can be bypassed by sharing them with others. Devices can be faked unless using hardware attestation, which prohibits any modifications to the device which may be undertaken by those interested in rooting or installing a custom OS.
This method requires the use of a vanilla, unmodified device, effectively prohibiting modifications to devices that one might wish to alter.