Mobile Components

Onboarding Users

Note: Onboarding component is the main component which includes all mandatory files packaged during packaging of the component.
Mandatory Server Settings

HOST

<HID Authentication Service Host>

(e.g., test123.aaas.hidcloud.com)

TENANT

<HID Authentication Service Tenant Id>

(e.g., tf98f45g90843781907)

ORG_ADMIN_USERNAME

<Org admin user of HID Authentication Service Tenant>

(e.g., john.doe@abcorg.com)

ORG_ADMIN_PASSWORD

<Password for the Org admin user>

(e.g., Password01)

KONY_APP_KEY

<App key of the fabric application>

(e.g., h728h89031832jdy9292)

KONY_APP_SECRET

<App secret of the fabric application>

(e.g., 89bv2894673792003jy2)

SERVICES_URL

https://<kony-account-host>/services
(e.g., https://hidglobaltest.konycloud.com:443/services)

Optional Server Settings

ACTIVATION_CODE_AUTHTYPE

<Activation Code Authenticator if other than AT_ACTPWD>

PASSWORD_AUTHTYPE

<Static Password Authenticator if other than AT_STDPWD>

DEVICE_TYPE

<Device type to be used for HID Approve if other than DT_TDSV4B>
HID_IS_APPLIANCE <Identifies whether device is HID Appliance or not>

View Sample Server Settings

Minimum Supported Versions of the OS

Operating System Minimum Supported Versions

Android

Android 13

IOS

IOS 10

Mandatory File

sdkNotificationManager.js

It is mandatory for Approve push notification handling from Temenos Infinity Component. It will register the device and handle all the notification callbacks.

Note: The component is using HID Approve SDK 5.9.

Manage Native Function Interface (NFIs)

Note: The component is using HID Approve SDK 5.9

Component Properties

S.No.  Property Name  Purpose 

isRMSEnabled

<ON/OFF options to enable or disable the RMS. ON means RMS is enabled; OFF means RMS is disabled>

2 MFA

<MFA options for SMS or Email>

The configured MFA will be called for medium risks.

3 isRMSReadOnly

<ON/OFF options to enable RMS in Read-Only Mode. ON means RMS is in ReadOnly mode; OFF means RMS is enabled. The default value is always OFF >.

If this field is ON → RMS will just record the user's behavior, but it won't perform any STEP-DOWN operations, all operations would be always STEP-UP.

4 tmCookieTag

<cookie value associated with and provided by RMS>, mandatory field.

This identifier is issued by RMS. Each new device used by the user to access the protected application will be tagged by RMS. This attribute is mandatory and should be always sent.

5 tmCookieSid

<cookie value associated with and provided by RMS>, mandatory field.

This identifier is issued by RMS and serves as a unique identification of a user's session. Its value is persistent throughout the whole session and is stored as a cookie pair.

6 otpLabel This determines the type of OTP need to be generated internally for login process.
7 provisionMode This determines what would be the mode for user registration. currently supported modes are Activation Code or QR Code.

Onboarding Component Functions

checkBioAvailablityPublic

This function checks for biometric availability on device.

 

Parameters

N/A

 

Return Type

Boolean

setBioStatusToEnable

This function sets biometric state to enable for device explicitly.

 

Parameters

Password (String)

 

Return Type

Callback function (bioStatusCallback)

setBioStatusToDisable

This function sets biometric state to disable for device explicitly.

 

Parameters

N/A

 

Return Type

Void

getPinRemainingDays

This function checks for remaining days left for PIN expiry.

 

Parameters

N/A

 

Return Type

Int

getKeyProfileAge

This function checks for remaining days left for container expiry.

 

Parameters

N/A

 

Return Type

getProfileAge(string)

renewContainer

This function renews container before its expiry.

 

Parameters

Password (String)

 

Return Type

Callbackfunction(renewContainercallback,renewContainerExceptionCB)

Onboarding User - Flow Chart Representation

Onboarding Component Flow

There are two ways of onboarding a user:

Pre-Login Screen

Once a user successfully onboarded, user can view the pre-login screen as given below.

Public Functions

Functions Descriptions

getSecureCode

This function can generate a secure code for login, which is a part of the MobileApproveSDK component.

Parameters : → username

Return Type : → otp

signTransaction

This function can generate a secure code for Fund Transfer which is a part of TransactionSigningMobileSDK component.

Parameter : → {toAccount, amount, remarks}

Return Type : → otp

Onboarding Component Services

Object Services

ServiceName DataModel Mapping Purpose Input Parameters Invoking

HIDObjects

ActivationCodeValidation

validateActivationCode

Validate the user's activation code.

filter (username), username, activationCode, authType

OnboardingValidation > ValidateUser

HIDObjects

AddPasswordAuthenticator

addPasswordAuthenticator

Add a static password authenticator to the user.

username, userId, password, authType

ScimAPIsOrg > addPasswordAuthenticatorInt

HIDObjects

ApproveDeviceRegistration

getInviteCodeTDSV4B

Provision the HID Approve device to the user and get the invite code to add the HID Approve device.

UserId, username, usernameWithRandomNo

PushDeviceRegistrationOrch > getInviteCode TDSV4B

HIDObjects

PasswordPolicy

getPasswordPolicy

Gets the policy for Static Password Authenticator

none

ScimAPIs>getPasswordPolicy

Fabric Services

Names Operation Name Service Type Description

ClientIdentity

-

Identity

Fetches Client Bearer Token

CustomHIDLogin

-

Identity

Used for validating secure code which is created internally

OrgAdminScim - Identity Fetches OrgAdmin Bearer Token

ActivationCodeService

Login

Integration

Authenticates the Activation Code

ClientAuthIdentityWrapper

getClientBearerToken

Integration

IntegrationWrapper of ClientIdentity

ClientAuthIdentityWrapper

getOrgBearerToken

Integration

Integration Wrapper for OrgAdminScim

DeviceProvisionJava

GetProvisonMsg

Integration

Fetches the Invite Code

HIDApproveInitiation

Initiate

Integration

Sends an HID Approve Push notification to the user's registered device.

ScimAPIs

SearchUser

Integration

Searches for the user.

ScimAPIs

getActivationCodeAuthenticator

Integration

An exclusive getAuthenticator service for the ValidateUser Orchestration service. This service does not work alone so use the getAuthenticator instead.

ScimAPIs

getPasswordPolicy

Integration

Provides the Password policy

ScimAPIsOrg

addPasswordAuthenticatorInt

Integration

Adds a Password Authenticator.

PushDeviceRegistrationOrch

getInviteCode TDSV4B

Orchestration

Provisioning Push Device

Java Services

Service Name Purpose Dependencies Called by (Service Name-Operation)

DeviceProvision

Java service to send the Device Provisioning request for HID Approve device registration and process the response to send the provisioning message.

You need to configure following Server Properties:

  • HOST
  • TENANT
  • SERVICES_URL

DeviceProvisionJava-getProvisonMsg

Transaction Signing Component

Mandatory Server Settings KONY_APP_KEY

<App key of the fabric application>

(e.g., h728h89031832jdy9292)

KONY_APP_SECRET

<App secret of the fabric application>

(e.g., 89bv2894673792003jy2)

View Sample Server Settings

Mandatory File

sdkNotificationManager.js

It is mandatory for Approve push notification handling from Temenos Infinity Component 8.0. It will register the device and handle all the notification callbacks.
Note: The component is using HID Approve SDK 5.9

Transaction Signing Component Properties

S.No.  Property Name  Purpose 

username 

This property is used to set the username to the component.  

Transaction Signing Component Functions

signTransaction

This function executes with input values and perform transaction.

 

Parameters

Values (Array)

 

Return Type

CallbackFunctions (pwdPromtCallback, SCB_signTransaction, FCB_signTransaction)

validatePassword

This function validates pin entered to check for authentication before proceeding with transaction.

 

Parameters

password(string), mode(string)

 

Return Type

void

updatePassword

This function used to update pin in-case, pin is expired or about to get expired.

 

Parameters

oldPwd(string), newPwd(string)

 

Return Type

CallbackFunction (exceptionCallback)

Transaction Signing Component Flow

  1. On the first screen, user provides their Customer ID and PIN, then clicks LOGIN.

  2. After successful authentication, from the dashboard, user must click on Fund Transfer option on the bottom navigation menu.

  3. This will takes user to the Fund Transfer page. The user must enter an account number of whom to Transfer Funds To, Amount and Remarks. Then click Transfer.

    Important: Not filling of any mandatory text field will leads to the respective error.

  4. A message will be prompted to confirm the fund transfer, click CONFIRM.

  5. After confirming, user must enter his/her PIN and click SUBMIT to proceed transaction.

  6. Transaction success page will be appeared which the confirms user's transaction.

Transaction Signing Component Services

Object Services

ServiceName  DataModel  CustomVerb  Purpose  Input Parameters Invoking 

HIDTransactionSigning 

SignatureValidation

validateSignature

Offline transaction signing that validates the Transaction details.

username,

password (Secure Code),

authType (Default)

ClientID  (Default)

HIDChallengeValidationService  > signatureValidation

Fabric Services

Names  Operation Name  Service Type  Description 

ClientIdentity 

Identity 

Fetches the Client Bearer Token 

ClientAuthIdentityWrapper 

getClientBearerToken 

Integration 

IntegrationWrapper of ClientIdentity 

HIDChallengeValidationService 

signatureValidation

Integration 

Validates the transaction details with the Secure Code obtained from the HID Approve app.

Approve Notification Component

Mandatory File

sdkNotificationManager.js

It is mandatory for Approve push notification handling from Temenos Infinity Component 8.0. It will register the device and handle all the notification callbacks.
Note: The component is using HID Approve SDK 5.9

Approve Notification Component Properties

S.No.  Property Name  Purpose 

transactionID

This property is used to set the transaction ID to the component.  

Approve Notification Component Functions

showAuthentication

This function shows the authentication to open transaction details.

 

Parameters

N/A

 

Return Type

CallbackFunction (retriveTransactionCallback)

retrieveTransactionIds

This function fetches the pending notifications.

 

Parameters

N/A

 

Return Type

CallbackFunction (onRecievedNotificationsCallback)

getContainerRenewableDate

This function will indicate the remaining days for container renewal.

 

Parameters

N/A

 

Return Type

Integer

Note:

Configuring Dynamic Push Notifications with sdkNotificationManager.js

When creating dynamic push notifications using sdkNotificationManager.js, include the appName in the body to trigger pop-up notifications.

For example,

Copy
"appName" is included in this request body
var notificationComponent = new com.hid.ApproveNotificationMobileSDK( 

    { 
      "clipBounds": true, 
      "id": "ApproveNotificationMobileSDK", 
      "appName" : "AuthenticationMA", 
      "isVisible": true, 
      "left": "0dp", 
      "top": "0dp", 
      "width": "100%", 
      "height": "100%", 
      "zIndex": 200 
    }, {}, {}); 

Approve Notification Component Flow

  1. In this flow, after successful on-boarding on mobile application with standard password enabled, If user authenticates into web application with the standard internet password, then user will get notification in his/her mobile application rather than the HID Approve application.

    Note: To be able to get notifications on our application we need to add bundle server id from FCM project in sdkNotificationManager.js file. Link for the complete process for adding application to FCM project : Migration from GCM to FCM (kony.com)

  1. The user receives Transaction Approved prompt, if Approve is pushed.

  1. If Deny is pushed, the user will receive Transaction Denied prompt.

Note: All components mentioned above are implemented using HID Approve SDK 5.9 and functionality can be checked through the HID Global - Major Bank app.