The structure of the library and the interactions that will exist between the client app and the library are described in order to know how to integrate both products at the level of architecture and flows. A more technical document will describe how to do the integration in a specifically technical context.
The library has been implemented as a service package that allows it to communicate and carry out processes autonomously with the B-FY server. In this way, the library offers its services with simple and direct invocations from the client app. When the user wants to identify himself, the client app simply calls the library and waits. The library will perform all the processes, communications and checks with our general server to obtain the result of the operation. Once its processes are finished, the library allows B-fy to deliver the user's data to the client application, either in the app itself or on the web, (whoever has initiated the identification process). In this way, the client's app can follow its processes using the information received.
This model allows us to simplify integration, as all the security processes, communications, etc. are controlled by the library itself, making the client independent of the need to integrate all the advanced technical aspects (security, communications, etc.) of our system.
The functionalities offered by B-FY can be summarised in two main groups. This allows you to execute all the features offered by B-FY:
- User Verification - This service package will be executed when the customer has a new user logging into the system. In order to operate and identify itself securely, the B-FY system needs to verify the user's email and phone number. This is done by B-FY independently after a simple call to the "user verification" library service, so there is no need for data verification by the client itself.
- User identification - Once the user has been verified, the client can request user identification services at any time. After the call, the customer app will receive the details of the user who is using the smartphone, and can allow actions only allowed to that specific user. These identifications not only allow identification on the smartphone itself, but also allow the user to be identified with the mobile phone on client systems other than the smartphone itself, such as external web browsers, TVs, tablets, etc. that have the B-FY open ID system integrated.
These two groups include the B-FY functionalities for clients. For their execution, a sequential invocation has to be followed. In order to be able to use the user identification services, the user verification services must be invoked and executed completely (at least once). Any identification calls without verification will be rejected, as a reliable user identity cannot be established.
Library executions are invocations of library functions that are executed autonomously. This execution allows the client app not to execute processing actions, but it is recommended that the client app displays the status of the process via an interface, in order to provide the user with the necessary information.
In this way, in the integration, the client implements with its own design the user's interactions with the actions of the library. As an example, in the user verification process, B-FY sends the mail and the user confirmation SMS. But while this is being done, it is recommended from the client app to show the user a message indicating what is happening. In this case, that a verification email has been sent, the user can be prompted to "go open the email to validate it". In this way, the verification execution is completely performed by B-FY, but the interaction with the user in the app environment has to be done from the client. For this, in the calls to the library, there are methods to be able to have feedback of the invoked process and thus inform the client. We can differentiate between two general structures for how the B-FY library is to be integrated:
- Functionality invocations - Those calls that the app makes to invoke a library action. Itis a callto a complete functionality.
- UI updates - Those that have to be made to the client app design to integrate the library and give feedback to the user. They are implemented in a modular fashion, to have minimal impact on integration requirements.
With this structure the B-FY functionality can be fully adapted in the client app, respecting the design and showing the biometric identification as a part of the client app and with a simple and secure UX.