- 03 Dec 2024
- 3 Minutes to read
- DarkLight
- PDF
Two-step activation
- Updated on 03 Dec 2024
- 3 Minutes to read
- DarkLight
- PDF
License activation
The integrating application retrieves Activation Message 1 from Authentication Server Framework.
License activation (overview)
The workflow involves the following steps:
The application starts and retrieves Activation Message 1 from Authentication Server Framework.
The license activation function of the Digipass SDK is called with Activation Message 1 and the device-unique data. To retrieve the device-unique data, the application can rely on the Device Binding SDK.
For more information, refer to the Device Binding SDK Integration Guide.
Routines of the activation service for license activation integration:
C/C++/Objective C: DPSDK_MultiDeviceActivateLicense
Swift: multiDeviceActivateLicense
Java: multiDeviceActivateLicense
The result of a successful Digipass license activation are a dynamic vector, a static vector, and a device code.
The dynamic and static vectors must be stored by the application in its data storage. To store the vectors, the application can rely on the Secure Storage SDK.
For more information, refer to the OneSpan Mobile Security Suite Product Guide, Secure Storage SDK.
The device code must be sent to Authentication Server Framework to generate Activation Message 2 used for the instance activation.
After the successful license activation, the Digipass status in the dynamic vector indicates that the Digipass authenticator expects the activation of the Digipass instance.
On Android, if the fingerprint (device-unique identifier) generated by Device Binding SDK was used to protect a Digipass license, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated licenses, we recommend storing a flag on the fingerprints that must be used for each Digipass license.
Instance activation
The integrating application retrieves Activation Message 2 from Authentication Server Framework after the validation of the device code.
Instance activation (overview)
The workflow involves the following steps:
The application retrieves Activation Message 2 from Authentication Server Framework.
The instance activation function of the Digipass SDK is called with Activation Message 2 and the device-unique data. To retrieve the device-unique data, the application can rely on the Device Binding SDK.
For more information, refer to the Device Binding SDK Integration Guide.
Routines of the activation service for license activation integration:
C/C++/Objective C: DPSDK_multiDeviceActivateInstance
Swift: multiDeviceActivateInstance
Java: multiDeviceActivateInstance
The result of a successful Digipass license activation is a dynamic vector and a static vector.
The dynamic and static vectors must be stored by the application in its data storage. To store the vectors, the application can rely on the Secure Storage SDK.
For more information, refer to the OneSpan Mobile Security Suite Product Guide, Secure Storage SDK.
After the successful activation, the Digipass status in the dynamic vector indicates that the Digipass authenticator is ready to generate responses.
After a successful activation on the client side it is advised to send a confirmation to the server by signing Activation Message 2 with the Digipass instance key. For more information about message signature, refer to the OneSpan Mobile Security Suite Product Guide, Secure Messaging SDK.
On Android, if the fingerprint (device-unique identifier) generated by Device Binding SDK was used to protect a Digipass instance, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated instances, we recommend storing a flag on the fingerprints that must be used for each Digipass instance.
Using the OneSpan Device Binding SDK for fingerprint generation
If you use the OneSpan Device Binding SDK to generate the fingerprints, you must bear the following points in mind:
On Android, if the fingerprint (device-unique identifier) generated by the Device Binding SDK was used to protect a Digipass instance, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated instances, we recommend storing a flag on the fingerprints that must be used for each Digipass instance.
If the fingerprint you generated with the Device Binding SDK changes, you might not be able to authenticate anymore. In this case, we recommend a reactivation.