Two-step activation
  • 03 Dec 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Two-step activation

  • Dark
    Light
  • PDF

Article summary

License activation

The integrating application retrieves Activation Message 1 from Authentication Server Framework.

License activation (overview)

License activation (overview)

The workflow involves the following steps:

  1. The application starts and retrieves Activation Message 1 from Authentication Server Framework.

  2. The license activation function of the Digipass SDK is called with Activation Message 1 and the device-unique data. To retrieve the device-unique data, the application can rely on the Device Binding SDK.

    For more information, refer to the Device Binding SDK Integration Guide.

    Routines of the activation service for license activation integration:

    • C/C++/Objective C: DPSDK_MultiDeviceActivateLicense

    • Swift: multiDeviceActivateLicense

    • Java: multiDeviceActivateLicense

  3. The result of a successful Digipass license activation are a dynamic vector, a static vector, and a device code.

  4. The dynamic and static vectors must be stored by the application in its data storage. To store the vectors, the application can rely on the Secure Storage SDK.

    For more information, refer to the OneSpan Mobile Security Suite Product Guide, Secure Storage SDK.

  5. The device code must be sent to Authentication Server Framework to generate Activation Message 2 used for the instance activation.

After the successful license activation, the Digipass status in the dynamic vector indicates that the Digipass authenticator expects the activation of the Digipass instance.

On Android, if the fingerprint (device-unique identifier) generated by Device Binding SDK was used to protect a Digipass license, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated licenses, we recommend storing a flag on the fingerprints that must be used for each Digipass license.

Instance activation

The integrating application retrieves Activation Message 2 from Authentication Server Framework after the validation of the device code.

Instance activation (overview)

Instance activation (overview)

The workflow involves the following steps:

  1. The application retrieves Activation Message 2 from Authentication Server Framework.

  2. The instance activation function of the Digipass SDK is called with Activation Message 2 and the device-unique data. To retrieve the device-unique data, the application can rely on the Device Binding SDK.

    For more information, refer to the Device Binding SDK Integration Guide.

    Routines of the activation service for license activation integration:

    • C/C++/Objective C: DPSDK_multiDeviceActivateInstance

    • Swift: multiDeviceActivateInstance

    • Java: multiDeviceActivateInstance

  3. The result of a successful Digipass license activation is a dynamic vector and a static vector.

  4. The dynamic and static vectors must be stored by the application in its data storage. To store the vectors, the application can rely on the Secure Storage SDK.

    For more information, refer to the OneSpan Mobile Security Suite Product Guide, Secure Storage SDK.

After the successful activation, the Digipass status in the dynamic vector indicates that the Digipass authenticator is ready to generate responses.

After a successful activation on the client side it is advised to send a confirmation to the server by signing Activation Message 2 with the Digipass instance key. For more information about message signature, refer to the OneSpan Mobile Security Suite Product Guide, Secure Messaging SDK.

On Android, if the fingerprint (device-unique identifier) generated by Device Binding SDK was used to protect a Digipass instance, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated instances, we recommend storing a flag on the fingerprints that must be used for each Digipass instance.

Using the OneSpan Device Binding SDK for fingerprint generation

If you use the OneSpan Device Binding SDK to generate the fingerprints, you must bear the following points in mind:

  • On Android, if the fingerprint (device-unique identifier) generated by the Device Binding SDK was used to protect a Digipass instance, it is not possible to perform a migration between the fingerprint types of the Device Binding SDK. To better manage your activated instances, we recommend storing a flag on the fingerprints that must be used for each Digipass instance.

  • If the fingerprint you generated with the Device Binding SDK changes, you might not be able to authenticate anymore. In this case, we recommend a reactivation.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant