Integrating the Orchestration SDK

To use OneSpan Orchestration SDK in your Android project

1. Configure your Maven repository using dependencies from the Bin/maven directory.

2. Add the following dependencies to the dependencies configuration in the build.gradle file :

   dependencies {
   ...
     implementation 'androidx.biometric:biometric:1.1.0'
     implementation 'com.google.firebase:firebase-core:21.1.1'
     implementation 'com.google.firebase:firebase-messaging:23.1.2'
     implementation 'androidx.appcompat:appcompat:1.6.1'
     implementation 'androidx.legacy:legacy-support-v4:1.0.0'
     implementation 'androidx.lifecycle:lifecycle-runtime:2.6.0'
     implementation 'com.google.android.material:material:1.8.0'
     implementation 'com.google.android.gms:play-services-location:21.0.1'
     implementation 'com.esotericsoftware:kryo:5.3.0'
     implementation 'org.bouncycastle:bcprov-jdk15on:1.70
     implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk7:1.7.0"
   ...
   }

3. Set the correct permissions for client device data collection in the AndroidManifest.xml file:

   • Geolocation/Bluetooth/Wi-Fi: ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION

   • Wi-Fi: ACCESS_WIFI_STATE, ACCESS_NETWORK_STATE, and CHANGE_WIFI_STATE

   • Bluetooth: BLUETOOTH and BLUETOOTH_ADMIN for Android lower than 12

   • Bluetooth: BLUETOOTH_CONNECT and BLUETOOTH_SCAN for Android 12 and later

   • Sampling rate: HIGH_SAMPLING_RATE_SENSORS for Android 12 and later

The Orchestration SDK provides facilities for biometric recognition on Android 6.0 devices (and later) with a biometric scanner.

If you use the Mobile Application Shielding obfuscation feature, you must add the following rule to the Mobile Application Shielding obfuscation configuration file:

untouchable com.esotericsoftware.kryo.*;

For more specific integration details, refer to the code sample that is provided with the Orchestration SDK product package.

The Orchestration SDK requires the following permissions:

• USE_BIOMETRIC for biometric recognition on Android 6.0 devices (and later) with the available biometric authentication method.

• VIBRATE for password input.

These permissions are listed in the AndroidManifest.xml file contained in OrchestrationSDK.aar. This file is included in the maven repository, therefore the permissions do not need to be duplicated in the AndroidManifest.xml file of the Customer Mobile Application.

As of Android 13, to receive notifications in the Orchestration SDK you have to manually handle the new runtime permission POST_NOTIFICATIONS. For more information, refer to developer.android.com.

The Orchestration SDK library size has increased due to 64-bit support. To reduce the binary size, it is possible to generate one app per architecture. For more details refer to Build Multiple APKs. The orchestration sample build.gradle contains a commented-out section to generate split APKs.

At this time, it is not possible to use the Android Allow Backup feature. There is a known issue that excludes storage files from the backup which are critical for the Orchestration SDK to work properly. We strongly recommend disabling the Allow Backup option.

You are now ready to use the Orchestration SDK.

Using OneSpan Orchestration SDK in your iOS project

1. Link MSSOrchestration.xcframework to your Xcode project.

2. Link MSSDeviceBinding.xcframework to your Xcode project.

3. Link MSSNotificationClient.xcframework to your Xcode project.

4. Link MSSOrchestrationResources.bundle to your Xcode project as standard resource file.

5. Add the following keys and their description to your plist:

   • NSCameraUsageDescription

   • NSFaceIDUsageDescription

   • NSLocationWhenInUseUsageDescription

   • NSBluetoothPeripheralUsageDescription

   • NSBluetoothAlwaysUsageDescription

   • NSLocalNetworkUsageDescription (if applicable)

As of release 5.6.2, it is mandatory to use the AppPrivate access group for activated users when creating an orchestration.  The access group setup is similar to the one introduced in the Device Binding SDK. For more information, refer to the technical documentation included in the Orchestration SDK package. For a detailed tutorial on how to configure the project and use the proper access group, see the MSSDeviceBinding.doccarchive file from the iOS/Documentation folder of the Device Binding SDK package.

The NSLocalNetworkUsageDescription description has to be set only if your application (or specific test target) actually accesses the server in a local network. When this applies, set waitsForConnectivity to true. With this URLSessionConfiguration used in the communication waits for user's interaction, displaying a permission pop-up.

For more specific integration details, refer to the code sample that is provided with the Orchestration SDK product package.

You are now ready to use the Orchestration SDK.