- 23 Oct 2024
- 1 Minute à lire
- SombreLumière
Transaction Data Signing
- Mis à jour le 23 Oct 2024
- 1 Minute à lire
- SombreLumière
Transaction Data Signing consists in signing data which is stored on a server using the Mobile Authenticator Studio application.
The data signing process starts outside the Mobile Authenticator Studio application. For example, the user enters a set of data in an online form and wants to sign it. The form must contain the data itself, as well as an identifier specific to this set of data. Once the form is submitted, the data is stored on the server.
Transaction Data Signing - request to server
After this, the user can sign the data with Mobile Authenticator Studio. By selecting the Transaction Data Signing shortcut, the user initiates a request from the application to the server that hosts the data. The purpose of this request is to check if the stored transaction data is pending and waiting to be signed. To identify the user on the server and authorize the pending transaction delivery, the request sent by the application contains a one-time password (OTP).
Transaction Data Signing - application request
Transaction Data Signing - application response
The response to this request contains a list of pending transaction identifiers that the user can select from, and the transaction fields that need to be signed.
Transaction Data Signing - pending transaction list
The user selects the transaction identifier, and the corresponding transaction content is displayed.
Transaction Data Signing - select transaction
The transaction content can be used for a standard transaction (i.e. with up to 8 data fields) or a Secure Channel transaction. This behavior must be configured in the XML customization file. For more information, refer to the Mobile Authenticator Studio Customization Guide.
In accordance with the transaction type (standard or Secure Channel), the data exchanged between the client and the server will have a different format. Please refer to the Mobile Authenticator StudioIntegration Guide for more details.
Once the transaction data has been selected from the list, its fields are used by the cryptographic engine of Mobile Authenticator Studio to generate an e-signature.
Transaction Data Signing - generate e-signature
The generated e-signature is sent to the server for validation. The URL is defined in the Mobile Authenticator Studioconfiguration file.
Transaction Data Signing - validate signature
Mobile Authenticator Studio can be configured to offer the end user the possibility to either always or never check the existence of a pending notification when the application starts. This choice is only available if the application contains a single authenticator instance.