Push Notification
  • 23 Oct 2024
  • 2 Minutes to read
  • Dark
    Light

Push Notification

  • Dark
    Light

Article summary

Mobile Authenticator Studio push notifications are used in the context of out-of-band login and out-of-band Transaction Data Signing. With this feature, you can send a notification to the Mobile Authenticator Studio app when data is pending for validation on the server. To send the notification to Mobile Authenticator Studio, either the OneSpan Mobile Security Suite Notification SDK Server or DIGIPASS Gateway can be used. For more information on DIGIPASS Gateway, refer to the DIGIPASS Gateway Getting Started Guide. For more information on the OneSpan Mobile Security Suite Notification SDK Server, refer to the OneSpan Mobile Security Suite Product Guide and the OneSpan Notification SDK Integration Guide.

The data to sign can be indifferently associated to a transaction context or to a user login context.

Example of Push Notification during login

Example of Push Notification for pending transaction

Cloud notification service providers do not give a warranty for successful delivery of notifications to mobile devices.

Each time the mobile device receives a push notification, an alert is displayed. When the user opens the notification, the Mobile Authenticator Studio app is opened and retrieves the pending data from DIGIPASS Gateway or the server implementing the Transaction Data Signing Web service.

Once the data is retrieved from the Transaction Data Signing Web service, Mobile Authenticator Studio displays two buttons: one to accept and one to decline the transaction. Each button is associated to a URL that will be called when the button is clicked.

Different web services can be configured for the Mobile Authenticator Studio app which are called depending on whether the Transaction Data Signing feature is launched from the menu or started from a notification. For more information about the Mobile Authenticator Studio configuration, refer to the Mobile Authenticator StudioIntegration Guide.

To be able to receive notifications from the server, Mobile Authenticator Studio must send its notification identifier to it, after the activation of an authenticator account. It is encrypted with the Secure Channelpayload key to prevent repudiation. As the notification identifier may change during the app life cycle, the notification identifier is re-sent each time it is changed.

Registration of the notification identifier to DIGIPASS Gateway

The notification identifier can be decrypted and stored by DIGIPASS Gateway or by any server with integrated Authentication Server Framework.

As the Secure Channel feature is used to protect the notification identifier, the Mobile Authenticator Studio Push Notification feature requires Authentication Server Framework as of version 3.14.1.2 or OneSpan Authentication Server as of version 3.8. This feature is available only for iOS and Android.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant