Device Management
The Nevis Mobile Authentication SDK uses the device concept in relation to registered user accounts.
- Every installation of a mobile application is represented as a "device" associated with the registered user.
- Every registered authenticator of a user is associated with this device in the backend.
This device is used for several purposes, it:
- Provides the human-readable name allowing the end user to distinguish the devices in case multiple ones are registered.
- Stores the push identifier.
- Stores the key material used for out-of-band end-to-end encryption.
- Stores the key material used for updating the device information as well as keeping authenticators in sync without requiring end user authentication.
It is necessary to provide the device information during the first registration of a user as part of the registration operation.
Device Identifier
The SDK generated device identifier (deviceId
) is a combination of the apps package name and an identifier provided by the mobile OS API which does not require additional user permissions.
This identifier is intended to stay consistent during the lifetime of the device in most normal scenarios. Even if the end user uninstalls and re-installs the application, the device identifier is the same.
It's important to be aware that there is no guarantee of complete consistency. Some known scenarios where this identifier will change are:
- Performing a factory reset of the mobile phone.
- Multi profile setups in Android (for example an Android work profile will generate a different device identifier).
- Clearing the app keychain in iOS.
- Transferring the app to a different Apple Developer Account.
- Changing device information for mobile developers
- There is a terminology mismatch between the client SDK and the Nevis Mobile Authentication backend. The client SDK refers to Device Information, the Nevis backend to Dispatch Target.