FAQ
What is the Nevis Mobile Authentication Client SDK?
The Nevis Mobile Authentication Client SDK is a software development kit to develop native mobile applications capable of carrying out FIDO UAF 1.1 based authentication with a Nevis Mobile Authentication backend.
It can be embedded into an existing mobile application to enhance it with Nevis Mobile Authentication capabilities, or used in a new mobile application written from scratch.
The Nevis Mobile Authentication Client SDK offers support for the following use cases:
- In-band and out-of-band operations
- Registration
- Authentication
- Transaction confirmation
- Deregistration
What functionality does the Nevis Mobile Authentication Client SDK provide?
The Nevis Mobile Authentication Client SDK implements a FIDO UAF 1.1 client, ASM and FIDO UAF 1.1 authenticators.
On top of the FIDO UAF 1.1 functionalities, it provides additional functionality to support use cases, such as out-of-band authentication through push notifications.
More precisely:
- FIDO UAF 1.1 client
- FIDO UAF 1.1 ASM
- FIDO UAF 1.1 touch ID authenticator (iOS only)
- FIDO UAF 1.1 face ID authenticator (iOS only)
- FIDO UAF 1.1 biometric authenticator (Android only)
- FIDO UAF 1.1 fingerprint authenticator (Android only)
- FIDO UAF 1.1 device passcode authenticator
- FIDO UAF 1.1 application PIN authenticator
- FIDO UAF 1.1 application password authenticator
- Out-of-band authentication through push notifications, links or QR codes
- Registration through links or QR-codes
Which platforms are supported?
Nevis Mobile Authentication Client SDK is available for the following mobile platforms:
- iOS 12 or later
- Android 7 or later (API level 24)
Do I always need the Nevis Mobile Authentication Client SDK if I want to use Nevis Mobile Authentication capabilities on my mobile devices?
No, the Nevis Mobile Authentication Client SDK is not required in all cases.
There are three ways to use Nevis Mobile Authentication on your mobile devices:
- The Nevis Mobile Authentication Client SDK is designed to offer maximum flexibility. It can be embedded into your existing apps or new ones. This can be done by your own development teams, third-party companies or by Nevis Security.
- The Whitelabel Access App is a template of an Access App. It offers standard authentication use cases and can be branded according to your company’s needs.
- You can write your own client code to use the Nevis Mobile Authentication backend.
Is the Nevis Mobile Authentication Client SDK suitable for security-sensitive authentication?
Yes. The Nevis Mobile Authentication Client SDK is designed with high-security use cases in mind.
Cryptographic key material is stored in non-readable sections of the mobile device. For iOS, this is the Secure Enclave, for Android, the Trusted Execution Environment.
Push notifications are end-to-end encrypted and the SDK itself is protected by various hardening measures. Several guards are in place, see also the SDK hardening and SDK flavors sections.
Can the Nevis Mobile Authentication Client SDK be used to authenticate for multiple accounts? For example, my business account and my private account?
Yes.
Can I use a hardening and/or obfuscation framework for an application that uses the Nevis Mobile Authentication Client SDK?
It is not required, but generally recommended to use hardening or at least obfuscation on the application, depending on the use case and security level desired.
For additional details, see the Application obfuscation and hardening chapter.
Which hardening frameworks should be used in combination with the Nevis Mobile Authentication Client SDK?
Use the products from the same vendor that is used for the Nevis Mobile Authentication Client SDK hardening.
Using different vendors and hardening frameworks is discouraged as it may result in the frameworks conflicting with each other.
For additional details, see the Application obfuscation and hardening chapter .