Version: 3.8.x.x RR

Feature Overview

The Nevis Mobile Authentication SDK enables you to seamlessly integrate passwordless authentication into your mobile apps. Built on the FIDO UAF standard, our SDK offers a comprehensive set of features and extensive flexibility to accommodate diverse integration needs. This page provides an overview of the most prominent features.

Our SDK seamlessly integrates with both Nevis product lines: the Authentication Cloud and the Identity Suite.

Still have questions? Open a Nevis support ticket to connect with our experts.

Native and Cross-Platform

We offer native SDKs for the two main mobile platforms, iOS and Android, as well as cross-platform plugins for two popular frameworks: React Native and Flutter. These SDKs and plugins provide consistent APIs across platforms, abstracting platform-specific differences wherever possible to simplify development across different teams and environments.

Multiple Authentication Options

Our SDK supports a variety of authenticators to meet your needs and accommodate user preferences, including:

Face and fingerprint biometric authenticators for passwordless authentication.
PIN, password, and device passcode authenticators.

These authenticators also come with customization options, allowing you to fine-tune behavior and security features:

The PIN and password authenticators can be tailored to your organization’s security policies.
Authenticators use secure defaults for maximum protection, but you have some control over the balance between security and usability, such as:
- Enabling lower-security Android face authenticators to offer face authentication on a broader range of devices.
- Allowing biometric authenticators to fall back to the device passcode in cases where biometric recognition is compromised, such as by a cracked camera, poor lighting, or wet fingers.
- Disabling the automatic invalidation of authenticators when biometric information changes (e.g., adding or removing fingerprints) for user convenience.

FIDO UAF Compatibility

The Nevis Mobile Authentication SDK is built on the FIDO UAF 1.1 strong authentication framework standard, leveraging the native security features of mobile devices for robust user authentication. This reduces the challenges associated with creating and remembering numerous online credentials.

Banking-grade security by default

Our SDK incorporates multiple security features to ensure a secure and reliable mobile authentication experience for both our customers and their users. These features are evident throughout the SDK and form the foundation of our secure authentication solution.

Key security features include, but are not limited to:

SDK hardening, which offers a comprehensive set of attack prevention measures.
Implementation of tamper detection mechanisms to protect the SDK and app during runtime.
Leveraging secure storage options on mobile devices to provide the best possible protection for key material.
Utilization of strong cryptographic algorithms.
End-to-end encryption for out-of-band messages.
Built-in brute-force attack prevention for non-biometric authenticators.

Comprehensive Documentation

Our extensive documentation covers both the conceptual aspects of our mobile authentication solution and a detailed developer guide with thorough explanations and working code snippets for all supported platforms and frameworks. Additionally, we provide detailed API references, which include further explanations and examples.

Example Applications

We provide fully functional example applications that demonstrate core scenarios and how our SDK can be integrated into both native and cross-platform applications. These examples are publicly available on GitHub and can be built and run with minimal configuration, offering a practical resource for "hands-on" engineers who prefer exploring actual code over documentation.

Authenticate your way: in-app, mobile-only, push, pull, and QR-code authentication

Our SDK, in combination with our backend products, supports a wide range of authentication scenarios tailored to diverse customer needs.

Whether you are implementing in-app authentication or out-of-band (out-of-app) scenarios, our SDK enables seamless, high-security authentication across various platforms.

Out-of-Band / Out-of-App Authentication

Our SDK allows you to authenticate users not only within your app but also across other services, such as websites, telephone helpdesks, chatbots, or retail terminals. The possibilities are limitless and adaptable to your unique requirements.

These scenarios are made possible by offering different communication channels for registration and authentication that are not restricted to a specific app or device, including:

Sending push notifications.
Rendering a QR code to be scanned by your app.
Using links when the website your user visits is on the same device as your app.
Querying pending operations directly within your app, for example, if the push notification fails to reach your user's device.

Passwordless Authentication

With biometric authenticators, your users can enjoy passwordless experiences, eliminating the need to remember complex and secure passwords. Combining user experience and security, by providing true passwordless multifactor authentication.

Usernameless Authentication

Enhance your user experience by offering usernameless authentication. Our solution enables your users to log in to your services without ever needing to enter a username or email address. This feature is particularly useful when your users need to log in to a web-based application rather than directly in an app that integrates our SDK.

Transaction Confirmation

Our SDK supports transaction confirmations with PSD2 (Revised Payment Services Directive) compliance. It follows the WYSIWYS (What You See Is What You Sign) approach, ensuring the semantic content of signed messages can not be changed.

Multi-Account

Our SDK supports multiple accounts, allowing separate authenticator registrations for each account. When using PIN or application password authenticators, each account has its own credentials. In contrast, biometric or system authenticators share credentials across accounts on the same device, as these are managed at the operating system level.

Multi-Device

Users can register multiple devices to their account, each with its own set of credentials, offering greater flexibility and resilience.

Multi-Backend

Each account is "bound" to the server/backend it was registered to, enabling the SDK to support multiple servers based on registered accounts. This offers several advantages:

An application can manage accounts that are geographically distributed or belong to organizations using different backends.
Internal app testers can easily test the Access App with various backends, such as production, integration, and user acceptance testing environments, all while sharing the same configuration.
Apple App Store verification, which requires manual testing by Apple, can be conducted against a backend system that does not contain production data or accounts.
A single app can serve end-users working with multiple backends, such as trial and production instances.

Consistent Device Identifier

Each device registers a consistent identifier, which remains the same even if the user deregisters or reinstalls the app. This feature aids in detecting and preventing abuse.

Full customization control

Our SDK provides you with full control over your apps UI giving you the flexibility and options to integrate it while following your desired app flow.

Feature Overview

Native and Cross-Platform​

Multiple Authentication Options​

FIDO UAF Compatibility​

Banking-grade security by default​

Comprehensive Documentation​

Example Applications​

Authenticate your way: in-app, mobile-only, push, pull, and QR-code authentication​

Out-of-Band / Out-of-App Authentication​

Passwordless Authentication​

Usernameless Authentication​

Transaction Confirmation​

Multi-Account​

Multi-Device​

Multi-Backend​

Consistent Device Identifier​

Full customization control​