Nevis Access App
The Nevis Access App is a standardized Access App. It is possible to create customer-branded instances of the Nevis Access App. The Nevis Access App offers the following functionality:
- Available for iOS and Android (supported version: iOS 12+ and Android 6+)
- Authentication via PIN, fingerprint or biometric authentication (depending on device capabilities, includes fingerprint, face, and iris recognition) on Android devices
- Authentication via PIN, fingerprint or faceID on iOS devices
- Deregistration of the Access App from within the app
- Generic transaction confirmation
- Customer-branding (logo, colors, fonts)
- Low integration costs due to out of the box compatibility with the Nevis Mobile Authentication backend (nevisProxy, nevisAuth, nevisIDM, nevisFIDO)
- Based on the FIDO UAF 1.1 standard
- Forced Access App Update
- Different message transmission Channels such as push, link or QR code
- Number matching support to prevent push-fatigue attacks.
- Configurable links to in-app rendered HTTP pages including multi-language support for
- the privacy policy page (app store requirement)
- app help page (optional)
- account registration page (optional)
- Customisable translations for all app messages
Nevis provides regular releases of the Access Apps to customers and partners, implements improvements, ensures that bugs are fixed and new OS versions are supported.
Hardware Requirements
Because of the high-security nature of the Nevis Access App, it requires the presence of a TEE/SE1. For Apple devices, this is ensured by the iOS12+ limitation. Also, most currently available Android devices contain a TEE/SE, except some (usually low-budget) models.
The Apple iPod Touch lacks a TEE/SE, therefore it is not supported.
Access App Flavors
The Access App is delivered in two flavors:
Integration
Use the Integration flavor of the Access App in the context of testing and development. This flavor can be run on emulators. It also provides increased logging (showing the network requests and responses for example).
Production:
Deliver the Production flavor of the Access App to end users.
Publication
For a description of the steps that are required to sign the app per platform, refer to Prepare Android publication or Prepare iOS Publication.
- TEE: Trusted Execution Environment refers to cryptographic hardware for secure storage and execution of cryptographic related operations. As opposed to a TPM (Trusted Platform Module) a TEE is not physically isolated from the main chipset. SE: Secure Enclave - a tamper-proof secure storage.↩