Push message

Push notifications are the most convenient way of delivering information from the backend system to the mobile client application. The backend uses the Google Firebase Cloud Messaging service to send push messages to the client.

Prerequisites

• The end user accepted to receive push notifications.
• The end user registered his Access App on the Nevis Mobile Authentication backend.
• On Android devices, the Google Play Services need to be available. The Google Play Services are preinstalled on most Android devices but may be missing on some vendor models like for example Huawei.

info

Push notifications cannot be used for the registration operation. This is because the push identifier is not known to the backend before the registration process is completed.

How it Works

The example use case in the above figure shows how push notifications work during an authentication operation. Other operations behave very similar, apart from who or what initiates the operation. The numbers in the figure correspond with the numbers of the description below.

1. The end user starts a login.
2. The Nevis Mobile Authentication Backend initiates an authentication, and sends a push message payload to a push provider.
3. The push provider sends an encrypted push notification to the mobile device. The mobile application has to deal with the notification.
4. The mobile application triggers the out-of-band authentication process with the SDK by providing the encrypted push notification.
5. Once the mobile application has completed the out-of-band authentication process, the user is granted access to the protected endpoint, for example, a web application in a desktop browser.

Preventing push-fatigue attacks

If you want to prevent push fatigue attacks, we recommend using push messages in combination with the number matching feature.

Related documentation

For additional conceptual information, refer to the following chapters in the concept guide:

• Out-of-Band Message Transmission contains information regarding the message transmission concept.
• Out-of-Band Authentication contains information regarding the authentication scenario.
• Out-of-Band Transaction Confirmation contains information regarding the transaction confirmation scenario.

For additional technical information, visit the following chapters in the reference guide:

• FCM Dispatcher contains information of how to configure and use the push message dispatcher.
• Dispatch Token Service contains information regarding the HTTP API dispatch service.