authme-kyc

    1.1.2 • Public • Published

    AuthMe-KYC

    A javascript interface for interacting with the AuthMe app.

    npm version

    Demo

    Demo app. implementation is available on Codepen.

    About

    This package includes library for HTTP integration with AuthMe API publicly hosted on https://api.authme.com.

    Browser compatibility

    Chrome Firefox IE Safari
    Latest ✔ Latest ✔ Latest ✔ Latest ✔

    How to use

    Install package

    npm install authme-kyc
    

    Using CDN

    You can also link the scripts from unpkg: https://unpkg.com/authme-kyc/dist/

    If you only wish to use SDK without UI component, use minified version authme.min.js

    AuthMe API Proxy

    To avoid leaking your credentials (AuthMe API Authorization header = API key + API secret) to your visitors in the frontend Javascript application, your frontend application in the production environment should have access to the backend proxy application and backend proxy application should append the authorization credentials, and in this proxy application you could execute your additional business logic.

    Example implementation in Node.js Express application

    Minimum proxy implementation which ensure the security for your credentials are available here https://github.com/AuthMe-KYC/authme-api-proxy-example this example can be easily hosted at Webtask.io service in few minutes. More details about this example are available in this README.md

    Data encryption

    The data retrieve from AuthMe App will exchanged by AuthMe Service, the SDK will generate a AES 128 key automatically and forwarding to the App for data encryption (CBC, Zero padding). The encrypted data will be transport back to the request originator browser and been decrypt by SDK, AuthMe service will never know any personal information since data has been encrypted.

    The SDK can specify AES key programmatically also.

    $("#btn").genAuth({
      key: "ST7v4nmUkEOdPln6YIZ5pg==" // 128 bit base64 key
    });

    Javascript events

    Currently we have implemented AuthMe KYC solution to dispatch additional HTML DOM events which can easily be accessed with javascript. Component fires three kind of events which are important for interacting with the rest of the page. Adding event listeners is the way to communicate with the component.

    onLinkGenerated
    This event is fired after link or qrcode has been generated, if user visit your website on desktop browser, it will generate a qrcode for scan. Otherwise it will generate a deep link for click.
    Plain javascript code example:

    $("#btn").genAuth({
      onLinkGenerated: function(isMobile) {
        if(isMobile) {
          // TODO: If visitor from mobile
        } else {
          // TODO: If visitor from desktop browser
        }
      }
    });

    onAppOpen
    This event is fired after AuthMe mobile app has been called from deeplink. Notice this function only work when user visit your web on desktop browser, because mobile device will always open a new tab when app turn back to browser.

    Plain javascript code example:

    $("#btn").genAuth({
      onAppOpen: function() {
        // TODO: When AuthMe app called
      }
    });

    done
    This event is fired after verification process completed. This event includes a one-time result uuid for retrieving user data from the server. It will also fired the callback url.

    Plain javascript code example:

    $("#btn").genAuth({
      done: function(result) {
        // TODO: When verification done
        console.log(result.uuid);
      }
    });

    Feature: desktop-to-mobile

    With this feature, component is able to start verification process from the browser on desktop computer then call App on user's smartphone for verification to validate user's identity, then call API and return results to the desktop where component initially started.

    All data by default is exchanged over AuthMe Service, this may be replaced by firebase service in the future.

    How it works

    1. component is loaded at the browser on desktop
    2. user requests feature by scanning the QRCode (The SDK will automatically detect whether generating a deep link or QR Code)
    3. component at the desktop generate exchange link with QR code and secret key for AES encryption
    4. user at smartphone should open generated exchange link (link contains scan identificator and AES secret key for encryption), recommended way is to scan QR code with QR reader integrated in native camera app on the iOS and Android or with custom QR reader
    5. user scan the document with native NFC reader and complete face recognition
    6. component loaded at smartphone calls AuthMe API, encrypt result and store it to the exchanged object at AuthMe Service
    7. component loaded at desktop is subscribed for the changes, reads encrypted results stored in AuthMe Service, decrypts it and display it to the user

    Development

    npm install

    Realtime watch & build

    npm start

    Build release

    npm build and fetch files from dist directory

    Keywords

    none

    Install

    npm i authme-kyc

    DownloadsWeekly Downloads

    0

    Version

    1.1.2

    License

    MIT

    Unpacked Size

    586 kB

    Total Files

    5

    Last publish

    Collaborators

    • dalton_hsu