npm
Sign UpSign In

authme-kyc

1.1.2 • Public • Published

AuthMe-KYC

A javascript interface for interacting with the AuthMe app.

npm version

Demo

Demo app. implementation is available on Codepen.

About

This package includes library for HTTP integration with AuthMe API publicly hosted on https://api.authme.com.

Browser compatibility

Chrome Firefox IE Safari
Latest ✔ Latest ✔ Latest ✔ Latest ✔

How to use

Install package

npm install authme-kyc

Using CDN

You can also link the scripts from unpkg: https://unpkg.com/authme-kyc/dist/

If you only wish to use SDK without UI component, use minified version authme.min.js

AuthMe API Proxy

To avoid leaking your credentials (AuthMe API Authorization header = API key + API secret) to your visitors in the frontend Javascript application, your frontend application in the production environment should have access to the backend proxy application and backend proxy application should append the authorization credentials, and in this proxy application you could execute your additional business logic.

Example implementation in Node.js Express application

Minimum proxy implementation which ensure the security for your credentials are available here https://github.com/AuthMe-KYC/authme-api-proxy-example this example can be easily hosted at Webtask.io service in few minutes. More details about this example are available in this README.md

Data encryption

The data retrieve from AuthMe App will exchanged by AuthMe Service, the SDK will generate a AES 128 key automatically and forwarding to the App for data encryption (CBC, Zero padding). The encrypted data will be transport back to the request originator browser and been decrypt by SDK, AuthMe service will never know any personal information since data has been encrypted.

The SDK can specify AES key programmatically also.

$("#btn").genAuth({
  key: "ST7v4nmUkEOdPln6YIZ5pg==" // 128 bit base64 key
});

Javascript events

Currently we have implemented AuthMe KYC solution to dispatch additional HTML DOM events which can easily be accessed with javascript. Component fires three kind of events which are important for interacting with the rest of the page. Adding event listeners is the way to communicate with the component.

onLinkGenerated
This event is fired after link or qrcode has been generated, if user visit your website on desktop browser, it will generate a qrcode for scan. Otherwise it will generate a deep link for click.
Plain javascript code example:

$("#btn").genAuth({
  onLinkGenerated: function(isMobile) {
    if(isMobile) {
      // TODO: If visitor from mobile
    } else {
      // TODO: If visitor from desktop browser
    }
  }
});

onAppOpen
This event is fired after AuthMe mobile app has been called from deeplink. Notice this function only work when user visit your web on desktop browser, because mobile device will always open a new tab when app turn back to browser.

Plain javascript code example:

$("#btn").genAuth({
  onAppOpen: function() {
    // TODO: When AuthMe app called
  }
});

done
This event is fired after verification process completed. This event includes a one-time result uuid for retrieving user data from the server. It will also fired the callback url.

Plain javascript code example:

$("#btn").genAuth({
  done: function(result) {
    // TODO: When verification done
    console.log(result.uuid);
  }
});

Feature: desktop-to-mobile

With this feature, component is able to start verification process from the browser on desktop computer then call App on user's smartphone for verification to validate user's identity, then call API and return results to the desktop where component initially started.

All data by default is exchanged over AuthMe Service, this may be replaced by firebase service in the future.

How it works

  1. component is loaded at the browser on desktop
  2. user requests feature by scanning the QRCode (The SDK will automatically detect whether generating a deep link or QR Code)
  3. component at the desktop generate exchange link with QR code and secret key for AES encryption
  4. user at smartphone should open generated exchange link (link contains scan identificator and AES secret key for encryption), recommended way is to scan QR code with QR reader integrated in native camera app on the iOS and Android or with custom QR reader
  5. user scan the document with native NFC reader and complete face recognition
  6. component loaded at smartphone calls AuthMe API, encrypt result and store it to the exchanged object at AuthMe Service
  7. component loaded at desktop is subscribed for the changes, reads encrypted results stored in AuthMe Service, decrypts it and display it to the user

Development

npm install

Realtime watch & build

npm start

Build release

npm build and fetch files from dist directory

Readme

Keywords

none

Package Sidebar

Install

npm i authme-kyc

Repository

github.com/AuthMe-SDK/authme.js

Homepage

github.com/AuthMe-SDK/authme.js#readme

Weekly Downloads

12

Version

1.1.2

License

MIT

Unpacked Size

586 kB

Total Files

5

Last publish

Collaborators

  • dalton_hsu
Try on RunKit
Report malware