SMART PUSH NOTIFICATION
What is it ?
A Push Notification is a message that pops up on a mobile device. App publishers can send them at any time; users don't have to be in the app or using their devices to receive them.
They can do a lot of things; for example, they can show the latest sports scores, get a user to take an action, such as downloading a coupon, or let a user know about an event, such as a flash sale.
Push notifications look like SMS text messages and mobile alerts, but they only reach users who have installed your app.
Each mobile platform has support for push notifications — iOS, Android, Fire OS, Windows and BlackBerry all have their own services.
How cidaas makes use of Push Notification for Multifactor Authentication?
Push Notification is one of the Authentication type cidaas uses to authenticate users through Authenticator application.
As a prerequisite, the admin must enable the Multifactor authentication settings in the admin dashboard -make sure Push Notification is enabled here.
Once the above setting is done, users can now configure their profile to enable MFA, and Push Notification. For the very first time, the user needs to set up his/her cidaas Authenticator account. To do this:
1) Scan the QRCode provided on the web portal using the Authenticator App (i.e. profile settings section on the respective web portal- > Physical Verification Setup-> choose Pattern -> QR code.)
2) The QR Code contains the end points to login through cidaas-SDK. Once scanned, login with your credentials in Authenticator app.
3) The device-ID and the FCM token will be sent to server for further processing.
3) This device-ID and FCM token is the basis for sending notifications during login.
4) When the user logs-in to the web portal/ any other service, he will get a notification. Once the user clicks the notification, he will be successfully authenticated.
Once the user has setup the authenticator app, he gets a push notification, each time he logs-in on the web. When he clicks on this notification, the confirmation message is sent to the server and verified. Only when the request is authentic, the user is successfully logged in. This flow is shown below.
Both the configuration and usage flows are explained below with concrete screenshots:
Push Notification: Configuration
Download and Install the cidaas authenticator app from the link below, if not done so already.
On your dashboard page, go to Physical Verification Setup and select Configure button under the Push Notification (cidaas authenticator app) option
The following screen appears on the web.
To scan the QR code presented, open your downloaded cidaas authenticator app and click on Add tab.
Scan the QR Code displayed on your desktop.
Note: Instead of scanning QR Code on desktop, alternately, you can open cidaas-authenticator mobile app, and in physical verification section, choose any one verification.
If using the mobile browser, we don't need to scan qrcode. It will automaticaly ask for the appropriate authentication information, based on the verification type you choose.
After scanning, the login screen is displayed on your phone. Login with your credentials.
At the same time, the loading screen appears on your desktop, waiting for authentication, and a random number is displayed.
Once logged in, you see the Push Notification configuration screen. Choose the number displayed on the web to complete the setup.
Push notification is now successfully configured.
Then, your app and your desktop screen will look as shown in the figure:
Push Notification: Usage
Login with passwordless authentication then enter your email and click Proceed. Select Push (cidaas authenticator app) to login
The multiple device screen gets displayed
The screen waits for authentication, displaying a random number.
At the same time, push notification will be received in your authenticator app.
Click on that notification to view authentication request. The request shows the browser type, location and date/time, when the request was made (as in the below screen),
if you click allow button, it will continue to steps 4; Otherwise you won't be able to authenticate at this point.
On click of deny button the 'Notification Deny' screen will be shown, where user can select appropriate reason for denying the request and submit it. After that you won't be able to authenticate.
Choose the number displayed on the web, to login.
You are now successfully logged in.