Authentication

Once users are enrolled, customers typically use Keyless to authenticate them at three different steps of a user journey:

• Login

• Step-up

• Payments

Login

Mobile SDK

Keyless offers Android and iOS SDKs to enable logins from your app's login / account creation page. We also support Flutter and React Native (BETA) bridges.

The captured image is securely encrypted and sent to the Keyless server to verify a match to the originally enrolled user. No biometric data is stored.

For best practise, the Mobile SDK can also generate a Json web Token (JWT) with a custom payload allowing customers to manage and audit any proceeding login session.

Find out more →

• Mobile SDK

• JWT Signing

Web SDK

Customers can also integrate our login flow into their own web based services.

Find out more → WebSDK

Step-up

Keyless provides in-app step-up authentication high-risk actions like address or credential changes, providing stronger security than traditional methods like Passwords or SMS OTPs.

The authentication flow is identical to the Login authentication process above, whether via Mobile or WebSDK, though again the JWT signing can help customers to verify the change made via a Custom Payload.

Payments

Keyless offers dynamic linking for businesses required to comply with PSD2 Strong Customer Authentication (SCA) regulations.

We support this via a User Interface launched via our Mobile SDK, displaying custom payload details such as transfer amounts and recipients.

Upon successful authentication, the SDK issues a JSON Web Token (JWT) containing a signature of the payload that was provided.

As per regulatory requirements, Keyless also allows the customer to set (enroll) a Pin (knowledge factor) to authenticate the transaction as an alternative to face. This pin can also then be authenticated by Keyless upon request, as well as changed or deleted via API.

Find out more → Dynamic Linking, JWT signing, PIN