Two-way Strong ¦ Sign In ¦ New User

Application Programming Interface (API)

 

Introduction

User Account

API Key

Test Environment

Web Application

Login

Token

Session Check

Session Check (Static)

Logout

Logout (Static)

Mobile Application

Mobile Login Check

Key Data Fields

Response Messages

Demo Examples

Powered By (Credit)

Technical Support

 

Mobile Application User Access

User access is designed differently for mobile computing devices (smartphones and tablets). The process has been simplified in comparison to the Web application environment. Figure 2 shows the interaction between the Two-way Strong User Authenticator mobile app and a secured Android activity. The secured Android activity is an activity programmed in a software developer's mobile app. The software developer will incorporate additional computer program code in their Android activity to connect to the Two-way Strong User Authenticator. The developer's mobile app invokes the user authentication procedure in the User Authenticator whenever the user accesses the secured Android activity. The User Authenticator connects to Two-way Strong's remote servers to reverify the validity of the user's account. The User Authenticator handles errors related to user authentication and will present an error to the user.

Figure 2: User Login Check via the Two-way Strong User Authenticator

The secured Android activity can be any activity that the software developer wants to protect against unauthorized access. There is no need to create a user login activity where the user is required to enter their user name and password. The user login function is executed automatically in the Two-way Strong User Authenticator. The software developer implements a simpler login check function in their Android activity. If user authentication passes, the user will be allowed to view the content of the secured Android activity. If user authentication fails, the user will be redirected to another Android activity.

Logouts and session timeouts are not applicable in the mobile application environment. The continuous login check can maintain a session to be active indefinitely, as long as the user's account remains valid.

The Two-way Strong User Authenticator must be installed in the user's mobile computing device in order to perform the login check and the user authentication procedure. If the User Authenticator is not installed, then the user cannot access the secured Android activity.