Skip to main content

Offline authentication

Overview

It is possible to authenticate the end-user, even if the mobile device is offline. For more detailed information, see our Offline authentication Encap feature guide.

Offline authentication flow

From a mobile client perspective, the flow to perform an offline authentication could be as follows:

  1. Mobile App
    1. Activate the desired offline authentication method using our addOrUpdate operation, authenticate with an online authentication method, and activate offline authentication method.
  2. Service provider
    1. Start an offline authentication session.
    2. Present the verification data (containing a challenge and context) to the end-user. For example, in a QR code on a website.
  3. Mobile app
    1. Scan the QR code and call startOfflineAuthentication(verificationData).
    2. Retrieve the context and authMethod from StartOfflineAuthenticationResult.
    3. Display the context and call finishOfflineAuthentication() to let the end-user authenticate, using the authMethod from startResult.
    4. If finishOfflineAuthentication is successful, then display the one-time password from FinishOfflineAuthenticationResult and let the end-user enter it on the website.

Additional information

  • It is possible to select a different PIN for AuthMethod.OFFLINE_PIN and AuthMethod.DEVICE_PIN.
  • AuthMethod.OFFLINE_DEVICE corresponds to OFFLINE in the feature description.
  • AuthMethod.OFFLINE_DEVICE's toString() returns OFFLINE.
On this page