# Passport scan
Page contents
# About passport scan
The Authenticator App allows your end-users to authenticate and authorise transactions from their mobile devices. Our passport scan feature extends the core functionality of the Authenticator App by giving you the ability to gather and process passport data from an end-user.
# Example use cases
- Validate the authenticity of an end-user's passport.
- Collect attributes from an end-user's passport, which are then passed back to you.
# How does passport scan work?
Passport scan is a device operation that you can initiate for a MobileID user with an active device. The end-user will then need to fulfil the operation on their mobile device using the Authenticator App.
When the passport scan process is completed, the result and any obtained passport data are sent to you. It is up to you what action to take based on the result of a passport scan.
See Passport scan in our MobileID API reference documentation for further details.
# What does passport scan look like?
The following diagram illustrates the flow of a successful passport scan using the Authenticator App, from the perspective of the end-user.
# How to set up passport scan
To implement and use the passport scan feature for MobileID, you must have the following:
- You need to be a MobileID customer.
- The Authenticator App.
What is the Authenticator App?
You can read more about the Authenticator App in our Encap developer documentation.
In addition to requiring a MobileID account and the Authenticator App, we also need to set the feature up for your MobileID account.
This provides your account with the relevant properties and configurations needed to use the feature, as it is not automatically enabled for existing MobileID customers. If you attempt to use this feature without it being set up, you will receive the error code passportscan_not_enabled.
You can request this feature by contacting us at support@signicat.com.
Prerequisites
A passport scan can only be fulfilled by an end-user with a registered and valid device. This is because the device ID is needed when you initiate a passport scan towards MobileID. The result of a passport scan is tied to the MobileID user.
# What does the passport scan flow look like?
# Sequence diagram
Sequence diagram illustrating a successful passport scan being undertaken by an end-user with the Authenticator App:
# Flow part 1: Initiating the passport scan
The following steps illustrate the flow for initiating a passport scan. If a successful authentication is not carried out in this flow, then it will not be possible to conduct the passport scan illustrated in the next flow.
- You initiate a passport scan towards MobileID using the user ID and device ID.
- Upon receiving the request, MobileID initiates a session against the passport scan provider, where a session ID is obtained.
- MobileID triggers an authentication. The end-user then needs to authenticate using the Authenticator App.
- Upon successful authentication, the MobileID backend sends the Authenticator App the session ID obtained previously, so that it can continue with the process.
Note
The Authenticator App connects to the passport scan provider using the session ID.
# Flow part 2: Completing the passport scan on the Authenticator App
The end-user will proceed through the flow as illustrated in the app. This is an example of how the flow looks:
- The end-user is now required to conduct a passport scan using the Authenticator App and their passport. This normally involves:
- Taking a photo of their passport.
- Using the NFC chip reader in their phone to read information from their passport.
- Once the flow is fulfilled and the passport data is processed, the result of the operation can have a state that is either
ACCEPTED,REJECTED,INCONCLUSIVEorFAILED.
See Passport scan states in our MobileID API reference documentation for possible values. - The Authenticator App will receive a push from the MobileID backend informing the end-user that the passport scan has now been completed.
Note
MobileID will always update the response with the status of the operation, regardless of the result of the passport scan.
# Obtaining the result
If the passport scan verification has been successfully completed and the passportScanState is ACCEPTED, you can then get the result of the executed passport scan.
There are two different types of results that you can get. Both results are representations of the same underlying datasets, however, the final result does not include the photos that are in the full final result.
Full final result
The full final result is returned as a ZIP file.
The typical properties that make up the returned ZIP file are:
- The portrait picture in the passport.
- The picture that was taken of the data page during the scan.
- A JSON file containing information about the passport contents that can be retrieved from Electronic Machine Readable Travel Documents (eMRTD), in addition to information about the verification process.
See the Get full final result of the passport scan endpoint in our MobileID API reference documentation for further details.
Final result
The final result is returned as a JSON body.
Unlike the full final result, images of the passport are not included in the final result.
The JSON body contains information about the passport contents that can be retrieved from Electronic Machine Readable Travel Documents (eMRTD), in addition to information about the verification process.
See the Get final result of the passport scan endpoint in our MobileID API reference documentation for further details.
# Proofing
For every passport scan, we collect relevant information from the passport scan process and store this as a user proofing object. This user proofing object is tied to the end-user, and provides a list of all previous passport scanning operations and their results.
See the Get proofings for user endpoint in our MobileID API reference documentation for further details.
# Callback for passport scan
You can use callback to be notified when a passport scan is finished. You will only receive callback if the operation is COMPLETED or FAILED.
The event name for passport scan callback is passport.scan.completed.
See Callback in our MobileID API reference documentation for further details.
# Get access
You can request the passport scan feature for your MobileID account and learn more about the Authenticator App by contacting us at support@signicat.com.