# App transaction
# Use case
You are looking for a secure way for your end-users to access or update information in your mobile app. You want to achieve this whilst still offering a positive and seamless user experience for your end-users.
# How it works
Meet Jane, one of your active end-users who has activated MobileID in your mobile app. Jane has forgotten her credit card PIN code and is about to use your mobile app to view her PIN code.
- To do this, Jane opens and logs in to your mobile app.
- Jane navigates to the place where she can view her credit card PIN code in your mobile app.
- Jane clicks on a button to view her credit card PIN code.
- Jane authenticates herself using biometrics.
Jane has now securely authenticated herself with two-factor authentication and your app displays her credit card PIN code.
# What it looks like
The following diagram illustrates what an app transaction could look like with MobileID, from the perspective of your end-user.
This flow assumes that you are using MobileID and that the end-user has an active MobileID user and device.
The following flow is a suggestion on how to implement MobileID for app transactions for viewing a PIN code:
- The end-user navigates in your mobile app and clicks on view PIN code.
- The mobile app triggers a request to your backend for viewing their PIN code.
- Your server looks up the end-users PIN code.
- Your server triggers a MobileID authentication for the end-user; setting the PIN code as the post-operation context.
- The end-user authenticates using biometrics or a PIN code.
- MobileID verifies the authentication and sends a response to your server and app; confirming the authentication. The response to your app contains the post-operation context with the PIN code.
- Your mobile app receives the PIN code and displays it to the end-user.
Using MobileID for app login is a straightforward and effective way to provide your end-users with a secure and seamless login experience.
# Sequence diagram