Orchestration SDK (Java Edition) – Trusted Device Activation with Android Studio: Part 1

Hakim Aldaoub, October 14, 2020
Orchestration SDK (Java Edition) – Trusted Device Activation with Android Studio: Part 1

In this blog, we will demonstrate how to provision a user instance and activate its authenticator on the end-user device. This will become the trusted device for this unique registered user, and it will then be notified whenever OneSpan Intelligent Adaptive Authentication (IAA) decides a step-up to a specific authentication method is necessary, based on the risk level associated with an activity. A sample Android app will utilize our Orchestration SDK to activate the user instance.

The OneSpan Orchestration SDK is part of the Mobile Security Suite (MSS). Along with Secure Provisioning, which  we will be discussing today, the Orchestration SDK enables mobile developers to integrate the main features provided by OneSpan Mobile Security — including transaction signing, fingerprint recognition, Secure Channel, password protection, two-factor authentication, and more. 

To fully provision the user account, an exchange of activation commands will take place between the Orchestration Client SDK, your application server, and your OneSpan IAA Authentication Server.

Requirements

Import Sample App to Android Studio

  1. Download the Orchestration SDK from the link provided above in the requirements section
  2. Unzip the contents of Orchestration SDK.zip.
  3. Import the project for the sample app into Android Studio as shown below. It is located in the directory “Orchestration SDK\Client API\Android” which is inside the Zip file. 

    OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]1

  4. Wait a few second for the project to build inside the IDE.

If you navigate through the sample app project, you will notice that the integration of the Orchestration SDK client is achieved by implementing a few callback overrides in your mobile app Java code and gathering the registration data of the user instance to be activated. Below are some examples of the callbacks and their methods to be utilized for different activities in your Java code:

  • OnlineActivationCallback it will be implemented by ActivationActivity class in the sample app.
  • LocalAuthenticationCallback it will be implemented by LocalAuthenticationActivity class in the sample app.
  • ChangePasswordCallback it will be implemented by ChangePasswordActivity class in the sample app.
  • LocalTransactionCallback it will be implemented by LocalTransactionActivity class in the sample app.
  • RemoteAuthenticationCallback and RemoteTransactionCallback it will be implemented by ActivationActivity class in the sample app.
  • OnlineActivationCallback it will be implemented by ActivationActivity class in the sample app.
  • NotificationRegistrationCallback it will be implemented by MainActivity class in the sample app.

Setting Up Firebase for Cloud Messaging:

In order to register your app for push notifications, you will need to create a Firebase Instance to obtain the Web API Key and the Sender ID values, which are generated by the cloud messaging service, Firebase. Follow the steps below:

•    Use your Google account to sign into Firebase console.
•    Set up a new Firebase project, click on the “Add project” symbol shown below.

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]2

  • Let’s call the project MySampleApp and then click “Continue”.
  • You will get the option to Enable Google Analytics for this project. You could just disable this option as it won’t affect this project and click “Continue” to finalize the creation of the project.
  • From inside the project page, click on the gear icon showed in the screenshot below and then “Project settings”.

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]3

  • In the Project settings, you will find the crucial parameters to setup the push notification for your project. Keep the “Web API Key” value from the “General” tab and Sender ID value from the “Cloud Messaging” tab handy for use in the upcoming steps.

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]4

Register Your App for Push Notification

To complete this step, you must be a member of the OneSpan Community. For instructions how to sign up for a free Intelligent Adaptive Authentication sandbox account, check out our blog “OneSpan Cloud Solutions In Action - MyBank Web Portal Demo, Part 1." 
From inside your OneSpan Community account, navigate to the “Sandbox tab”, then click on “Update app” as shown in the screenshot below

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]5

After that, the Register My App window shown below will popup. 

Select the radio button for “Use my own mobile application”. Then, check the “Android app configuration” option and paste the Web API Key obtained from the Firebase above.

Finally click on “Register App” at the bottom to finish the registration of your app for push notification.

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]6

The final step of registering your app for the push notification service is placing the Sender ID obtained previously from the Firebase console in the place holder for ANDROID_SENDER_ID String of the Constants Java class, as displayed in the code snippet below.

OneSpan-BlogImage-[Orchestration SDK -Java Edition-Trusted Device Activation-Part1]7

With everything in this blog completed, we’re halfway there. In part 2 of this series, we will set up the SDK from Android Studio, take a closer look at the activation feature in the Orchestration SDK code, and create a Java Keystore certificate to finalize the activation.  Meanwhile, if you have any questions regarding the content, feel free to reach us on the OneSpan Community Portal Forums.

OneSpan Developer Community

OneSpan Developer Community

Join the OneSpan Developer Community! Forums, blogs, documentation, SDK downloads, and more.

Join Today