Data Signing
✍️ What is Data Signing?
Data signing is a cryptographic process that ensures a piece of data (e.g., a transaction or message) is securely associated with the authenticated user. It guarantees:
- Authenticity – the user authorized the action.
- Integrity – the data was not tampered with.
REL-ID SDK provides this feature using secure local authentication (biometric/PIN/password) before signing sensitive payloads.
⚙️ How Does It Work?
- The mobile app initiates a signing request using the
authenticateUserAndSignData()API. - SDK prompts the user for authentication based on parameters like
authLevelandauthenticatorType. - Upon successful authentication, the SDK signs the payload.
- SDK emits the event
onAuthenticateUserAndSignDatawith the result. - App processes the response and proceeds accordingly.
- If needed, app may call
ResetAuthenticateUserAndSignDataState()to clear cached signing state.
🧾 Overview
These APIs facilitate secure user authentication and payload signing, used in workflows like transaction approvals or consent validations.
📲 UI Screen Requirements
The app must:
- Display biometric prompt for authentication
- Clearly state the operation being signed (e.g., "Sign transaction")
- Show confirmation on success
- Handle retry on failure
🔐 1. AuthenticateUserAndSignData API
AuthenticateUserAndSignData API📘 Purpose
Initiates step-up authentication and data signing.
🔧 Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
payload | String | ✅ Yes | JSON to be signed |
authLevel | Int | ✅ Yes | Must be 4 for step-up biometric authentication |
authenticatorType | Int | ❌ Optional | Must be 1 (IDVServerBiometric) if specified |
reason | String | ❌ Optional | Describes why the signing is being performed |
🔐 Controlling Authentication
📊 authLevel Values
authLevel Values| Value | Name | Description |
|---|---|---|
| 0 | No Authentication | No user authentication is required. |
| 1 | Re-Authentication | Reuses initial login method (LDA, device PIN, etc.). |
| 2 | ⚠️ Not Supported | SDK throws an error if this is used. |
| 3 | Manual Password | Requires REL-ID password only. |
| 4 | Step-up Authentication | Requires strong biometric via IDVServerBiometric. |
What isIDVServerBiometric?
IDVServerBiometricrefers to biometric authentication that is registered with and validated by the IDV server. It ensures that the biometric used (e.g., fingerprint, face, palm) is:
- Enrolled and linked to the user on the server,
- Verified locally on device,
- And approved by the server as part of step-up authentication.
🧩 authenticatorType (Only valid value: 1)
authenticatorType (Only valid value: 1)| Value | Description |
|---|---|
| 1 | IDVServerBiometric only |
Only value1is valid for data signing. All others are unsupported and should not be used.
💡 Sample Request
{
"payload": "{"txnId":"TXN123456","amount":10000}",
"authLevel": 4,
"authenticatorType": 1,
"reason": "Compliance biometric verification"
}📥 Code Snippets
React Native
RdnaClient.authenticateUserAndSignData(
payload,
4,
1,
"Authorizing high-value payment"
);Flutter
rdna.authenticateUserAndSignData(
payload,
authLevel: 4,
authenticatorType: 1,
reason: "Authorizing high-value payment"
);Cordova
com.uniken.rdnaplugin.RdnaClient.authenticateUserAndSignData(
payload,
4,
1,
"Authorizing high-value payment"
);Native iOS (Objective-C)
NSString *payload = @"{"transactionId":"TX456","amount":2000}";
NSInteger authLevel = 4;
NSInteger authenticatorType = 1;
NSString *reason = @"Authorizing high-value payment";
[[RDNAClient sharedInstance] authenticateUserAndSignData:payload
authLevel:authLevel
authenticatorType:authenticatorType
reason:reason];Native Android (Java)
String payload = "{\"transactionId\":\"TX456\",\"amount\":2000}";
int authLevel = 4;
int authenticatorType = 1;
String reason = "Authorizing high-value payment";
RdnaClient.getInstance().authenticateUserAndSignData(
payload,
authLevel,
authenticatorType,
reason
);📡 2. onAuthenticateUserAndSignData (Event)
onAuthenticateUserAndSignData (Event)📘 Purpose
Callback event triggered after authenticateUserAndSignData() is called. Provides result.
🧾 Sample Payload
{
"userID": "john_doe",
"payload": "{signed_data}",
"status": {
"statusCode": 100,
"statusMessage": "Signed successfully"
},
"error": {
"longErrorCode": 0,
"shortErrorCode": 0,
"errorString": "Success"
}
}🔄 3. ResetAuthenticateUserAndSignDataState API
ResetAuthenticateUserAndSignDataState API📘 Purpose
Resets the cached state of a prior data signing operation. If any error occurs or the user wants to cancel or reset the flow, resetAuthenticateUserAndSignDataState needs to be called to acknowledge the SDK that the user is re-starting the sign data flow.
📥 Code Snippets
React Native
RdnaClient.resetAuthenticateUserAndSignDataState();Flutter
rdna.resetAuthenticateUserAndSignDataState();Cordova
com.uniken.rdnaplugin.RdnaClient.resetAuthenticateUserAndSignDataState();iOS
- (void)resetAuthenticateUserAndSignDataState;Android
void resetAuthenticateUserAndSignDataState();⚠️ Error Codes
| Code | Meaning | Action Required |
|---|---|---|
| 100 | Success | Proceed |
| 400 | Malformed/Invalid Payload | Retry or validate data |
| 500 | Authentication failed | Re-prompt for biometrics |
| 600 | Biometric not enrolled | Redirect user to enroll |
✅ Developer Responsibilities
| Condition | Action |
|---|---|
| Success (100) | Confirm and continue flow |
| Failure (400–600) | Show error, retry or re-enroll biometric |
Updated 8 months ago