Push Notifications
🔐 Push Notifications Overview
REL-IDverify is a secure transaction approval platform that enables enterprises to send real-time, actionable push notifications to users' registered devices for confirming sensitive operations.
"Verify the right user, on the right device, at the right time."
🚀 Key Features
🔔 Push Notification with Secure Content Delivery
- Uses FCM (Android) and APNS (iOS) only as a wake-up signal.
- Actual sensitive data is fetched via REL-ID's MITM-proof secure channel after app wake-up.
👆 User-Initiated Action Prompts
- Customizable buttons like
Approve / Reject,Accept / Decline / Report Fraud. - Configurable
authlevelfor each action:- 🔓
0: No authentication - 🔑
1: Password - 🛡️
3: Device LDA (Local Device Authentication) - 🧬
4: Server-side Biometric
- 🔓
✍️ Digital Signature Support (Optional)
- Actioned content can be digitally signed on-device.
- Server verifies using user's public certificate.
🔄 Callback or Polling Support
- 📬 Webhooks: REL-ID sends a callback to your server on user action or timeout.
- 🔁 Polling: Periodic check for notification status using the Notification UUID.
🌐 Multi-Language Notifications
- UI-level support to send multi-lingual messages with toggles (e.g., English, Spanish).
🧾 JWT Workflow Support
- Generate and return a JWT upon specific user actions (e.g., "Accept").
🛑 Notification Limits & Abuse Control
- Configure push notification thresholds (e.g., reject limit = 3 in 30 mins).
- Prevent overuse or brute force scenarios.
🧠 When Should You Use REL-IDverify?
Use Push Notifications in the following scenarios:
| Use Case | Benefit |
|---|---|
| 🔐 Login Approval | Secure user authentication on login attempts |
| 💸 Transaction Confirmation | Protects money movement, fund transfers, and redemptions |
| 📲 Replace OTP | Stronger, phishing-resistant alternative to SMS OTPs |
| 🧑💼 Regulatory Compliance | Helps meet RBI/PSD2/GDPR requirements |
| 🧾 Secure Audit Trails | All approvals digitally signed and time-stamped |
📱 Supported Platforms
- ✅ Android
- ✅ iOS
REL-IDverify integrates seamlessly with the REL-ID mobile SDK across platforms.
🔧 Example Workflow
sequenceDiagram
participant App as Enterprise App
participant REL as REL-IDverify Server
participant User as User Device
App->>REL: Generate Notification API
REL-->>User: Push Notification (via FCM/APNS)
User-->>REL: Fetches transaction over secure channel
User-->>REL: Action (Approve/Reject) with Auth (if required)
REL-->>App: Callback with status or App polls for status
🛡️ Security Highlights
- 🔐 End-to-end encryption
- 🔑 Device-bound credentials
- 📜 Auditable, signed transaction records
- 🧬 Multi-factor authentication options
- 🚫 Resistant to phishing, MITM, SIM-swap attacks
Updated about 2 months ago