1. A new user installing your app
A new user wishes to use your company’s services. They download the app on their device, and launch it.
- Upon launching the app, the Relying Party App will request a device identifier from the Trusona Mobile SDK. The SDK will recognize that there are no keys present, so it will generate the device key and auth key (if it can) key pairs on the device, and send the public keys for each to the Trusona API. The Trusona API will create a device in an inactive state waiting for the remaining registration steps to complete before becoming active. The Trusona Mobile SDK will then make the device identifier available to the Relying Party App at any time it is requested.
- The Relying Party App collects the user’s primary information and sends that along with the device identifier, retrieved in step 1, to the Relying Party Server. The primary information would be anything the Relying Party wants to store related to the user such as email address, name, phone etc.
- The Relying Party Server, using the Trusona Server SDK, creates a device+user binding in the Trusona API by sending the user identifier along with the device identifier obtained in step 2.
- The Trusona API responds to the device+user binding request with an activation code that the Relying Party will use to notify the Trusona API when the Account Verification step is complete.
- The Relying Party completes the Account Verification process. This will likely include an email verification process.
- Using the activation code obtained in step 4, the Trusona Server SDK notifies the Trusona API that the device+user binding has been verified and should be considered “active.”
With all the steps completed, there is now a new user with a fully bound device at Trusona. This new user is now available to respond to Trusonafication requests by the Relying Party.
2. An existing user installing your app on a new device
An existing user downloads your app on a new device, and launches it.
- The Trusona Mobile SDK registers the device with the Trusona API.
- The Relying Party App collects the user’s primary information and sends that in addition to the device identifier from the Trusona Mobile SDK to the Relying Party Server.
- The Relying Party Server, using the Trusona Server SDK, creates an additional device+user binding in the Trusona API by sending the user identifier along with the device identifier obtained in step 2.
- The Trusona API responds to the device+user binding request with an activation code that the Relying Party Server will use to notify the Trusona API when the Account Verification step is complete.
- The Relying Party completes the Account Verification process. This will likely include an email verification process.
- The Trusona Server SDK notifies the Trusona API that the device+user binding has been verified and should be considered “active.”
With all the steps completed, the user now has the new device associated to their account. This new device is usable by the user to respond to Trusonafication requests by the Relying Party.
3. An existing user updating to a Trusona enabled version of your app
An existing user updates your app on their device, and launches it.
- The Trusona Mobile SDK registers the device with the Trusona API.
- The Relying Party App sends the Relying Party Server the device identifier so it can be bound to the existing user’s user identifier.
- The Relying Party Server, using the Trusona Server SDK, creates a additional device+user binding in the Trusona API by sending the user identifier along with the device identifier obtained in step 2.
- The Trusona API responds to the device+user binding request with an activation code that the Relying Party will use to notify the Trusona API when the Account Verification step is complete.
- The Relying Party completes the Account Verification process. This will likely include an email verification process.
- The Trusona Server SDK notifies the Trusona API that the device+user binding has been verified and should be considered “active.”
With all the steps completed, the user now has the new device associated to their account. This new device is usable by the user to respond to Trusonafication requests by the Relying Party.
4. Upgrading your registered users to Trusona Executive
Using the Trusona Mobile SDK, the Relying Party App can scan the user’s driver’s license and have it registered with Trusona as an identity document. The Relying Party can request an Executive level Trusonafication for users that have a registered driver’s license, which will require the user to present their driver’s license at the time of Trusonafication.
- The Relying Party App, using the Trusona Mobile SDK, scans the barcode on the back of the user’s driver’s license. This returns the parsed fields from the driver’s license information.
- The Relying Party App, using the Trusona Mobile SDK, registers a driver’s license payload with the Trusona API. The driver’s license payload includes a hashed version of the raw driver’s license barcode data and the parsed fields. The Trusona API does not persist the parsed fields, and only uses them to perform verifications with third-party verification services, such as AAMVA or LexisNexis, if the Relying Party is configured for this verification. Once the verification is done, the data is not kept. Trusona only persists the hash of the data for the purposes of checking for a match with a scanned driver’s license during an Executive Trusonafication.
- If the Relying Party is configured to have a verification done, the Relying Party Server can use the Trusona Server SDK to check on the validity of a user’s registered driver’s license.
- The Trusona API will respond with the status of the verification.