Privakey CX is a licensable software utility that allows services to deploy Privakey’s core authentication and authorization technology in their existing mobile applications.
By employing simple mobile libraries and a centralized Auth Service, Privakey adds user-friendly, highly secure transaction intent verification capabilities to any existing mobile application.
Privakey CX Components
Privakey’s architecture is comprised of Mobile Libraries (available for iOS and Android) and an Auth Service that interacts with services’ pre-existing processes (Challenge Origins).
Challenge Origins
Challenge Origins are the current processes and workflows of an application or service that would benefit from strong and definitive user authorizations. Any authorized, internet-connected service can behave as a Challenge Origin. Examples include user initiated logins, rules triggered fraud detection, or 3rd party queries from IVRs.
Auth Service
The Auth Service is a Node.js application that exposes an API. It is a RESTful service that acts as a central hub that can be called by any Challenge Origin to invoke user-specific messages. It also federates challenges to registered user devices and brokers the interaction between Privakey-enabled devices and the services that initiate challenges.
Mobile Libraries
Privakey’s Mobile Libraries are leveraged to develop apps or extend the capabilities of existing apps to enable Privakey Authentication and Authorization Challenges. Once employed, the libraries handle device registration, cryptographic key generation and secure storage, challenge receipt and handling, revocation, and suspension.
Privakey CX Challenge Flow
A request is sent from its origin to the Privakey CX Auth Service which federates notifications to the user’s device.