Privakey CX is a licensable product that allows services to deploy Privakey’s core authentication and authorization technology in their existing mobile applications.
By employing simple platform libraries and a centralized Auth Service, existing end-user applications are transformed into user-friendly, omni-channel authenticators and process authorizers.
Privakey CX Components
Privakey’s architecture is comprised of Mobile Libraries (available for iOS and Android) and an Auth Service that interacts with services’ pre-existing processes (Challenge Origins).
Challenge Origins are the current processes and workflows of an application or service that would benefit from strong and definitive user authorizations. Any authorized, internet-connected service can behave as a Challenge Origin. Examples include user initiated logins, rules triggered fraud detection, or 3rd party queries from IVRs.
The Auth Service is a simple headless web app that exposes an API. It is a RESTful service that acts as a central hub that can be called by any Challenge Origin to invoke user-specific messages. It also federates challenges to registered user devices and brokers the interaction between Privakey-enabled devices and the services that initiate challenges.
Privakey’s Mobile Libraries are leveraged to develop apps or extend the capabilities of existing apps to enable Privakey Authentication and Authorization Challenges. Once employed, the libraries handle device registration, cryptographic key generation and secure storage, challenge receipt and handling, revocation, and suspension.
Privakey CX Challenge Flow
A request is sent from its origin to the Privakey CX Auth Service which federates notifications to the user’s device.