FastTap MFA

Overview

This guide will show you how to use the AXN Verify API to verify an individual by FastTap MFA.

๐Ÿ“˜

Prerequisites

  • Deploy the "FastTap MFA" service by following the directions
  • Obtain the access keys for your new service.
  • Download and use the FastTap MFA Postman Project to try it out

Deploying FastTap MFA

In IDDataWeb Admin > Verification Services, click Add Verification Service, then select
FastTap MFA.

You'll be prompted to review and edit the service. Once finished, click Save and Close, then exit the service to Deploy.

Video Walkthrough


To run FastTap MFA, what you'll do:

  • Collect the Personal Mobile Phone number of the end user.
  • Send FastTap MFA link.
  • Verify FastTap MFA session ID.

1. Get Access Token

(POST) https://api.preprod.iddataweb.com/v1/token

API Reference: https://docs.iddataweb.com/reference/auth

This access token is used to authenticate your requests. Place this token in the header of each subsequent request. See the postman project above for examples.

Locate your workflow's access keys


Then, to request an access token:


var axios = require('axios')

var user = 'Your Service API Key';
var password = 'Your Service Shared Secret';

var base64encodedData = Buffer.from(user + ':' + password).toString('base64');

var request = async () => {
  var response = await axios({
    url: 'https://api.preprod.iddataweb.com/v1/token',
    method: 'post',
    params: {
      grant_type: 'client_credentials'
    },
    headers: {
      'Content-Type': 'application/json',
      'Cache-Control': 'no-cache',
      Authorization: 'Basic ' + base64encodedData
    }
  })
  console.log(response.data)
}
request();

Response


{
    "errorCode": "",
    "errorDescription": "",
    "access_token": "TjZK7NSjw45AxGK9UhOE9uJDaZT23gKYuUC-9GMTAgLU", // your access token
    "expires_in": "1800",
    "token_type": "Bearer"
}

2. Send FastTap Link

(GET) https://api.preprod.iddataweb.com/v1/doccapture/sendlink

API Reference: https://api.preprod.iddataweb.com/v1/doccapture/sendlink

Once you've received an access token, you can request a FastTap MFA link by specifying the Dial code and Phone number to send to, and authenticating the request using the Bearer token obtained from the previous step.


Request


var axios = require("axios");
var token = "YOUR_BEARER_TOKEN"; // -- obtained from step 1 --

var params = {
  dialCode: "1",
  telephone: "1234567890",
  apikey: "YOUR_FASTTAP_MFA_API_KEY",
  credential: "USERNAME",
  appID: "YOUR_APPLICATION_NAME",
};

var request = async () => {
  var response = await axios({
    url: "https://api.preprod.iddataweb.com/v1/doccapture/sendlink",
    method: 'get',
    params: params,
    headers: {
      "Content-Type": "application/json",
      "Cache-Control": "no-cache",
      Authorization: "Bearer " + token,
    },
  });
  console.log(response.data);
};
request();

Response


{
  responseCode: '200',
  errorDescription: null,
  asi: 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx',
  status: 'SUCCESS'
}

3. Get FastTap Status

(Get) https://api.preprod.iddataweb.com/v1/doccapture/results

API Reference: https://api.preprod.iddataweb.com/v1/doccapture/results

Confirm the user's completion of FastTap.

๐Ÿ‘

Periodically, resend /doccapture/results to confirm the status of the FastTap link. We advise this be done every 3-5 seconds.


Request


var axios = require("axios");
var token = "YOUR_BEARER_TOKEN"; // -- obtained from step 1 --

var params = {
  asi: "YOUR_SESSION_ID" // -- obtained from step 2 --
};

var request = async () => {
  var response = await axios({
    url: "https://api.preprod.iddataweb.com/v1/doccapture/results",
    method: 'get',
    params: params,
    headers: {
      "Content-Type": "application/json",
      "Cache-Control": "no-cache",
      Authorization: "Bearer " + token,
    },
  });
  console.log(response.data);
};
request();

Response


{
    "responseCode": null,
    "errorDescription": "Status is not yet complete.",
     asi: 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx',
    "status": "pending",
    "urls": {}
}

// OR

{
    "responseCode": "200",
    "errorDescription": "",
     asi: 'xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx',
    "status": "success",
    "urls": {}
}

4. Verify FastTap

(POST) https://api.preprod.iddataweb.com/v1/slverify

API Reference: https://api.preprod.iddataweb.com/v1/slverify

Lastly, confirm the user's session (asi) and Phone number used to complete verification.


Request


var axios = require("axios");
var token = "YOUR_BEARER_TOKEN"; // -- obtained from step 1 --

var data = {
	"asi": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx", // -- obtained from step 1.1 --
    "apikey": "YOUR_FASTTAP_MFA_API_KEY", // -- obtained from step 2 --
    "credential": "USERNAME",
    "appID":"YOUR_APPLICATION_NAME",
    "userAttributes": [
        {
            "attributeType": "InternationalTelephone",
            "values": {
                "dialCode": "your-dial-code",
                "telephone": "your-phone-number"
            }
        },
        {
            "attributeType": "PINDeliveryPreference",
            "values": {
                "pindeliverypreference": "SMS" // accepted values: "voice", "SMS"
            }
        }
]
}



var request = async () => {
  var response = await axios({
    url: "https://api.preprod.iddataweb.com/v1/slverify",
    method: 'post',
    data: data,
    headers: {
      "Content-Type": "application/json",
      "Cache-Control": "no-cache",
      Authorization: "Bearer " + token,
    },
  });
  console.log(response.data);
};
request();

Response


{
    "errorCode": "",
    "errorDescription": "",
    "transaction_id": "xxxx-xx-xxxx-xx-xxxxx",
    "userAttributes": [
        {
            "attributeType": "InternationalTelephone",
            "dateCreated": "07/07/2023 18:23:51",
            "values": {
                "dialCode": "",
                "telephone": ""
            }
        }
    ],
    "acquiredAttributes": [
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "FuzzyDeviceID",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "fuzzyDeviceID": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TMXScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "tmxScore": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "DigitalIDConfidence",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "digitalIDConfidence": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPGeoCountry",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPGeoCountry": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BiometricFraudScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "biometricFraudScore": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIP",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIP": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "OperatingSystemAnomaly",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "operatingSystemAnomaly": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "ScreenResolution",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "screenResolution": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BiometricBotScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "biometricBotScore": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "SmartIDBrowserstringPersonaAgeMonths",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "smartIDBrowserStringPersonaAge": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "HTMLLocationAccuracy",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "htmlLocationAccuracy": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPConnectionType",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPConnectionType": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "DigitalID",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "digitalID": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BiometricAnomalyScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "biometricAnomalyScore": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "HoneypotFingerprintMatch",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "honeypotFingerprintMatch": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "ExactIDIPPersonaAgeMonths",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "exactIDIPPersonaAge": "0"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPCity",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPCity": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPLineSpeed",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPLineSpeed": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "OperatingSystem",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "operatingSystem": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "SocialEngineeringScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "socialEngineeringScore": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "HTMLLocationLongitude",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "htmlLocationLongitude": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BiometricAssessmentScore",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "biometricAssessmentScore": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BrowserSpoofReason",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "browserSpoofReason": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "HTMLLocationLatitude",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "htmlLocationLatitude": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPLongitude",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPLongitude": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "OperatingSystemVersion",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "operatingSystemVersion": ""
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "BiometricReasonCode",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "biometricReasonCode": "Not Found"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "NEATPersonaAgeMonths",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "NEATPersonaAge": "0"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "FuzzyDeviceIDConfidence",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "fuzzyDeviceIDConfidence": "100"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "Platform",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "platform": "browser_mobile"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "attributeType": "TrueIPLatitude",
            "dateCreated": "07/07/2023 18:23:53",
            "values": {
                "trueIPLatitude": ""
            }
        }
    ],
    "userAssertionList": [
        {
            "provider": "Telesign",
            "serviceOffering": "Telesign Phone Contact API",
            "dateAsserted": "07/07/2023 18:23:52",
            "assertions": {
                "test.phone_landline_mobile_personal": "unverified",
                "link.lastName_phone": "unverified",
                "link.fullName_phone": "unverified"
            }
        },
        {
            "provider": "Threatmetrix",
            "serviceOffering": "Threatmetrix Session Query Low Location Accuracy",
            "dateAsserted": "07/07/2023 18:23:53",
            "assertions": {
                "blacklist.device": "pass",
                "blacklist.ofacIP": "pass",
                "test.gte3Credential1d": "pass",
                "detect.browserAnomaly": "pass",
                "test.gte5Credential1d": "pass",
                "test.lte3ProxyToday": "pass",
                "test.trustedDevice6mo": "fail",
                "test.trustedDevice": "fail",
                "test.lte3CredentialsDevice7d": "pass",
                "detect.possibleVPNOrTunnel": "pass",
                "test.gte5Device1d": "pass",
                "link.timeZone_TrueGeo": "pass",
                "test.gte5CredentialDevice1d": "pass",
                "test.credentialLTE500mi1hr": "pass",
                "test.trueIPLTE500miInputIP": "pass",
                "detect.vpn": "pass",
                "test.exactIDAgeGTE7d": "fail",
                "detect.proxyAnonymous": "pass",
                "test.apSessionIDNotReplay": "pass",
                "detect.jailbreak": "pass",
                "blacklist.ip": "pass",
                "test.expectedLanguage": "pass",
                "link.proxyOrg_TrueOrg": "pass",
                "detect.malware": "pass",
                "detect.torExitNode90d": "pass",
                "test.gte10Credential1d": "pass",
                "detect.mobileTethering": "pass",
                "test.trustedDevice28days": "fail",
                "blacklist.telephone": "pass",
                "test.gte20Credential1d": "pass",
                "detect.aggregator": "pass",
                "test.smartIDAgeGTE7d": "fail",
                "detect.proxyOpenTransparent": "pass",
                "detect.unusualActivity": "pass",
                "detect.proxyHidden": "pass",
                "test.credentialLTE50mi1hr": "pass",
                "link.proxyISP_TrueISP": "pass",
                "detect.tor": "pass",
                "detect.torNode": "pass",
                "test.telephoneAgeGTE30d": "pass",
                "detect.knownVPNISP": "pass",
                "link.proxyGeo_TrueGeo": "pass",
                "test.gte2Credential1d": "pass"
            }
        }
    ],
    "mbun": "xxxxx-xxxx-xxxx-xxxxx",
    "forwardApiKey": "",
    "policyObligation": false,
    "policyDecision": "approve" // expect "approve", "deny"
}

Result

If policyDecision = approve, the individual has been approved.

policyDecision is a standard output of /slverify, the endpoint used to verify user information. Additional information on the output of SLVerify can be found here.

For instructions on how to test this workflow (including real user data), please visit: Testing MobileMatch Only