Environment set up

Embedder portal

When you register for an account with Weavr, you are provided with access to the sandbox Embedder Portal that contains details you need to start building your app. The sandbox is a testing environment where all accounts, cards, and money are artificial. In the portal, you can find your API keys and UI keys to start interacting with the APIs and SDKs.

tip

The API key and profile IDs are valid only for the sandbox environment. You are provided with a different set for your live environment.

1. Obtain your UI key

Before you can use Weavr iOS SDK in your mobile app you must acquire a UI Key from the Embedder Portal.

1. Go to Weavr Embedder Portal.
2. Create a Developer Account or login
   • If creating an account, follow the options to create an app by choosing one of the Financial Plug-Ins
3. To retrieve the UI Key, navigate to API Credentials -> UI Key -> Show API Key

2. Weavr Authentication configuration for biometrics

Biometric Authentication within the SDK requires that the Weavr Authentication method is set to Passcode. This is because the passcode is used as a fallback mechanism if biometric authentication cannot be completed (e.g. if a fingerprint is not recognized). From the perspective of SCA (Secure Customer Authentication), the passcode fulfils the “knowledge” (something you know) factor.

In the "Settings" tab, select Authentication Configs -> Weavr Authentication -> Authentication Constraints -> Passcode

info

Weavr can configure the passcode length for you, between 4 and 8 digits, but the initial setting is 4.

3. Enable biometric authentication

In the same "Authentication Configs" tab, enable biometrics by selecting Biometric -> Enable Biometric

4. Provide your Firebase json file

Biometric Authentication makes use of two services powered via Firebase.

1. Push notification service, ensuring reliable and secure communication.
2. Play Integrity API, a mandatory requirement by Google that provides app security and defence against abuse.

In order to enable this push service, you need to provide your Firebase Service Account Key.

Steps to configure Firebase push notifications

1. Set up a Firebase project
   • Visit the Firebase Console
   • Sign in with your Google Account and create a new Firebase project or select an existing project if you have one.
2. Add your app to Firebase
   • Click on "Add App" in your Firebase project.
   • Choose the appropriate platform (Android or iOS) and follow the configuration steps:
     • For Android, register your app with your package name.
     • For iOS, use your iOS bundle identifier.
3. Configure Firebase Cloud Messaging (FCM)
   • Go to the Firebase Console and select Cloud Messaging from the left-hand menu.
   • Follow the instructions to set up FCM, ensuring that push notifications are correctly configured.
4. Setup firebase in your app (following Firebase's documentation)
5. Provide Your Firebase JSON Data
   • The google-services.json file contains essential credentials and configuration data for your Firebase project.
   • Ensure this file is included in your project to enable Firebase features like push notifications and FCM.

info

FCM v1 API. This API version offers better security and more advanced features compared to the legacy API. Implementing OAuth 2.0 with the v1 API is the modern and secure approach for FCM communications.

Refer to the official Firebase Cloud Messaging documentation for up-to-date information and best practices.

Steps to enable the Play Integrity API in Google Cloud Platform

1. Access the GCP Console
2. Select Your Project
   • Use the project selector dropdown at the top to choose your GCP project for the Play Integrity API.
   • If you don’t have a project, click New Project to create one.
3. Navigate to APIs & Services
   • In the left navigation menu, click APIs & Services and then Enabled APIs & services.
4. Enable the Play Integrity API
   • Click the + ENABLE APIS AND SERVICES button at the top of the page.
   • Search for "Play Integrity API" and select it from the results.
   • Click ENABLE to activate it.

info

• Billing: Ensure billing is enabled for your project, as the Play Integrity API may incur usage costs.
• Quotas: Familiarize yourself with API usage quotas and limits. You can view and manage these in the Google Cloud Platform Console.
• API Key: You may need an API key for backend access to the Play Integrity API. Create and manage API keys in the Google Cloud Platform Console

Refer to the official Play Integrity API documentation for up-to-date information and best practices.

5. UI customisation

You can choose your own brand theme for payments and 3DS transactions screens by choosing the font and colors in line with your app’s branding.

6. Enable Biometrics for user actions

Biometric Authentication can be used for various user actions:

1. Step-up : A single action of verifying biometry via an enrolled device serves as two independent factors of verification; something you are (biometry) and something you have (enrolled device)
2. Payment verification : Transaction confirmation under PSD2 involves verifying the identity of the customer in relation to a particular transaction.
3. 3DS : Multi factor authentication for online credit and debit card transactions

In the "Settings" tab go to Identities -> Corporate -> Authentication and set "Biometric" as an Authentication method for the user actions you wish to use it for.