iOS FIDO PIN Authenticator

HYPR SDK for iOS: iOS Authenticators

πŸ“˜

The PIN Authenticator's PIN is not the same as the PIN on your lock screen.

HYPR SDK for iOS supports the Standard PIN with surrogate basic attestation:

Standard PIN AAID (Authenticator ID)0045#1001
PIN Length6
Number of Attempts For Authentication3

User Interface

PIN Enrollment Screen (PIN and Confirmation PIN Match)

1242

You will not be able to enroll if there is a mismatch between the PIN and confirmation PIN.

PIN Enrollment Screen (PIN and Confirmation PIN Mismatch)

1242

PIN Authentication Screen

1242

Setup

  1. Create a group to contain the frameworks; then place the HYPR Frameworks in the group.
413
  1. Embed and link the HYPR Frameworks. Ensure that you can see HYPR Frameworks in Linked and Embedded sections
1486
  1. Enable the authenticator in the code. Typically this is done during App startup; place it within application(_ application:, didFinishLaunchingWithOptions launchOptions:) method of your AppDelegate class. The code below shows how to enable the authenticator and create the first UserAgentProfile object with your Relying Party Server URL and Relying Party AppID.
import HyprCore
import HYPRPIN

@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {
	func application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplicationLaunchOptionsKey: Any]?) -> Bool {
  	// Enable authenticator
  	HYPRUAFClient.registerAuthenticatorModule(HYPRPINAsm.self)
  	// Create profile with your rpURL, appID
  	if HYPRUserAgent.sharedInstance().activeProfile() == nil {
  	let config = HYPRUserAgentProfileConfiguration(
    	rpAppId: "Relying Party App ID i.e: HYPRDefaultApplication",
      rpServerUrl: "Relying Party URL i.e.: https://9999-pov.hypr.com",
      deviceType: "WEB",
      rpSSLPinCredentials: nil,
      additionalData: nil)
  
  	let profile = HYPRUserAgentProfile(displayName: "Place a profile name name here: i.e. MyProfile",
    	configuration: config,
      persona: nil,
      userAccounts: nil)
      HYPRUserAgent.sharedInstance().registerProfile(profile!)
    }
    return true
  }
}

UI Customization

To customize elements displayed by the HYPR SDK, use HYPRPINAuthenticatorViewConfiguration sharedInstance to set your values for the corresponding properties.

The HYPRPINAuthenticatorViewConfiguration sharedInstance provides the following properties to style UI/UX elements:

ElementDescription
topBackgroundColorThe background color displayed at the top of the screen;
if the background color at the bottom is different then it will create a color gradient.
bottomBackgroundColorThe background color displayed at the bottom of the screen; if the background color at the top is different then it will create a color gradient.
enrollmentTitleTextText displayed at the top of the screen during enrollment.
verificationTitleTextText displayed at the top of the screen during verification.
titleColorTitle text color for enrollment and verification.
enrollmentTopInstructionsTextText displayed under the first row of PIN text fields
enrollmentBottomInstructionsTextText displayed under the second row of PIN text fields.
buttonColorThe color of the button.
confirmButtonTextConfirmation text displayed within the button.
titleTextFontPIN authenticator enrollment title text font.
instructionsTextFontPIN authenticator instructions text font.
instructionsTextColorPIN authenticator instructions text color.
buttonTextFontPIN authenticator button text font.
pinInputColorPIN authenticator input field and underline color.
keyAutoOpenDelayTime in milliseconds before the keyboard is automatically opened. Default is 250. If set to -1, the keyboard will not automatically open.

Here you can set background colors, button colors and labels, title colors, instruction text, and keyboard auto-open delay.

import HyprCore
import HYPRPIN

func setPINUICustomization() {
    let pinConfig = HYPRPINAuthenticatorViewConfiguration.sharedInstance()
    pinConfig.topBackgroundColor = UIColor.lightGrayColor;
    pinConfig.bottomBackgroundColor = UIColor.lightGrayColor;
    pinConfig.enrollmentTitleText = @"Enrollment title goes here";
    pinConfig.verificationTitleText = @"Verification title goes here";
    pinConfig.enrollmentTopInstructionsText = @"Top instructions goes here";
    pinConfig.enrollmentBottomInstructionsText = @"Bottom instructions goes here";
    pinConfig.buttonColor = UIColor.yellowColor;
    pinConfig.confirmButtonText = @"OK";
    pinConfig.titleColor = UIColor.redColor;
    pinConfig.keyboardAutoOpenDelay = 500;
}

PIN Authenticator Customization

The PIN Authenticator provides the ability to reject certain PINs entered by users during the enrollment phase. This is achieved by providing the HYPR PIN Authenticator an NSRegularExpression object.

If any of the entered PINs match this regular expression, an AlertController will appear notifying the user that the PIN is invalid. Provided below are the implementation steps.

🚧

Recommended

Set these values before enrolling.

  1. Create the regular expression. In this example, we will reject 111111:
// For Non-ADP use case
HYPRPINAuthenticator.setInvalidPINRegEx(try! NSRegularExpression(pattern: "\\b111111\\b", options: .caseInsensitive))

// For ADP use case
HYPRPINAuthenticatorFBA.setInvalidPINRegEx(try! NSRegularExpression(pattern: "\\b111111\\b", options: .caseInsensitive))
  1. If you do not want the default message to display, specify the title and message in the AlertController. Here is the default message:
1242

Example

HYPRPINAuthenticator.setInvalidPINAlertTitle("This is where you place the title")
HYPRPINAuthenticator.setInvalidPINAlertMessage("This is where you place the message")