Policy Matching

HYPR SDK for iOS

Policy Matching is the standard way to register and authenticate.

A policy represents a set of authenticators. Policy Matching is the process of registering and authenticating users with a policy. The policy is specified in the HYPR Control Center (CC) where a policy name maps to a set of authenticators.

Policies can be setup from within CC by following the Policy Management documentation.

Policy Matching from the Mobile Client

Registration with Policy Matching

class ViewController: UIViewController { 

  // Call this method to register 
  func register() {
    // TODO: Registration: Specify the FIDO username that you want to register with. If nil is provided then the SDK will generate the FIDO username
    // TODO: Specify the policy that you want to register with
    HYPRUserAgent.sharedInstance().registerUser(withName: nil, action: "<Your policy name goes here>", completion: { (error) in
      if (error != nil) {
        // Handle Error
      } else {
        // Handle Success
      }
    })
  }
}

Authentication with Policy Matching

class ViewController: UIViewController { 

  func authenticate(_ sender: UIButton) {
    // TODO: Authentication: Specify the username that you want to authenticate with. If nil is provided as the user account then the SDK will use the activeUserAccount
    // TODO: Specify the policy that you want to authenticate with
    HYPRUserAgent.sharedInstance().authenticateUser(nil, action: "<Your policy name goes here>", completion: { (error) in
      if(error != nil) {
        // Handle Error
      } else {
        // Handle Successful Authentication
      } 
		})
  }
}

Example

Registration and authentication are policy-based. Here we specify the authenticator sets to use during registration and authentication. Authentication might require one method - for example, only Fingerprint Authentication - or more than one (a.k.a. multimodal) authentication method – like requiring passing both Face + Palm biometrics challenges.

Choose an Action Code Name for your policy and add a Description if you want one. Then select all the viable authentication sets by which HYPR users can successfully authenticate. This example shows:

  • Touch + PIN
  • Face only
  • PIN only

Click Save when you have finished defining the Policy.

888

The policy name/Action Code Name is passed as a parameter to the method call.