Implementation Guide
This guide provides step-by-step instructions on implementing TrustFactor in your client application. Follow these steps to ensure a successful integration and deployment.
1. Communication with SecuritySide's Support Team
- Communicate the following information to SecuritySide's support team:
- Egress IPs: Provide the egress IPs of your application's backend and VPN for firewall exception creation on TrustFactor's infrastructure.
- Callback URLs: Share the callback URLs (registerCallbackURL, shareContractCallbackURL, removeDeviceCallbackURL, transactionDecisionCallbackURL) that will be used for communication between your application and TrustFactor.
- Public Key: Generate a cryptographic key-pair and share the public key with SecuritySide's support team for secure communication and authentication purposes.
2. Firewall Exception and Application Registration
- SecuritySide's support team will create firewall exceptions on TrustFactor's infrastructure for the provided egress IPs. This ensures smooth communication between your application and TrustFactor's services.
- The support team will also register your TrustFactor application on TrustFactor's backoffice. This step enables you to access and manage your application's settings and configurations.
3. Flow Implementation
- Implement the following flows within your client application:
- Enrollment Flow: Allow users to enroll with TrustFactor by integrating TrustFactor SDK and implementing the necessary API calls. Ensure proper handling of callbacks, including the registerCallbackURL.
- Transaction Creation Flow: Enable users to initiate transactions that require strong authentication. Implement the TrustFactor SDK and API calls for transaction creation. Handle callbacks, including the shareContractCallbackURL.
- Transaction Decision Flow: Provide users with a secure interface to review and decide on pending transactions. Implement the necessary TrustFactor SDK and API calls, including handling the transactionDecisionCallbackURL.
- Contract Removal Flow: Allow users to request the removal of contract associations in case of lost access to private keys. Implement the TrustFactor SDK and API calls, including handling the removeDeviceCallbackURL. Ensure the appropriate UI displays success or failure of the association removal.
4. Testing and Validation
- Thoroughly test and validate each implemented flow and the overall TrustFactor implementation. Ensure that all functionalities are working as expected and that the communication between your application and TrustFactor is seamless. Test various scenarios, including successful and unsuccessful enrollment, transaction creation, transaction decision, and contract removal.
5. Go Live
- Once you have successfully implemented, tested, and validated TrustFactor in your client application, it is time to go live. Coordinate with SecuritySide's support team to ensure a smooth transition to production. Monitor the system closely and address any issues promptly to ensure a seamless user experience.
Follow this implementation guide to integrate TrustFactor securely and effectively into your client application.
SecuritySide's support
Remember to maintain communication with SecuritySide's support team throughout the implementation process for assistance and guidance.
Good luck with your TrustFactor implementation!
Download documentation files
note
Ask the securityside team for the SDKs