CA Strong Authentication SDK for iOS

CA Strong Authentication was formerly known as "Mobile Push Notification Authentication" and "Mobile 3D Secure." You might come across traces of these former names in some SDK code artifacts.
In the context of this CA solution, the term "accounts" covers both payment card accounts and bank accounts.
The following topics provide information about integrating the CA Strong Authentication SDK for iOS with an app:

Supported Platforms

The CA Strong Authentication SDK supports iOS version 9 and later versions. The SDK is certified and released for Objective-C.

Prerequisites for Integrating the SDK

Before you start integrating the iOS SDK with the business app, ensure that the following prerequisites are addressed:
  • Ensure that you have the Xcode IDE installed.
  • On the computer where you plan to perform the integration procedure, copy the SDK package ZIP file to a temporary directory. From that ZIP file, extract the following files from the iOS directory:
File
Description
Files in the include directory
Header (.h) files that must be referenced in the project code.
CA-Strong-Authentication-iOS-Mobile-SDK-1.3.3.a
Code implementation of the SDK.
ArcotOTP.db
Database file that is internally used by the ArcotOTP library compiled with the SDK.
mobile3ds.sqlite
Database file that is internally used by the SDK.
CA-Strong-Authentication-iOS-Mobile-Reference-App-1.3.3.ipa
Sample app file that you can use for reference purposes while integrating the SDK.
MD5.txt
Verify the MD5s given in this file with the MD5s that you calculate for the other files.

Adding the SDK Library Files in the XCode Project of the Business App

This section describes the procedure to integrate the iOS SDK with the business app.
Follow these steps:
  1. Open the XCode project of the app.
  2. Right-click the app project, and then select
    Add files to
    <mobile-banking-app-project-name>
    .
  3. In the Add files dialog, navigate to the
    CA-Strong-Authentication-iOS-Mobile-SDK-1.3.3.a
    directory.
  4. Select the
    Copy items if needed
    check box, and then click
    Add.
  5. Repeat steps 3 and 4 to add
    libsqlite3.dylib
    in the app project.
  6. If the server does not have valid certificates, then an exception is thrown at run time. For testing purposes on the local server, include NSURLRequest+IgnoreSSL.h and NSURLRequest+IgnoreSSL.m to bypass this requirement for certificates.
    After you test and confirm that the SDK is working as expected, remove NSURLRequest+IgnoreSSL.h and NSURLRequest+IgnoreSSL.m. In addition, ensure that the server has valid certificates. See #ca-strong-authentication-sdk-for-ios_113_title_Disabling_SSL_for_Testing_Purpose for the sample files.
  7. Include the .h files in the code of the app.
  8. Link the CA-Strong-Authentication-iOS-Mobile-SDK-1.3.3.a file as a library in the Xcode project of the app.
  9. Link the libsqlite3.tbd file as a library in the Xcode project of the app.

Importing SDK Files to the SWIFT Project in Xcode

Follow these steps:
  1. Open the XCode project of the app.
  2. Drag and drop the header files and
    CA-Strong-Authentication-iOS-Mobile-SDK-1.3.3.a
    .
  3. Select the
    Copy items if needed
    check box, and then click
    Finish.
    • media/image106.so
  4. The files must now be added to the project.
    • media/image107.so
  5. Create bridging header.
    1. Add a new file to XCode, then select
      Source
      and click
      Header File
      .
    2. Name the file
      YourProjectName-Bridging-Header.h
      . For example, StrongAuthTest-Bridging-Header.h.
      • media/image108.so
    3. Navigate to your project build settings and locate the
      Swift Compiler - Code Generation
      section.
    4. Set
      Objective-C Bridging Header
      to the name of your header file. If your file resides in your project’s root folder, then put only the name of the header file there. For example, “
      ProjectName/ProjectName-Bridging-Header.h
      ” or simply “
      ProjectName-Bridging-Header.h
      ”.
    • media/image109.so
  6. To modify bridging header, add the necessary header files in the ProjectName-Bridging-Header.h file.
  • media/image106.so
The following sample code creates an object for the class
AuthenticationHandler
and calls the method
getSDKVersion()
defined in it, which returns the current SDK version value.
import UIKit class ViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() // Do any additional setup after loading the view. let authHandler = AuthenticationHandler() print(authHandler.getSDKVersion() ?? "") } }

Enabling the App to Receive Notifications from Firebase Cloud Messaging (FCM)

Enable the app to receive notifications from the FCM service.
Depending on whether FCM is already enabled for the app, perform one of the following procedures:
  • If FCM is already enabled for the app, then:
    1. Forward the FCM Server Key to the CA Technologies administrator who configures CA Strong Authentication. This key was generated when the FCM project was created in the Firebase Console.
    1. To enable push notification through FCM, add the following code to share the FCM registration token with the SDK.
    NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; [defaults setObject:fcmRegistrationToken forKey:@"token"]; [defaults synchronize];
    The preceding code snippet sets the
    token
    key. For all future communication, the SDK and app exchange the FCM token by using the
    token
    key. Therefore, ensure that the stored token is not modified or deleted during the lifetime of the app.
    • The SDK requires the
      token
      key to be set before creating the authentication handler object (as shown in the following code line):
    • AuthenticationHandler *authHandlerObj=[[AuthenticationHandler alloc] init];
  • If FCM is not enabled for the app, then:
To start creating your FCM project, log in to https://console.firebase.google.com. After you create a project in the Firebase Console using the Cloud Messaging feature, an FCM Server Key is generated for the app.
  1. Integrate the app with the FCM service. For information, see the Firebase Cloud Messaging section on https://firebase.google.com/docs/cloud-messaging/ios/client.
  2. Forward the FCM Server Key to the CA Technologies administrator who configures CA Strong Authentication.
  3. To enable push notification through FCM, add the following code to share the FCM registration token with the SDK.
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; [defaults setObject:fcmRegistrationToken forKey:@"token"]; [defaults synchronize];
The preceding code snippet sets the
token
key. For all future communication, the SDK and app exchange the FCM token by using the
token
key. Therefore, ensure that the stored token is not modified or deleted during the lifetime of the app.
  • The SDK requires the
    token
    key to be set before creating the authentication handler object (as shown in the following code line):
  • AuthenticationHandler *authHandlerObj=[[AuthenticationHandler alloc] init];

Adding Code to Assign a Value to the DEVICE\_NICK\_NAME Key

Add code to assign values to the DEVICE_NICK_NAME key. The app and SDK share the device nickname by using the DEVICE_NICK_NAME key.
Follow these steps:
  1. Add code to prompt the user to submit a device nickname.
  2. Add code to store the nickname submitted by the user as the value of the DEVICE_NICK_NAME****key.
  • The following is sample code:
NSString* deviceNickName = [deviceNicknameText text]; NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults]; // Store Device Nick Name[defaults setObject:deviceNickName forKey:@"DEVICE_NICK_NAME"]; [defaults synchronize];
For all future communication, the SDK and app exchange the device nickname by using the
DEVICE_NICK_NAME
key. Therefore, ensure that the stored device nickname is not modified or deleted during the lifetime of the app.
The SDK requires the
DEVICE_NICK_NAME
key to be set before creating the authentication handler object (as shown in the following code line):
AuthenticationHandler *authHandlerObj=[[AuthenticationHandler alloc] init];

Enabling Debug Logs

You can enable debug logs while integrating the SDK with the enterprise app. Debug log lines provide additional information about the working of the SDK. While writing code that handles errors, you can use the debug log lines to get a better understanding of the context in which an error is returned.
Enabling debug logs is a one-time activity.
Enable the debug logs only for the SDK integration exercise. Disable the debug logs after the SDK-integrated app is ready to be rolled out.
Follow these steps:
  1. Add the following import statement in the first class that is loaded when the application is started. For example, in AppDelegate.m.
    #import "Logger.h"
  2. In the didFinishLaunchingWithOptions() method of AppDelegate.m, you can include the line to enable logging:
    [Logger setIsDebug:YES];
  3. At any point of time, if you want to disable debug logs, then set the value of
    setIsDebug
    to
    NO
    as follows:
[Logger setIsDebug:NO];

Disabling SSL for Testing Purpose

To disable SSL for testing purposes, you can edit the NSURLRequest+IgnoreSSL.h and NSURLRequest+IgnoreSSL.m files as shown in the following sample code:

NSURLRequest+IgnoreSSL.h File

#import <Foundation/Foundation.h> @interface NSURLRequest (IgnoreSSL) + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host; @end

NSURLRequest+IgnoreSSL.m File

#import "NSURLRequest+IgnoreSSL.h" @implementation NSURLRequest (IgnoreSSL) + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host { // ignore certificate errors only for this domain return YES; } @end