The client is a pioneer in the Multi-Factor Authentication (MFA) and fraud prevention technology landscape. Their product line helps identify security challenges and deduce system vulnerabilities.
Although the entire set of solutions integrates seamlessly, forging a powerful and unified dialogue, the different parts have the ability to function independently. The client’s solutions are equally as powerful in their modular form as they are as an integrated software set.
Customers register for an account to request approval for API access. This approval is granted within a 24 hour period, along with a set of instructions on how to implement the MFA platform within a preexisting architecture.
When we connected with the client, they were looking for a development partner that could spearhead further development on their preexisting application and provide continuous, ongoing support for projects in the future.
The multi-factor authentication platform was fairly rudimentary when we took over the project. We needed to set up the application on our own development environment and digest the native architecture and application flow.
We coordinated our workflow with the previous development team who initiated the project, assimilating to code that was already finished. This allowed up to create a more holistic, unified application with all the functional requirements and modifications the client requested.
As a starting point, the Chetu team worked to set up a development environment of all the distributed applications to make them work in a synchronized way in sandbox mode. After all the applications were working cohesively, our team started working to integrate the modification requirements.
During the development process we leveraged the following technologies:
The whole application is distributed in four sub-applications to work in a synchronized way: Admin, API, Auth (Keylemon-Oasis), Auth, OAuth.
This is the administrator panel of the application for registered companies, as well as site administrators. Here, super-admin can view and manage all the registered companies, all the applications created, all available users, etc.
Also, all the login sessions, user details, and logs/ reports can be accessed and exported. It also consists of reference documentation for all the API end-points with request parameter guidelines and request/response formats.
This is the core of the application, collecting all the API services used throughout the process.
The customer’s website uses the API to initiate processes for any data retrieval, contacting the API within a certain time interval recursively to check for the authentication success and its location details to process/start the user login session.
The access to API end-point needs to have access-token generated with OAuth.
Auth (Keylemon - Oasis)
Auth application is the server that enables face authentication. The application uses Keylemon-Oasis for face authentication.
Its services are being used by the Android/IOS App to process authentication by user’s face. It has a MySQL database, Keylemon server in PHP, and an Oasis server that is compiled and based in C/C++.
OAuth application is the authentication layer requirement of the whole application architecture.
A request for basic authentication is made to OAuth server to generate the access token for further access to other application parts like all the APIs on the API server, which is open for public access to block spam requests.
The finished 4-layer application uses facial recognition technology to secure the exchange of information. By incorporating this element, our client’s customers evolve their fraud prevention in a way that effectively confronts the challenges of the digital age. With greater accessibility comes greater vulnerability, and by using a login feature as unique and personalized as facial features, we increase cyber security considerably.
All four layers of the MFA platform work together to form a more secure, more robust fraud prevention system for the client’s consumer base.
We will continue to work alongside the client, providing support for upcoming projects and implementing the technologies necessary to further the client’s vision.
Chetu Limited is a company registered in England and Wales with company number 11882245
Copyright © 2000- Chetu Inc. All Rights Reserved.