Bank of DigitalPersona for DigitalPersona Access Management API

Overview

As a part of DPAM, the Bank of DigitalPersona sample application shows typical usage scenarios of the DigitalPersona Access Management API, such as:

• Creating and deleting user accounts.
• Enrolling and modifying user credentials, such as passwords, fingerprints, cards, facial, FIDO (U2F) tokens, One-Time Passwords and PINs.
• Multi-factor authentication (MFA) with enrolled credentials, driven by logon policies configured on the server.

This sample application uses a NodeJS backend and and AngularJS frontend, but DPAM APIs are vanilla Typescript/Javascript libraries and will work with any JS framework.

Instructions

• Prerequisites
• Build the server
• Configure the server
• Run the server

License

The “Bank of DigitalPersona” sample application is licensed under the MIT license.

Copyright (c) 2019 HID Global, Inc.

Known issues and limitations

• The sample does not auto-refresh an authenticated user’s token. Some operations require a fresh token, and they will start returning “Token possibly expired” error about 10 minutes after sign in. Users must refresh their tokens by signing out and then signign back in.

• Microsoft Edge 40 (EdgeHTML 15.15063) has an issue with CORS (Cross-Origin Request Security) in XHR/Fetch requests, causing a “Fetch failed” or “Network request failed” error. See more details here.

• IE11 requires following polyfills:

  • fetch
  • Object.assign
  • String.prototype.endsWith
  • Array.prototype.findIndex
  • Array.prototype.includes
  • Symbol
  • TextEncoder/TextDecoder

One of possible methods is to add a following script to your page:

<script src="https://polyfill.io/v3/polyfill.min.js?features=Symbol%2Cfetch%2CString.prototype.endsWith%2CObject.assign%2CArray.prototype.findIndex%2CArray.prototype.includes"></script>

Also see index.html for the TextEncoder polyfill.

• IE11 does not support WebRTC, so face recogintion in IE11 requires a polyfill for the getUserMedia API which uses Adobe Flash as a fallback.

• IE11 does not support U2F.

Acknowledgements

The Bank of DigitalPersona sample application uses the following third-party libraries:

Business logic:

• Client-side facial recognition: face-api.js by Vincent Mühler
• QR Code generator for OTP: qrcode-generator by Kazuhiko Arase

Server infrastructure:

• Web server: NodeJS by Joyent
• A fetch shim for NodeJS: node-fetch by David Frank
• A base64 encoding for NodeJS: base-64 by Mathias Bynens
• Windows Certificate Store access for NodeJS: win-ca by Stas Ukolov

Frontend infrastructure:

• Web UI framework: AngularJS 1.7 by Google
• Localization framework: angular-translate by Pascal Precht
• Styles: Bootstrap 3.3 by Twitter
• UI Components: angular-ui-bootstrap by AngularUI Team

Development tools

• Main language: Typescript by Microsoft
• Javascript bundling: Webpack by Tobias Koppers, JS Foundation and other contributors