This document identifies the login and related features of PASSIKEY, and guides you through pre-development preparations.
PASSIKEY Login API is a service that enables other service applications (apps) to use PASSIKEY's user authentication function.
PASSIKEY issues user ID for each app and Super-passcode for users, thus helping users with PASSIKEY Login API to use service app authentication safely and conveniently.
A brief description of the process of logging in to the PASSIKEY is shown below.
The user clicks the Log In As PASSIKEY button in the service app (or web browser).
- Web browser: The QR screen provided by PASSIKEY appears and the user takes a QR with the PASSIKEY app.
- In App Browser: PASSIKEY app will be launched automatically.
- If the service is judged to be a service that is not connected to PASSIKEY Login when requesting a login, PASSIKEY Login will take priority.
- Obtain consent from the user to utilize user information and functionality through the PASSIKEY login connection consent screen.
Require user authentication if the user agrees to the required items.
- Enter 4-digits password
- Once the PASSIKEY login connection is completed, an authentication success token is issued to the service app, and the service server requests an access token and receives user information to complete the login processing.
After the user has completed the PASSIKEY login connection with the service, the user will be required to authenticate the login request when clicking the [PASSIKEY Login] button.After the user has completed the PASSIKEY login connection with the service, the user will be required to authenticate the login request when clicking the [PASSIKEY Login] button.
- Enter a 4-digit password or Biometric authentication
PASSIKEY Authentication Process
PASSIKEY Authentication System
The 4-digit password that users remember is altered into different and complex passwords for every different purposed through PASSIKEY algorithm.
By doing so, users and service apps will be provided with an online environment that is safe from various keyboard hacking, and from phishing and pharming.