Checking FIDO Compatibility
To use Cardinal Commerce FIDO, the user must meet two basic requirements:
The user's device must have platform authenticators such as FaceID or TouchID. Current Cardinal FIDO solutions do not provide support to roaming authenticators such as YubiKey.
The browser in use must be FIDO compatible. Browser compatibility has two parts:
It must be able to compile the FIDO SDK
It must support the necessary APIs for FIDO
Table of Contents |
---|
Setup Function and Object
The setup
function is a utility function used to begin a FIDO transaction. It should be the first thing run using the Cardinal FIDO SDK.
The setup
function will return back a Promise object that can be resolved, in the case of successful processing, or rejected if an error occurs. When the Promise is resolved, a setup
object will be returned that will indicate if the browser supports FIDO capabilities. If it does, then a payload field will be provided to pass on the next step of a FIDO transaction. When a device is detected as not FIDO enabled, no payload will be provided.
Setup Function
The setup call takes a single argument, CardType
.
Value | Type | Required | Description |
---|---|---|---|
CardType | String | Y | The card type of the account number that will be used during FIDO authentication. Possible values are the same as the `cmpi_lookup` CardType found below. Failure to include this field will result in all browser being detected as incompatible. |
Setup Function Sample
Promise<Setup_Object> = CardinalFido.setup({ CardType: "" })
The values in CardType
are taken from the same list as CardType
in the cmpi_lookup:
VSA - Visa
MSC - Mastercard
AMX - American Express
DSC - Discover
JCB - JCB
CB - Cartes Bancaires
ELO - ELO
UPI - UnionPay International
ITMX - Interbank Transaction Management and Exchange
EFTPOS - eftpos Australia
Setup Object
A successfully resolved Setup object has two fields:
Key | Type | Required | Description |
---|---|---|---|
isDeviceCompatible | Boolean | Y | Indicates whether the browser supports FIDO features |
fidoSetupPayload | String | N | A Base64-encoded payload to pass on the Data Exchange API that is required for a FIDO transaction. This field will only be passed back if the device is detected as FIDO compatible. |
Setup Object Sample
Success:
{
"isDeviceCompatible": true,
"fidoSetupPayload": "Setup_Payload_Here"
}
Failure:
{
"isDeviceCompatible": false
}
Browser Support
There are two primary types of browser support to consider when using FIDO:
Will the FIDO SDK compile on the browser?
Does the browser support the APIs necessary for FIDO?
Both of these conditions need to be met to use FIDO in a transaction. We’ll discuss each of these below in more detail.
SDK Compile Support
We build and test our SDK to work with a wide range of browsers. You can find this complete list of browsers in the browserlist
section of the package.json
file. Using the command npx browserlist
will generate the list of browsers compatible with your version of the SDK.
FIDO API Support
The user’s browser will also need to be compatible with the FIDO API. The API has two core components explained in the table below:
API Name | Description | Browser Support Information |
---|---|---|
WebAuthN | This is the core API of FIDO. While the Cardinal FIDO SDK doesn’t use WebAuthN directly, it is used at our downstream providers. | External Link: CanIUse: WebAuthN |
isUserVerifyingPlatformAuthenticatorAvailable | This API is used directly by the Cardinal FIDO SDK and as such is a hard requirement for browser API support. | External Link: CanIUse: isUserVerifyingPlatformAuthenticatorAvailable |