Message-based transaction data signing via virtual signature

Message-based transaction data signing - overview

Sequence of a message-based transaction data signing operation via virtual signature

1. The user initiates the operation from their browser. They enter their credentials which triggers the client application to initiate the signature generation request to the OneSpan Trusted Identity platform API with a call to the POST /users/{userID@domain}/generate-virtual-signature endpoint.
2. The Authentication component verifies the user credentials.
3. The Authentication component generates the signature and contacts the Message Delivery component.
4. The Message Delivery component forwards the message, which consists of an OTP and signature data fields, via the specified delivery method (SMS/ email/ voice call) to the mobile device of the user.
5. The user verifies the signature data fields and enters the one-time password (OTP) into their client application.
6. The client application sends the transaction validation request to the OneSpan Trusted Identity platform API with a call to the POST /users​/{userID@domain}​/transactions​/validate endpoint. The request contains the OTP and the signature data fields.
7. The Authentication component validates the signature and confirms the transaction.

To integrate message-based transaction data signing via virtual signature

1. Issue a generate virtual signature request with a call to the POST /users/{userID@domain}/generate-virtual-signature endpoint and provide the following information:

   • Payload:
     • dataFields
     • credentials
     • deliveryMethod

2. Issue a transaction validation request with a call to the POST /users​/{userID@domain}​/transactions​/validate endpoint and provide the following information:

   • Payload:
     • objectType: “TransactionValidationInput”
     • data.standard
       • dataFields
       • signature