The AuthenticAction Data

In order to support authenticity verification of actions performed by a user, AuthenticAction SDK collects data on the client and makes it available for the AuthenticAction service for later verification. AuthenticAction service implements sophisticated proprietary algorithm to perform AuthenticAction validation with the help of the collected data. This section describes what data is being collected, how it's processed and stored.

Data Collection

The SDK collects the data throughout the session following session initialization, unless specified otherwise. Below is the specification of the data being collected.

Input Form fields

Register on HTML input element to be collected automatically. Alternatively specify the ids of input fields to be collected, for easier correlation of fields during validation.

Keystrokes Events

Describe a user interaction with the keyboard, each event describes a single interaction between the user and a key (or combination of a key with modifier keys) on the keyboard.

Screen capture

Screen captures are collected periodically throughout the session and can be used later for OCR and forensic evidence. A challenge QR-Code is embedded into the screen captures to protect their authenticity.

Camera

Camera stream is being captured and processed during the biometric session to validate authenticity of the person performing the action. AuthenticAction uses biometric face detection to verify matching to the template collected during the enrollment phase as well as performs liveness validation to prevent spoofing.

In order to collect biometric data, a biometric session need to be started by the client. Refer to the relevant client SDK section to learn how it can be done. The frequency of the biometric capture is adjustable with help of IronVest implementation support team. The frequency can be customized for specific actions (short actions may require higher capture frequency to ensure sufficient number of biometric frames). In order to achieve that use designated actionID parameter to distinguish between different user activities.

HTTP Request

Coming soon

Data Masking

AuthenticAction service can be used in many different use cases. In order to protect the privacy of our customers and avoid sharing of sensitive information of our clients with our service, we developed sophisticated mechanisms for data handling and processing. These mechanisms allow us to perform data validation without having access to the original data. The way the data is processed and stored on our servers does not allow recreating the original values under any circumstances. The technics being used are also resilient to value guessing or brute-force cracking. Multiple forms of hashing and mapping can be used with a single input in order to assure accurate data validation. Here are a few examples:

Data Hashing

Used for numeric inputs. The hash is calculated as a remainder left after division by a arbitrary number.

Data Masking

Used for alphanumeric inputs. The mask is a result of mapping groups of different characters into designated target characters, so the result preserves the length and type of the original characters, but not the original value.