Mastercard ID Verification Reference Implementation

Table of Contents

• Overview
• API Reference
• Usage
  • Prerequisites
  • Configuration
  • Compiling and Running
• Use Cases
• Support

Overview

This is a reference application to demonstrate how ID Verification API can be used.

This reference app consist of the ID Verification solution.

API Reference

• The OpenAPI specification for idverify endpoints can be found here.

Usage

Prerequisites

• Mastercard Developers Account with access to ID Verification API.
• A text editor or any other IDE of your choice.
• Java 8.
• Apache Maven 3.3+.
• Set up the JAVA_HOME environment variable to match the location of your Java installation.
• Set up the MAVEN_HOME environment variable to match the location of your maven installation (necessary when running from terminal / command line).
• A valid phone number that can retrieve the OTP code is required for the menu item [4 - SMS OTP].

This README.md is inside the project, if necessary download and unzip the project Mastercard ID Verification Reference through this link Reference Application.

Configuration

1. Create an account or log in at Mastercard Developers.

2. Create a new project and add ID Verification API to your project.

3. Configure the project and download all the keys. It will download multiple files (in case of zip files extract all).

4. Download .pem file from the Client Encryption Keys section, open the actions combobox and click download encryption.

5. Select all .p12 files, .pem file and copy it to src/main/resources in the project folder.

6. Open ${project.basedir}/src/main/resources/application.properties and configure below parameters.

   Connection

   mastercard.api.idVerify.key.file=classpath:<your value>, this refers to .p12 file found in the signing key. For example Mastercard_ID_Assist_Develop-sandbox.p12.

   Authentication

   mastercard.api.idVerify.consumer.key=, this refers to your consumer key. Copy it from the "Keys" section on your project page.

   mastercard.api.idVerify.keystore.alias=keyalias, this is the default value of key alias. If it is modified, use the updated one from the keys section on your project page.

   mastercard.api.keystore.password=keystorepassword, this is the default value of the keystore password.

   Encryption

   mastercard.api.idVerify.encryption.certificateFile=classpath:<your value>, this is the path to certificate (.pem) file. For example mastercard-id-assistClientEnc1593629971.pem

   mastercard.api.idVerify.encryption.fingerPrint=, this is fingerprint of encryption key, it is required to encrypt a request. For example 350f0b0268db2ab5b9c105aae77748d99850b773195f378527500c6269a59112.

   Decryption

   mastercard.api.idVerify.decryption.keystore=classpath:<your value>, this refers to .p12 file in Mastercard Encryption Keys. For example classpath:alias-encryption-mc.p12

   mastercard.api.idVerify.decryption.alias=, this is the user provided keyalias that is used while creating the API project.

   mastercard.api.idVerify.decryption.keystore.password=, this is the password provided while creating the API project.

Compiling and Running

Use one of the following two methods:

Using IDE

In the same menu, navigate to the commands ({Project name} > Lifecycle), select clean and compile then click the icon Run Maven Build.

Using Terminal

• Navigate to the root directory of the project within a terminal command line window and execute mvn clean compile install -DskipTests=true command.

Running the Project

Using IDE

• Navigate to the com.mastercard.developer package, open Application.java and right-click to run.

Using Terminal

• Navigate to the root directory of the project within a terminal command line window and execute mvn spring-boot:run.

After that you can see all the menu options, such as:

0. Exit
1. Document Data Extraction
2. Medicare Card Verification
3. Passport Verification
4. Driving License Verification
5. Document Data Extraction For Web
6. User Identity Retrieval
7. User Identity Verification
8. Trust Score
9. Device Authentication
10. Device Authentication Verification
11. Visa Verification
12. SMS OTP

Use cases based in the above menu

1. Document Data Extraction

Return a provider token to be passed to the MIDS Liveness SDK module.

• Details of implementation in class DataExtractionOption

• First endpoint ../idverify/data-extractions/access-tokens in API Reference, and request data in method getAccessTokenExample in DataExtractionsServiceExample.java.

• Second endpoint ../idverify/data-extractions/scans/{scan_id} in API Reference, and request data constants are SCAN_ID, USER_CONSENT, RETRIEVE_SELFIE, RETRIEVE_DOCUMENT_IMAGES, RETRIEVE_FACEMAP, DOCUMENT_TYPE_DRIVING_LICENSE, USER_SELECTED_COUNTRY
  in DataExtractionsServiceExample.java.

2. Medicare Card Verification

Medicare cards API used to verify the identification data associated with a user’s Medicare Card with the Identity Verification Provider.

• Endpoint ../idverify/source-verifications/{issuing_country}/medicare-cards in API Reference
• See details of implementation in class MedicalCareOption
• Request data in method createSourceVerificationMedicareCardRequestAttributes in SourceVerificationMedicareExample.java.

3. Passport Verification

Verifies the details of a passport document with an identity verification provider.

• Endpoint ../idverify/source-verifications/{issuing_country}/passports in API Reference
• See details of implementation in class PassportSourceVerificationOption
• Request data in method createSourceVerificationPassportRequestAttributes in SourceVerificationExample.java.

4. Driving License Verification

Verifies the details of a driving license document with an identity verification provider.

• Endpoint ../idverify/source-verifications/{issuing_country}/driving-licenses in API Reference
• See details of implementation in class DrivingLicenseSourceVerificationOption
• Request data in method createSourceVerificationDrivingLicenseRequestAttributes in SourceVerificationExample.java.

5. Document Data Extraction For Web

The provider token is retrieved by country code and SDK version.

• Endpoint ../idverify/data-extractions/access-tokens in API Reference
• See details of implementation in class DataExtractionForWebOption
• Request data in method getAccessTokenExampleForWeb in DataExtractionsServiceExample.java.

6. User Identity Retrieval

• Endpoint ../idverify/user-identities in API Reference
• See details of implementation in class UserIdentityRetrievalOption
• Request data in method getIdentity in UserExample.java.

7. User Identity Verification

• Endpoint ../idverify/user-verifications in API Reference
• See details of implementation in class UserIdentityVerificationOption
• Request data in method getIdentityVerificationUserInfo in UserExample.java.

8. Trust Score

• Endpoint ../idverify/trust-scores in API Reference
• See details of implementation in class TrustScoreOption
• Request data in method getTrustScoreUserInfo in TrustScoreExample.java.

9. Device Authentication

• Endpoint ../idverify/device-authentications in API Reference
• See details of implementation in class DeviceAuthenticationOption
• Request data in method getDeviceIpAddress in DeviceAuthenticationExample.java.

10. Device Authentication Verification

• Endpoint ../idverify/device-authentication-verifications in API Reference
• See details of implementation in class DeviceVerificationOption
• Request data in method getDeviceVerificationFingerprint in DeviceAuthenticationExample.java.

11. Visa Verification

• Endpoint ../idverify/source-verifications/{issuing_country}/passports in API Reference
• See details of implementation in class VisaVerificationOption
• Request data in method createSourceVerificationPassportRequestAttributes in SourceVerificationExample.java.

12. SMS OTP

• ../idverify/sms-otps in API Reference
• See details of implementation in class SmsOptFlowOption
• Request data in method getSmsOtp in SmsOtpExample.java.
• This option also execute /sms-otp-verifications endpoint to verify the result from previous request.

13. E-mail OTP

• ../idverify/email-otps in API Reference
• See details of implementation in class EmailOptFlowOption
• Request data in method getEmailOtp in EmailOtpExample.java.
• This option also execute /email-otp-verifications endpoint to verify the result from previous request.

Support

If you would like further information, please send an e-mail to MC_ID@mastercard.com

• For information regarding licensing, refer to the License file.
• For copyright information, refer to the COPYRIGHT.md.
• For instructions on how to contribute to this project, refer to the Contributing file.
• For changelog information, refer to the CHANGELOG.md.