Check user presence when sharing a VC

[pmigueld]

Problem statement:

A resident should be able to use their phone and prove their presence using the mobile app (selfie-based auth)

Prerequisite:

• The resident should have a smartphone with secure hardware
• The resident installs and sets up the mobileID app on their smartphone

Proposed solution:

• The resident installs the mobile app on their smartphone and downloads credentials (VC)
• After initiating share by scanning the QR code on relying party’s phone and accepting the request to share, the resident chooses the 'Verify presence and share' option
• The app brings up the camera and captures the resident’s picture automatically and then initiates a match with the picture in the selected credential using the mock SDK
  • On a successful match, the app creates a verifiable presentation and also signs it.
  • A successful match and sharing initiated message also will be shown
  • A failed match will be conveyed by a corresponding message
  • The resident should be able to try again in case of a failed match
• This info should also be displayed in the history tab

Process flow:

Note:

For this story, we will use a mock SDK to do the match. The mock SDK should be able to simulate both successful and failure match scenarios so that the app behavior for both can be tested.

Real SDK integration will be done in the next phase of work as part of https://mosip.atlassian.net/browse/MOSIP-20613 - Request access

Open questions

• Where will the auth status be stored? In VC?
• How will additional metadata be stored and VC signed?

---

Reference: MOSIP-21453

[pmigueld]

@kneckinator I believe this should be part of milestone 0.4.0 as per the fourth deliverable:

• Face authentication against the credential from the user device
• User interface flow to perform the photo capture and validation
• Integrate with face-matching API

https://github.com/orgs/idpass/projects/3#card-78826929

[jannahadlaon]

Tested on:
QA4 - 0.4.0 (9.0) -iOS
QA4_io.mosip.residentapp-0.4.0-rc3-17-5f7c994-develop-temp-newlogic_20220930_1758

Resident app build version:
v0.4.0 (9.0) - iOS
v0.4.0 R3-17-5f7c994 (android)

MOSIP server: QA4

Devices:
Samsung Galaxy A23
Samsung Galaxy A20s
iPhone SE
iPhone 11

IMPORTANT NOTES:

• A new button has been added when sharing a VC which is the "Verify and Select VC". This would require the user to take a photo and check if it matches with the face in the VC that is being shared (otherwise they won't be able to share it).
• At the moment we are using the mock SDK and it will always pass after taking the photo.

@pmigueld @kyanthony

WORKS AS EXPECTED, CONSIDERING CURRENT LIMITATIONS DUE TO MOCK SDK