Summary
TypingDNA Verify 2FA is designed to reduce the number of SMS/email 2FA codes required to be sent to your users, replacing them with in-browser, secure typing biometric verification when possible.
Users launch the secure Verify 2FA window from within a client application by integrating a TypingDNA backend client, frontend JavaScript and HTML snippet that renders a button to launch the service. The backend
client passes
the required data attributes to the frontend, linking them to the button via HTML attributes on the button element. When an end-user clicks the button, these values are passed to the Verify 2FA window to identify the
end-user, determine if they are existing users or not, and handle verification according to the settings/preferences passed.
There are three scenarios in which typing biometrics verification is not possible, and traditional SMS/email verification codes are sent.
First, when a user initially registers their typing behavior with TypingDNA through the Verify 2FA window, a verification code is sent to the registered channel (SMS or email) to establish a Root of Trust
(RoT).
Second, when a user fails typing verification, the service will defer to the RoT registered during enrollment to confirm their identity.
Finally, when an end-user’s device is determined to be mobile, a code is automatically sent, as typing verification is currently not supported on mobile.
How encrypted end-user data and verification results flow between your backend, frontend and the Verify 2FA window depends on the mode you have chosen when initializing the TypingDNAVerifyClient
object in
the backend. There are two available modes, which to choose depends on UX preference:
Standard mode
To implement Standard mode, a callback function has to be included in the data attributes of the HTML button through which the TypingDNA Verify 2FA popup is opened (see Integrate Backend). After the user has
attempted
typing verification in the Verify 2FA window, if the user’s pattern is verified successfully, a verification code is returned as a parameter to the callback function. If the user fails verification, the error message
is
passed in the same parameter.
Show OTP mode
After the verification process has finished and the user has inserted the code into the input field on your frontend, a request to your backend is made with the code. The
typingDNAVerifyClient.validateOTP()
method is then called to confirm the authenticity of the verification code using TypingDNA’s validation service.This method requires both the user identifier and code as parameters (see Reference section for
details).
If the code is valid a success message will be returned. Otherwise, the code validation service will return a failure to validate message.