Skip to main content

Architecture

This section provides a brief overview of Unum ID's architecture and how the various components are used.

Components#

We provide several lightweight SDKs that you use to interact with our Identity Engine cloud.

Architecture: You use SDKs to interact with our Identity Engine cloud.

For more information on the Encrypted Domain shown in this diagram, see the Security section.

Mobile SDK#

The Mobile SDK works behind the scenes in your company's mobile app to securely store a user’s

A credential is a collection of data about a person. It's issued by a company (i.e. created and sent to a user) and stored in the company's app, on that user's device.
+ More...
Example: ACME Bank issues a KYC verification credential to Richard (an ACME user). This includes Richard's contact information and account numbers, as well as a level of confidence in the accuracy of the data.
Components: A company issues credentials using the Server SDK, and an app stores credentials using the Mobile SDK.
credentials. It also lets a user respond to
A request (or presentation request) is a request for a presentation. It's sent by a company to a user, who chooses whether to share a presentation in response.
+ More...
Example: Hooli FinTech sends Richard a request for (a presentation of) a KYC verification credential from ACME Bank.
Components: A company creates requests using the Server SDK and routes them to users using the Web SDK. A user's app responds to requests using the Mobile SDK.
requests and share
A presentation is a set of one or more credentials. It's shared with (or presented to) a company by a user.
+ More...
Example: Richard shares a presentation of a KYC verification credential (which ACME Bank issued to him) with Hooli FinTech.
Components: A user's app shares (or presents) presentations using the Mobile SDK, and a company verifies presentations using the Server SDK.
presentations.

  • ~480 KB (unminified)
  • iOS: written in Swift, supports Swift and Objective-C apps, iOS 11.1+, iPhone 6+
  • Android: supports Kotlin and Java apps, API Level 23+ (Android 6.0+)

Server SDK#

The Server SDK lets you issue

A credential is a collection of data about a person. It's issued by a company (i.e. created and sent to a user) and stored in the company's app, on that user's device.
+ More...
Example: ACME Bank issues a KYC verification credential to Richard (an ACME user). This includes Richard's contact information and account numbers, as well as a level of confidence in the accuracy of the data.
Components: A company issues credentials using the Server SDK, and an app stores credentials using the Mobile SDK.
credentials to users and verify
A presentation is a set of one or more credentials. It's shared with (or presented to) a company by a user.
+ More...
Example: Richard shares a presentation of a KYC verification credential (which ACME Bank issued to him) with Hooli FinTech.
Components: A user's app shares (or presents) presentations using the Mobile SDK, and a company verifies presentations using the Server SDK.
presentations they share with you.

  • Option 1​: Node.js SDK (contact us for other languages)
  • Option 2​: containerized app with exposed API

Web SDK#

The Web SDK lets you display

A request (or presentation request) is a request for a presentation. It's sent by a company to a user, who chooses whether to share a presentation in response.
+ More...
Example: Hooli FinTech sends Richard a request for (a presentation of) a KYC verification credential from ACME Bank.
Components: A company creates requests using the Server SDK and routes them to users using the Web SDK. A user's app responds to requests using the Mobile SDK.
requests to users and show the results of verifying
A presentation is a set of one or more credentials. It's shared with (or presented to) a company by a user.
+ More...
Example: Richard shares a presentation of a KYC verification credential (which ACME Bank issued to him) with Hooli FinTech.
Components: A user's app shares (or presents) presentations using the Mobile SDK, and a company verifies presentations using the Server SDK.
presentations they share with you.

Example Usage#

Passwordless Auth#

In this example, ACME Bank uses Unum ID for passwordless authentication. Richard is an ACME user.

note

This is our Beyond Passwordless™ product in action. Contact sales to learn more.

  1. ACME's server uses the Server SDK to issue an authentication
    A credential is a collection of data about a person. It's issued by a company (i.e. created and sent to a user) and stored in the company's app, on that user's device.
    + More...
    Example: ACME Bank issues a KYC verification credential to Richard (an ACME user). This includes Richard's contact information and account numbers, as well as a level of confidence in the accuracy of the data.
    Components: A company issues credentials using the Server SDK, and an app stores credentials using the Mobile SDK.
    credential to Richard.
  2. Richard's ACME app uses the Mobile SDK to store the credentiaal.
  3. ACME's server uses the Server SDK create a
    A request (or presentation request) is a request for a presentation. It's sent by a company to a user, who chooses whether to share a presentation in response.
    + More...
    Example: Hooli FinTech sends Richard a request for (a presentation of) a KYC verification credential from ACME Bank.
    Components: A company creates requests using the Server SDK and routes them to users using the Web SDK. A user's app responds to requests using the Mobile SDK.
    request for a
    A presentation is a set of one or more credentials. It's shared with (or presented to) a company by a user.
    + More...
    Example: Richard shares a presentation of a KYC verification credential (which ACME Bank issued to him) with Hooli FinTech.
    Components: A user's app shares (or presents) presentations using the Mobile SDK, and a company verifies presentations using the Server SDK.
    presentation (of the credential).
  4. ACME's website uses the Web SDK to display or send the request to Richard.
  5. Richard's ACME app uses the Mobile SDK to prompt Richard to respond to the request.
  6. Richard agrees to authenticate, and his ACME app uses the Mobile SDK to send a presentation (of the credential) to ACME's server.
  7. ACME's server uses the Server SDK to verify the presentation.
  8. ACME's website uses the Web SDK to get the result of the verification and log Richard in.

Instant Onboarding#

In this example, Hooli FinTech uses Unum ID for instant onboarding. It uses Richard's ACME information (which he chooses to share) to create a pre-approved Hooli account for him.

note

This is our Verify with X™ product in action. Contact sales to learn more.

  1. Hooli's server uses the Server SDK create a
    A request (or presentation request) is a request for a presentation. It's sent by a company to a user, who chooses whether to share a presentation in response.
    + More...
    Example: Hooli FinTech sends Richard a request for (a presentation of) a KYC verification credential from ACME Bank.
    Components: A company creates requests using the Server SDK and routes them to users using the Web SDK. A user's app responds to requests using the Mobile SDK.
    request for a
    A presentation is a set of one or more credentials. It's shared with (or presented to) a company by a user.
    + More...
    Example: Richard shares a presentation of a KYC verification credential (which ACME Bank issued to him) with Hooli FinTech.
    Components: A user's app shares (or presents) presentations using the Mobile SDK, and a company verifies presentations using the Server SDK.
    presentation (of the ACME KYC verification
    A credential is a collection of data about a person. It's issued by a company (i.e. created and sent to a user) and stored in the company's app, on that user's device.
    + More...
    Example: ACME Bank issues a KYC verification credential to Richard (an ACME user). This includes Richard's contact information and account numbers, as well as a level of confidence in the accuracy of the data.
    Components: A company issues credentials using the Server SDK, and an app stores credentials using the Mobile SDK.
    credential).
  2. Hooli's website uses the Web SDK to display or send the request to Richard.
  3. Richard's ACME app uses the Mobile SDK to prompt Richard to respond to the request.
  4. Richard agrees to share his information, and his ACME app uses the Mobile SDK to send a presentation (of the ACME KYC verification credential) to Hooli's server.
  5. Hooli's server uses the Server SDK to verify the presentation.
  6. Hooli's website uses the Web SDK to get the result of the verification and create an account for Richard with the ACME information he shared.