mDocs Verifier SDK

Overview

The mDocs verifier SDK is based on the ISO/IEC 18013-5 standard which establishes an interoperable digital representation for mobile based credentials such as mobile drivers licenses (mDL). However, this SDK is designed to work for more then just mDLs, but rather any conforming mobile document (mDoc) - a term defined in ISO/IEC 18013-5.

The general responsibilities of the SDK can be summarised as the following:

  • Manage a list of trusted issuer certificates which presented mDocs can be validated against.

  • Interface with a holder to request presentations of issued mDocs as per ISO/IEC 18013-5.

  • Manage a list of mDocs status lists which is used to check the revocation status.

In this SDK mDocs are referred to as Mobile Credentials.

Supported ISO/IEC 18013-5 Features

ISO/IEC 18013-5 as a standard contains many different features, some of which are not currently supported by this SDK. Below is a summary of supported features:

FeatureOptions SupportedDefault Option Selected
Device EngagementQR Code-basedQR Code-based
Device Retrieval Data TransportBLE-based with mDocPeripheralServer and mDocCentralClient modeBLE-based using mDocPeripheralServer
Ephemeral Session Key CurveNIST P-*-based keysP-256-based key using Secure Enclave
Device Authentication ModeBoth Digital Signature and ECDH-agreed MACDigital Signature, P-256-based key using Secure Enclave

System requirements

This SDK is developed in the Kotlin programming language and is meant for integration into Android applications. It currently supports Android 7 (API level 24) and above. The SDK is compiled using API level 35.

Gradle version used to build the project: 8.7 AGP version used to build the project: 8.6.1 JVM target version: 1.8

Library dependencies

A set of external libraries was used to build the SDK.

Standard libraries

  • androidx.core:core-ktx:1.13.1

  • androidx.appcompat:appcompat:1.7.0

  • androidx.activity:activity-ktx:1.9.0

  • androidx.fragment:fragment:1.5.4

  • androidx.annotation:annotation:1.8.0

  • androidx.biometric:biometric-ktx:1.2.0-alpha05

  • androidx.browser:browser:1.8.0

  • org.jetbrains.kotlin:kotlin-reflect:1.9.22

  • org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.3

  • org.jetbrains.kotlinx:kotlinx-datetime:0.4.0

  • org.jetbrains.kotlinx:kotlinx-serialization-json:1.6.3

Third-party libraries

  • com.upokecenter:cbor:4.2.0

  • com.jakewharton.timber:timber:5.0.1

SDK Change Log

2.0.0 (Public release)

Breaking changes

  • Removed statusInfo from MobileCredentialPresentation, MobileCredential and MobileCredentialMetadata.

  • Removed deviceKeyId from MobileCredential and MobileCredentialMetadata.

Features

  • The getTrustedIssuerCertificates function now computes the TrustedCertificate.verificationResult as well.

  • Improved performance of addTrustedIssuerCertificates when adding certificates with revocation lists.

Sample apps

  • The sample app now supports product flavours for different SDK types.

  • Fixed minor bugs.

1.1.0 (Public release)

This release compared to 1.0.1 includes:

Features

  • Feature to have two SDKs in one app.

Bug fixes

  • Fix Verifier SDK to populate verified status correctly.

  • Fix return values for updateTrustedIssuerStatusLists.

  • Fix logger configuration.

  • Improved cryptography for older devices.

  • Improved BLE hardware handling.

  • Improved read performance from local storage.

1.0.4 (Internal preview release)

Bug fixes

  • Fix Verifier SDK to populate verified status correctly.

1.0.3 (Internal preview release)

Features

  • Feature to have two SDKs in one app.

Bug fixes

  • Fix return values for updateTrustedIssuerStatusLists.

  • Fix logger configuration.

  • Improved cryptography for older devices.

  • Improved BLE hardware handling.

  • Improved read performance from local storage.

1.0.1 (Public release)

Breaking changes

  • All functions may now throw standard Errors that were previously masked.

  • All non-public methods and classes are now marked as internal or private.

  • The global.mattr.mobilecredentialverifier package was renamed to global.mattr.mobilecredential.verifier.

  • The DataTransportException exception was renamed to DataTransportDisconnectedException.

Features

  • The SDK now supports checking the revocation and suspension status of presented mDocs:

    • The requestMobileCredentials function now takes an skipStatusCheck boolean flag that will skip the status check when set to true. Defaults to false.

  • Operations now throw an UnsupportedCurveException exception when encountering an unsupported cryptographic curve.

  • Storage engine replacement, resulting in the removal the Realm dependency.

  • HTTP Client replacement to support Android 7, resulting in the removal of the OkHttp dependency.

  • Increased debug logging throughout SDK.

  • Updated all 3rd party libraries to recent versions.

Sample app

  • Continues to show credential after session has ended.

  • No longer ends session when receiving an invalid credential.

0.6.1 (Internal preview release)

Features

  • SDK Docs improvements.

0.6.0 (Internal preview release)

Features

  • SDK Docs improvements.

Licence & Compliance

  1. Request or download the MATTR Pi SDK Trial Licence Agreement and the MATTR Customer Agreement and review these terms carefully.

  2. Sign and return the MATTR SDK Trial Licence Agreement to us.

Packages

Link copied to clipboard
Link copied to clipboard