More information about AppGallery Connect, you can visit HUAWEI Developer Forum.
How to build a secure and reliable user authentication system rapidly? How will HUAWEI AppGallery Connect Auth Service help you with that? This article will introduce how AppGallery Connect can build a cost-effective and highly secure authentication solution that requires little O&M and supports multiple authentication modes with a real case to help you better implement your services using Auth Service. We also provide benefits for developers at the end of this article.
What Is AppGallery Connect Auth Service?
You must be seeking for a solution to provide more secure and convenient sign-in experience for your users.
That’s when HUAWEI AppGallery Connect Auth Service comes into the picture. It provides both cloud services and a client SDK for you to enable user authentication functions without the need to build a user authentication system by yourself. Using Auth Service, you do not need to purchase or set up servers. Instead, by simply calling APIs provided by Auth Service, you can implement functions including user registration and sign-in for your app at ease. This makes building a reliable and secure user authentication system a breeze.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What Benefits Does Auth Service Provide?
1. Multiple authentication modes: A user can always find a desired way to sign in to your app integrating Auth Service, including mobile number, email address, mainstream third-party authentication modes across the globe, and anonymous account.
2. Rapid, secure, and reliable: Auth Service provides user authentication functions as capabilities, which can be encapsulated simply to set up your own user authentication system. In addition, Auth Service can be closely integrated with other serverless features for you to define simple rules to protect user data security.
3. Cost-effective and O&M-free: You do not need to invest manpower in setting up your own user authentication system or purchase additional servers. This greatly reduces your building and O&M costs.
4. Support for cross-platform apps: Auth Service provides both Java and Objective-C SDKs to enable users to have the same sign-in experience on all devices to both your Android and iOS apps.
Auth Service provides a secure, Cost-effective and O&M-free authentication solution for multiple authentication modes.
Wuweido Integrated Auth Service with 80% Less Workload
Developers from Mozongsoft Co. Ltd shared their story with Auth Service when developing their app called Wuweido, which is a professional 3D modeling CAD mobile app. Their story shows how manpower-saving it could be to integrate Auth Service. They did not choose Auth Service arbitrarily but after careful comparison with other similar services. With the help of Huawei technical support, they successfully implemented multiple authentication modes, including mobile number, email address, and mainstream third-party ones encompassing Facebook account and Twitter account by merely calling APIs. The use of Auth Service helped them reduce 80% workload compared with that required for building an authentication system by themselves.
Benefits for Developers Who Ingrate Auth Service: 30,000 Free SMS Verification Messages Every Month
AppGallery Connect is dedicated to helping more developers comprehensively reduce costs and solving key problems developers are concerned about. Auth Service now offers 30,000 free SMS verification messages for each developer to send verification codes to mobile numbers used for sign-in. If you integrate the service now, we will provide dedicated technical support during service integration.
For details about the free quota of Auth Service, please visit:
https://developer.huawei.com/consumer/en/doc/development/AppGallery-connect-Guides/agc-service-billing
How can I apply for technical support?
Send an email in the format [Company name + App ID] to [email protected].
To learn more about Auth Service, please visit:
https://developer.huawei.com/consumer/en/doc/development/AppGallery-connect-Guides/agc-auth-service-introduction
Related
This article is from HUAWEI Developer Forum which you can obtain latest news about Huawei products
Forum link: https://forums.developer.huawei.com/forumPortal/en/home
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
AppGallery Connect is a one-stop open service platform for the entire app lifecycle, designed to facilitate enhanced, and accelerated app building and running, giving you a leg up on the competition. AppGallery Connect 10.5, the platform's latest version, provides for a wholly optimized user experience, including a home page with futuristic visual effects, cross-platform app management capabilities, and access to a broad array of services, such as App Messaging, Cloud Storage, and Auth Service. These updates give you the tools to better build and operate your apps.
Brand-new home page
The home page has assumed a fresh new, user-friendly layout. The My projects entry enables you to manage apps of different platforms; Hot services provides a glimpse at trending services, and More services displays a brief overview of all available services. Service cards also provide direct access to corresponding services, sparing you the hassle of having to search for a desired service, and find it from a lengthy list.
Visit https://developer.huawei.com/consumer/cn/service/josp/agc/index.html to try out the new version now. You'll notice that AppGallery Connect has designed a unique icon for each service, making it easier than ever to identity them.
App Messaging
This service provides invaluable assistance for refined operations, by sending contextual messages to active users when specific events are triggered, boosting user engagement and stickiness. In-app messages can work in tandem with your app's activities. For instance, if you have a shopping app, it can display a message instructing the user to claim coupons upon repeated taps on an item by a user when authorized or after message subscription by the user. Or if you have a reading app, the app can automatically display messages to intensive users who have read for more than half an hour in a single session, offering a 20% discount off of subscriptions. These types of messages can successfully boost your app's conversion rate.
You have the option of using a pre-set style, or customizing the display of your in-app messages. Image messages are recommended if the content in the message is relatively simple.
Banner messages contain a thumbnail, with the message title and body, and are displayed at the top of the screen. Users only need to tap on the banner message to be directed to the corresponding page.
Pop-up messages are recommended for richer, and more complex content, as they consist of an image, title, and body, as well as up to two buttons. Examples of each message type are shown below:
Cloud Storage
Cloud Storage incorporates a treasure trove of premium storage, upload, and download functions for a wide range of different objects, including images, videos, and audio files. The Cloud Storage capability is bolstered by the following attributes:
1. Airtight protections, enabled by declarative security and automatic encryption mechanisms;
2. High degree of stability, thanks to the implementation of resumable transfer and intelligent network acceleration;
3. Autoscaling, to provide for automatic resource scheduling and enterprise-level storage.
These characteristics allow for you to focus single-mindedly on improving the quality and user experience within your app – reserving all of the hassles associated with developing, deploying, maintaining, and expanding capacity for storage servers, or monitoring server indicators to ensure availability, reliability, and durability – for AppGallery Connect.
Enhanced Auth Service
Building a user authentication system is both challenging and costly.
Auth Service makes the construction of a secure and reliable user authentication system, a hassle-free and cost-effective process. Authentication capabilities are provided as services, meaning that you can assemble all of the services you need in code for your app, with minimal O&M work.
The new and improved Auth Service supports a wider range of authentication modes, including mobile numbers, email accounts, and Apple IDs, and can be integrated into iOS apps. If you opt to integrate Auth Service before August 1st, 2020 , You will be eligible to receive the following benefits:
1. 30,000 free SMS verification messages every month
2. Dedicated technical support during service integration
3. An opportunity for broad-based exposure, as a successful case study
The free quota of SMS verification messages applies only to the mobile number + verification code authentication mode. If you are interested, please send your information in the following format to [email protected]: [Company name + App ID].
AppGallery Connect also comes with a version history management function, which allows you to query and download the app versions you had previously developed, as well as an interaction center that provides for direct communication with the platform. We think that you'll agree that AppGallery Connect 10.5 is chock-full of surprises. Just sign in to explore a pioneering new version for app development!
You can also click the link below, to learn more about Auth Service, Billing, Version history, Interaction center, and other services.
https://developer.huawei.com/consumer/en/doc/development/AppGallery-connect-Guides/agc-introduction
Together with the HUAWEI ID that provides an easy and secure sign-in and authorization function for more than 1 billion users to access apps after signing in to a phone, tablet, or smart TV with a HUAWEI ID, FIDO endows the HUAWEI ID with more secure and convenient identity authentication capabilities.
Why Does HUAWEI ID Use FIDO?
Conventionally, users need to sign in to their HUAWEI IDs by entering their IDs and passwords, which is time-consuming and inconvenient. To facilitate sign-in, the HUAWEI ID gradually offers multiple authentication modes to serve users with different needs. FIDO provides the password-free fingerprint and facial authentication capabilities, which frees users from the hassle of traditional password-based sign-in, as well as prevent the risk for password leakage. In addition, the system integrity check and key verification mechanism are used to ensure that the authentication results are secure and reliable, and 3D facial recognition makes facial authentication more accurate.
What Does FIDO Bring to the Table?
FIDO provides your app with the FIDO2 client. You can build a secure and easy-to-use password-free authentication capability in your app by using FIDO2 and a third-party FIDO server.
FIDO is a comprehensive authentication framework launched by the FIDO Alliance in compliance with the European GDPR regulations and uses the system integrity check result as the prerequisite for authentication. As such, before performing sign-in authentication, FIDO will call SysIntegrity to check whether the device system has been maliciously tampered with (for example, whether the device is rooted) to ensure that the user can sign in to their HUAWEI ID on a secure device.
Specifically, once a user enables fingerprint or facial authentication after signing in to their HUAWEI ID on their device, they can quickly sign in through fingerprint or facial authentication. This simplifies complex authentication for repeated sign-ins on the same device. If SysIntegrity detects that the user's device is rooted, the message "Your device has been rooted. Continuing to use HUAWEI ID may pose a security risk." will be displayed on the device to notify the user, thus safeguarding user sign-in security.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
(Use fingerprint or facial authentication to sign in to your HUAWEI ID.)
For more details, you can go to:
l Huawei developers official page
l Experience the easy-integration process on Codelabs
l Submit a trouble ticket online for any problems during integration
l Our official website
l Our Development Documentation page, to find the documents you need
l Reddit to join our developer discussion
l GitHub to download demos and sample codes
l Stack Overflow to solve any integration problems
Original Source
About HUAWEI Account KitHUAWEI ID is the credential that provides users with access to a wide range of Huawei services, such as Huawei cloud services. As a fundamental development service offered by HMS Core, Account Kit provides you with simple, secure and quick sign-in and authorization functions. Rather than needing to repeatedly enter account and password information, and then wait for authentication, users can simply tap the Sign in with HUAWEI ID button to sign in directly to your app via their HUAWEI IDs.
AdvantagesAuthorized Sign-in for All ScenariosAccount Kit enables the user to be authorized to sign in to your app through a HUAWEI ID, sparing them from having to enter personal information, setting passwords, and waiting to have the information verified by email or SMS message. Once authorization has been completed, no sign-in authorization screen will be displayed when the user signs in to your app again, greatly reducing the user churn rate during registration and sign-in.
In addition, Account Kit supports seamless sign-in switching between different devices, including mobile phones, tablets, Vision, head units, and watches. This helps you better present your product and services on Huawei devices across all scenarios.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
A Global HUAWEI ID User BaseAccount Kit enjoys a truly global reach, serving more than 190 countries and regions, and coming supported in 70+ languages. By integrating the service into your app, you'll benefit from access to a vast number of new potential users, and be equipped to expand your presence in new markets.
Secure and Reliable ServicesAccount Kit complies with prestigious international protocols, including OAuth 2.0 and OpenID Connect, and enables users to complete sign-in via a password and verification code, with the data encrypted, as well as offers an RISC-based cross-account protection function. This rigorous framework helps ensure that Account Kit meets relevant user privacy regulations around the world, and when coupled with HUAWEI ID sign-in, frees you from the hassle of managing user account data.
HUAWEI ID has obtained the EuroPriSe certification.
A Convenient and Cohesive SolutionThe development guide, sample code, and integration tool for Account Kit are continually being optimized to reduce integration costs.
Quick integration on the client: You can use HMS Toolkit to download the demo, check development environment configuration, and drag and drop the required code to complete integration in half a working day.
Quick integration on the server: You can reference both the Java and PHP sample code.
Account Kit allows you to connect to the Huawei ecosystem using your HUAWEI ID from a range of different devices, including mobile phones, tablets, and Vision.
Account Kit offers simple, secure and quick sign-in and authorization functions. In addition, it leverages the reach of its vast user base and all-scenario ecosystem, to provide you with direct access to new users in new markets.
We will continue to optimize Account Kit to help you achieve your business goals, and hope you'll enjoy access to such a broad range of game-changing services.
Use a browser to scan the QR code below to try the demo app:
(Note: The app may collect relevant information for user statistics.)
For more information about Account Kit, please visit:
Development guide
Codelab
Video course
For more details, you can go to:
l Our official website
l Our Development Documentation page, to find the documents you need
l Reddit to join our developer discussion
l GitHub to download demos and sample codes
l Stack Overflow to solve any integration problems
About HUAWEI Account Kit
HUAWEI ID is the credential that provides users with access to a wide range of Huawei services, such as Huawei cloud services. As a fundamental development service offered by HMS Core, Account Kit provides you with simple, secure and quick sign-in and authorization functions. Rather than needing to repeatedly enter account and password information, and then wait for authentication, users can simply tap the Sign in with HUAWEI ID button to sign in directly to your app via their HUAWEI IDs.
Advantages
Authorized Sign-in for All Scenarios
Account Kit enables the user to be authorized to sign in to your app through a HUAWEI ID, sparing them from having to enter personal information, setting passwords, and waiting to have the information verified by email or SMS message. Once authorization has been completed, no sign-in authorization screen will be displayed when the user signs in to your app again, greatly reducing the user churn rate during registration and sign-in.
In addition, Account Kit supports seamless sign-in switching between different devices, including mobile phones, tablets, Vision, head units, and watches. This helps you better present your product and services on Huawei devices across all scenarios.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
A Global HUAWEI ID User Base
Account Kit enjoys a truly global reach, serving more than 190 countries and regions, and coming supported in 70+ languages. By integrating the service into your app, you'll benefit from access to a vast number of new potential users, and be equipped to expand your presence in new markets.
Secure and Reliable Services
Account Kit complies with prestigious international protocols, including OAuth 2.0 and OpenID Connect, and enables users to complete sign-in via a password and verification code, with the data encrypted, as well as offers an RISC-based cross-account protection function. This rigorous framework helps ensure that Account Kit meets relevant user privacy regulations around the world, and when coupled with HUAWEI ID sign-in, frees you from the hassle of managing user account data.
HUAWEI ID has obtained the EuroPriSe certification.
A Convenient and Cohesive Solution
1. The development guide, sample code, and integration tool for Account Kit are continually being optimized to reduce integration costs.
ü Quick integration on the client: You can use HMS Toolkit to download the demo, check development environment configuration, and drag and drop the required code to complete integration in half a working day.
ü Quick integration on the server: You can reference both the Java and PHP sample code.
2. Account Kit allows you to connect to the Huawei ecosystem using your HUAWEI ID from a range of different devices, including mobile phones, tablets, and Vision.
Account Kit offers simple, secure and quick sign-in and authorization functions. In addition, it leverages the reach of its vast user base and all-scenario ecosystem, to provide you with direct access to new users in new markets.
We will continue to optimize Account Kit to help you achieve your business goals, and hope you'll enjoy access to such a broad range of game-changing services.
Use a browser to scan the QR code below to try the demo app:
(Note: The app may collect relevant information for user statistics.)
(Note: The app may collect relevant information for user statistics.)
For more information about Account Kit, please visit:
l Development guide
l Codelab
l Video course
For more details, you can go to:
l Our official website
l For GitHub to download demos and sample codes
| Original Source
Passwords are the default identity verification method on the Internet, but a wide range of other methods such as dynamic tokens, SMS verification codes, and biometric authentication have emerged, as awareness of password theft has grown among both developers and users. This article discusses the security risks associated with several common identity verification methods, and provides developers with a better solution.
The figure below shows the security risks of common identity verification methods.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
As you can see, both static password verification and dynamic password verification come with security risks. An ideal security solution would not be password-dependent! Fortunately such a solution exists!
Password-free sign-in idea was first proposed a long time ago. Contrary to what you'd expect, it does not mean that no password is required at all. Rather, it refers to using a new identity verification method to replace the existing password-based verification. HMS Core FIDO used this idea to develop a next-level solution for developers, which incorporates local biometric authentication and fast online identity verification capabilities that can be broadly applied across a wide range of scenarios, such as account sign-in and payments. In addition, the system integrity check and key verification mechanism help ensure the trustworthiness of identity verification results. This entire process is outlined below.
In terms of security, HMS Core FIDO frees users from the hassle of repeatedly entering account names and passwords, so that this information is not vulnerable to leaks or theft.
HMS Core FIDO does not require any secondary verification device. The app can verify user identity with just the components on the device, such as the fingerprint, 3D face, and iris sensors. If the app wants to enhance verification, the user device can be directly used as the security key hardware to complete identity verification, rather than a secondary verification device. HMS Core FIDO supports multiple verification scenarios on a single device, without requiring any additional verification device. This improves the user experience, while also reducing deployment costs for Internet service providers.
What's more, biometric data used for user identity verification is stored only on the user device itself, and can only be accessed after the user device has been unlocked, freeing users from any worry about biometric data leakage from servers.
HMS Core FIDO also helps developers optimize user experience.
HMS Core FIDO was designed with user privacy protection in mind, and thus does not provide Internet platforms with any information that can be used to trace users. When biometric authentication technology is used, user biometric data is stored only on the device itself and never transferred elsewhere. This represents a marked improvement over traditional biometric authentication, which collects and stores user biometric data on servers, which are vulnerable to leakage.
The entire identity verification process has been streamlined as well, sparing users the time and hassle of waiting to receive a verification code and having to enter a password.
Application scenarios for HMS Core FIDO
FIDO technology has been well received by device vendors and Internet service providers, such as large financial institutions and government network platforms. The technology has been broadly applied in financial transaction scenarios that have high security requirements, such as purchase payment in apps or on e-commerce platforms, digital currency transfers, and high-value transactions in mobile banking apps. Apps will be able to detect whether the user device supports HMS Core FIDO during user sign-in. If yes, it can prompt the user to enable sign-in via fingerprint or 3D facial recognition, which the user can subsequently use to sign in to the app all future times.
HMS Core FIDO provides global developers with open capabilities that are based on the FIDO specifications, and help Internet service providers make identity verification more streamlined and secure. FIDO, which stands for Fast Identity Online, is a set of identity verification framework protocols proposed by the FIDO Alliance. It utilizes standard public key cryptography technology to offer more powerful identity verification methods.
Visit the HMS Core FIDO official website to experience these next-level identity verification capabilities for yourself.