PowerAuth 2.0 is a protocol for a key exchange and for subsequent request signing designed specifically for the purposes of applications with high security demands, such as banking applications or identity management applications. It defines all items that are required for a complete security solution: a used cryptography, a security scheme and standard RESTful API end-points.
A typical use-case for PowerAuth 2.0 protocol would be assuring the security of a mobile banking application. User usually downloads a "blank" (non-personalized) mobile banking app from the mobile application market. Then, user activates (personalizes, using a key-exchange algorithm) the mobile banking using some application that is assumed secure, for example via the internet banking or via the branch kiosk system. Finally, user can use activated mobile banking application to create signed requests - to log in to mobile banking, send a payment, certify contracts, etc.
- Basic definitions
- Activation
- Key Derivation
- Computing and Validating Signatures
- Standard RESTful API
- Implementation notes
- Deploying PowerAuth 2.0 Server
- Deploying PowerAuth 2.0 Admin
- Deploying PowerAuth 2.0 Standard RESTful API
- Integrate PowerAuth 2.0 Server with a mobile banking server app
- Integrate PowerAuth 2.0 Server with an Internet banking server app
- Using PowerAuth 2.0 Reference Client
Project can be easily build using Maven with JDK 7 or 8.
$ git clone https://github.com/lime-company/lime-security-powerauth.git
$ cd lime-security-powerauth
$ mvn compileIn case you need to build project using IDE, make sure you are creating a new Maven project, not just a freeform project from existing sources. Maven is required since powerauth-java-server project uses jaxb2-maven-plugin to generate SOAP/REST transport object from an XSD file.
Read more about how Maven dependencies are organized at Maven modules documentation.