SDK for iOS

Introduction

The IDEMIA Verify SDK for iOS provides customers with the resources to customize the SDK to their preferred user-experience and integrate it within an existing mobile application. The IDEMIA Mobile ID Verify App works in conjunction with the IDEMIA Mobile ID App allowing verifiers to authenticate the user's physical ID or digital credential (i.e., drivers license or identity card).

You can use the iOS SDK to:

**Create and design your preferred user-experience and UI while leveraging the IDEMIA Verify functionalities **

You can build a custom mobile application that implements your user-experience design and leverages all of the SDK functionalities allowing you to apply your branding and preferred user flow. Maintain complete control over the display and functionality of the application.
**Embed IDEMIA Verify into an existing application **

You can automatically integrate an existing mobile application with IDEMIA by adding the SDK frameworks, which removes the need to use and maintain an additional application to leverage the Mobile ID's functionalities.

Get started

Skills required

The integration tasks require developers to have knowledge of:

iOS frameworks built in Xcode 14.2 or higher
Swift 5.0 or higher
Mac OS 12.6.2 or higher

Resources required

The tools required for integration on macOS are:

Xcode 14.2 or above
iOS SDK tools: release 14.x to 17.x (preferably latest version)
Physical iOS device (simulator is not supported)

Other requirements

External Libraries

pod 'SwCrypt', '~> 5.1.3'
pod 'SwiftCBOR', '~> 0.4.3'
pod 'IDZSwiftCommonCrypto', '~> 0.13.0',
=> true
pod 'SwiftBytes', '~> 0.6.0'

User permission

When designing your app,consider that your iOS app must handle user permissions to protect the resources on the target mobile device. Specifically, you must verify that the app permissions are granted by the user. If the required permissions are not granted, the SDK will throw an exception or error and may even crash.

The following user permission are required:

Camera permission for the QR code scan
Bluetooth permission for the BLE data transfer
NFC permission for the device engagement

The required permissions in the app info.plist file are:

Privacy: Bluetooth Always Usage Description
Privacy: Bluetooth Peripheral Usage Description
Privacy: Camera Usage Description
Privacy: NFC Usage Description

Capability

If the integrator wants to use NFC as Device Engagement.

The following steps are required:

Project Target -> Signing & Capabilities -> + Capability -> Near Field Communication Tag Reading

Create your own app

If you already have access for Mi-Artifactory, download the sample app: https://mi-artifactory.otlabs.fr/artifactory/verify-sdk-ios-release/com/idemia/idverify/ios/3.7.0/Sample/3.7.0-sample-ios.zip

To create your own app, you must add the following SDK libraries to your project. You can add these libraries manually as shown in Option A, or through CocoaPods as shown in Option B.

Add SDK libraries

The Podfile specifies the dependencies of each target, and the SDK pods are used to declare a specific dependency. The target scopes the pod dependencies to specific targets in your Xcode project.

Required pods

pod 'SwCrypt', '~> 5.1.3'
pod 'SwiftCBOR', '~> 0.4.3'
pod 'IDZSwiftCommonCrypto', '~> 0.13.0',
=> true
pod 'SwiftBytes', '~> 0.6.0'

Option A: Import Verify SDK manually

The manual method allows you to import the SDK files using Verify.framework using the steps below:

Download the Verify.framework and Tester app from the mi-artifactory: https://mi-artifactory.otlabs.fr/artifactory/verify-sdk-ios-release/com/idemia/idverify/ios/
Add the Verify.framework file to your project by pasting this file in project folder at path: ~/Frameworks/Verify.framework.
Link and Embedd Verify.framework to your project by dragging and dropping it on Project Settings (General > Frameworks, Libraries, and Embedded Content).

At the top of your project Podfile add the lines shown in the snippet:

Swift
1plugin 'cocoapods-art', :sources => [
2    'master' # so it could resolve dependencies from master repo (the main one)
3]

Add following pod dependency (Follow the 1,2 steps from section Option B for repository access)

pod 'SwCrypt', '~> 5.1.3'
pod 'SwiftCBOR', '~> 0.4.3'
pod 'IDZSwiftCommonCrypto', '~> 0.13.0',
=> true
pod 'SwiftBytes', '~> 0.6.0'

Add the following line in end of your Podfile (refer the sample code) to avoid linker error of any pod dependencies of Verify.

Swift
1post_install do |installer|
2 installer.pods_project.targets.each do |target|
3 target.build_configurations.each do |config|
4 config.build_settings['BUILD_LIBRARY_FOR_DISTRIBUTION'] = 'YES'
5 end
6 end
7 end

Option B: Import Verify SDK through CocoaPods with other dependencies (Recomended option)

Alternatively, the CocoaPods method allows you import the SDK files using CocoaPods (along with cocoapods-artplugin) using these steps.

If you don't already have CocoaPods with the Artifactory tool, install it by running the following command as shown in the snippet:
```
Swift
1gem install cocoapods-art
```

The plugin uses authentication that is specified in a standard .netrc file, as shown in the snippet:

Swift
1machine mi-artifactory.otlabs.fr
2login ##USERNAME##
3password ##PASSWORD##

At the top of your project Podfile add the lines shown in the snippet:

Swift
1plugin 'cocoapods-art', :sources => [
2    'verify-sdk-ios-release', # so it could resolve dependencies for Verify
3    'master' # so it could resolve dependencies from master repo (the main one)
4]

NOTE: If you do not have podfile already created, use the following commands to create one

Swift
1pod init

Once set, add our repository to your CocoaPod's dependency management system as shown in the snippet:

Swift
1pod repo-art add verify-sdk-ios-release "https://mi-artifactory.otlabs.fr/artifactory/api/pods/verify-sdk-ios-release"

Add the Verify SDK in your Podfile in one of its pod's version, as shown in the snippet:

Swift
1pod 'Verify', '~> 3.7.0.1462' # Verify SDK

Now install or install as shown in the snippet:

Swift
1pod install or pod update

NOTE: If you are already using our repository, and you cannot resolve some dependency, try to update the specs:

Swift
1pod repo-art update verify-sdk-ios-release

Add the following line in end of your Podfile (refer the sample code) to avoid linker error of any third party dependencies of Verify.

Swift
1post_install do |installer|
2 installer.pods_project.targets.each do |target|
3 target.build_configurations.each do |config|
4 config.build_settings['BUILD_LIBRARY_FOR_DISTRIBUTION'] = 'YES'
5 end
6 end
7 end

SDK API’s and methods

The SDK is made up of following components:

API’s for Version V1

IDVerifyTerminal Acts as the Entry Point for initializing device engagement, sending request to Mobile ID holder, receiving response and send parsed model back to calling app
- initDeviceEngagement

Language not specified
1/* Call this method from UI Application to parse the scanned qrcode
2    - @param configParams: Send the parameters e.g. inputData, license attribute params e.g. AGE_OVER_NN
3    - @param responseCallback: callback to receive the model object/errors corresponding to the passed-in QRCode
4   */
5    public func initDeviceEngagement(apiConfig configParams: ApiConfigs?, responseCallback: UIViewController)

sendRequest

Language not specified
1/* Send request to Mobile ID based on the use case selected by user in Verify application
2    - @param apiConfigs: configurations and optional MID request params  
3    - @param callback: callback to send progress and response data back to app
4    - 1. create Mobile ID request based on supplied USECASE or parameres/configs
5    - 2. onCreate communication channel (BLE) as per engagement data
6    - 3. send request to Mobile ID on communication chanel
7    - Note- In future we may also use USECASE : use case identifier required to prepare desired request data
8     */
9     public func sendRequest(apiConfig configParams: ApiConfigs?, responseCallback: UIViewController)

cancelRequest

Language not specified
1/* Cancel any transaction/running session with Mobile ID. overload to default cancellation
2*/
3public func cancelRequest(responseCallback: UIViewController, cancellationReason: CancellationReason)

loadCertificates

Language not specified
1/* Load IACA certificates from given path by application 
2 -  @param path is the Directory (libraryDirectory type) folder name(created by integrator)from where SDK will load the certificate, refer the sample.
3 -  @param responseCallback is callback to return success(will return loaded certificate count) or error
4 */
5    public func loadCertificates(path: String?, responseCallback: Any)

API’s for Version V2 (Recomended)

IDVerifyTerminalV2 Acts as the Entry Point for initializing device engagement, sending the request, by preparing a connection to the Mobile ID holder, receiving a response, and sending parsed model back to the calling app
- initDeviceEngagement

Language not specified
1/* Call this method from UI Application to parse the scanned qrcode
2    - @param configParams: Send the parameters e.g. inputData, license attribute params e.g. AGE_OVER_NN
3    - @param responseCallback: callback to receive the model object/errors corresponding to the passed-in QRCode
4   */
5    public func initDeviceEngagement(apiConfig configParams: ApiConfigs?, responseCallback: UIViewController)

prepareConnection

Language not specified
1/* Initialize and setup connection components as per`ConnectionConfigs` configurations supplied
2    - @param configParams: configurations for connection related information  
3    - @param callback: callback to connection status back to app
4    - Create communication channel (BLE) as per device engagement data
5     */
6     public func prepareConnection(configParams: ConnectionConfig?, responseCallback: (Any)?)

sendRequest

Language not specified
1/* send request to Mobile ID based on the use case selected by user in Verify application
2    - @param apiConfigs: configurations and optional MID request params  
3    - @param callback: callback to send progress and response data back to app
4    - 1. create Mobile ID request based on supplied USECASE or parameres/configs
5    - 2. onCreate communication channel (BLE/NFC/wifiAware ...) as per engagement data
6    - 3. send request to Mobile ID on communication chanel
7    - Note- In future we may also use USECASE : use case identifier required to prepare desired request data
8     */
9     public func sendRequest(apiConfig configParams: ApiConfigs?, responseCallback: UIViewController)

terminateConnection

Language not specified
1/* Terminate connection available with Mobile ID.
2    - @param responseCallback: callback to receive the model object/errors corresponding to the passed-in qrcode
3    - @param cancellationReason: Send the enum of cancellationReason e.g. TIMEOUT, CANCELED_BY_USER,  CONNECTION_ERROR and NONE
4     */
5     public func terminateConnection(responseCallback: Any?, cancellationReason: CancellationReason)

terminateSession

Language not specified
1/* It terminate the current session and terminate the connection as well.
2    - @param responseCallback: callback to receive the model object/errors corresponding to the passed-in qrcode
3    - @param cancellationReason: Send the enum of cancellationReason e.g. TIMEOUT, CANCELED_BY_USER,  CONNECTION_ERROR and NONE
4     */
5     public func terminateSession(responseCallback: Any?, cancellationReason: CancellationReason)

loadCertificates

Language not specified
1/* Load IACA certificates from given path by application (libraryDirectory path)
2 -  @param path is the Directory (libraryDirectory type) folder name(created by integrator)from where SDK will load the certificate, refer the sample.
3 -  @param responseCallback is callback to return success(will return loaded certificate count) or error
4 */
5    public func loadCertificates(path: String?, responseCallback: Any)

Api implementation steps

Scan the QR codes or NFC Tags as shown in the snippet:

Swift
1/**
2 * Response callback for parse engagement QR code data or **Mobile ID** credential holder
3 */
4  //MARK:  parsed QRCode
5  func parsedDataForQRCode(trimmedQRCode: String){
6      DispatchQueue.global(qos: .default).asyncAfter(deadline: .now() + 0.2) {
7          let config = self.formAndReturnAppConfigsParamForAPI(qrString: trimmedQRCode)
8          sharedVSDKClient?.initDeviceEngagement(apiConfig: config, responseCallback: self)
9      }
10  }
11
12  // Returns ApiConfigs with all the parameters
13  func formAndReturnAppConfigsParamForAPI(qrString qr: String?) -> ApiConfigs? {
14      guard let tempQRString = qr else {
15          return nil
16      }
17      
18      // Build app configs for BLE
19      let apiConfigs = ApiConfigs.ConfigBuilder()
20          .withData(inputData:tempQRString)
21          .build()
22      return apiConfigs
23      
24      // Build app configs for NFC Engagement
25      let apiConfigs = ApiConfigs.ConfigBuilder()
26      .useNFC()
27      .build()
28      return apiConfigs
29  }

After scanning the QR successfully, you will get the result response in onSuccess as shown in the snippet:

Swift
1func onSuccess(response: Any?){
2  }
3  func onError(error: VerifyError){
4
5  }

For V2 API’s, call prepareConnection API before calling sendRequest (in case of V1 API’s skip to step 4.1).

The prepareConnection() method will prepare the connection based on device engagement with Mobile ID credential. If it received successfully, Integrator can send the request on prepared connection channel.

Swift
1// Set 'ConnectionConfig' as follows for setting the connection related information. 
2
3let connectionConfig = ConnectionConfig()
4    .setConnectionType(type: ConnectionType.BLE)
5    sharedVSDKClient?.prepareConnection(configParams: connectionConfig, responseCallback: self)

Swift
1// Set 'setL2CapRequestSupport' as true to enable L2CAP mode during BLE communication. 
2
3let connectionConfig = ConnectionConfig()
4    .setConnectionType(type: ConnectionType.BLE)
5    .setL2CapRequestSupport(l2CapRequestSupportEnable: true)
6    sharedVSDKClient?.prepareConnection(configParams: connectionConfig, responseCallback: self)

Swift
1// prepareConnection api by using `connectionConfig` which you set earlier
2sharedVSDKClient?.prepareConnection(configParams: connectionConfig, responseCallback: self)

Callback for the prepareConnection API to receive connection status**.

Swift
1/**
2     * Request callback for the `prepareConnection` SDK API to receive connection status.
3     */
4    
5    func connectionSuccessful(connectionType: ConnectionType) {
6    }
7    
8    func connectionError(error: Any?) {
9    }
10    
11    func currentStatus(currentState: TransferState){
12    }
13    
14    func onConnectionCanceled(response: Any?) {
15    }

Send a request to the Mobile ID App to get the license details as shown in the snippet:

The sendRequest() method will return the response from the end-user's Mobile ID credential. If it's received it successfully, then all the attributes of the Mobile ID App response appear in the view controller.

Swift
1// Set 'appConfig' as follows if you want to use all attributes as optional parameters
2var dataItems = getMandatoryParams()
3dataItems.append(contentsOf: getOptionalParams())
4
5let apiConfigs = AppConfigs.MIDRequestBuilder()
6            .addParam(listParams: dataItems)
7            .build()

Swift
1// Set 'appConfig' as follows if you want to use only the suggested attributes as optional parameters
2var dataItems = getOptionalParams() let apiConfigs =
3AppConfigs.MIDRequestBuilder() .addParam(listParams: paramsList, useDefaults:
4true) .build()

Swift
1//Send the request by using `appConfig` which you set earlier
2sharedVSDKClient?.sendRequest(apiConfig: apiConfigs, responseCallback: self)
3}

Swift
1// Sample code for L2Cap Support in Api config. Set L2CapRequestSupportEnable as true for enabling L2cap support.
2let apiConfigs = ApiConfigs.MIDRequestBuilder()
3                        .version(version: MIDParamConstants.REQUEST_VERSION)
4                        .setL2CapRerquestInfo(L2CapRequestSupportEnable: true)
5                        .addParams(MIDParamConstants.NAMESPACE_18013_5,isoParamsList)
6                        .build()

Swift
1// send request using new namespace and paramList support
2
3func sendrequest(){
4
5   var aamvaParamsList = [MIDRequestParam]()
6   var namespaceParamList = [String: [MIDRequestParam]]()
7   var isoParamsList = [MIDRequestParam]()
8   isoParamsList.append(MIDRequestParam(paramName: MIDParamConstants.GIVEN_NAME))
9   isoParamsList.append(MIDRequestParam(paramName: MIDParamConstants.FAMILY_NAME))
10   isoParamsList.append(MIDRequestParam(paramName: MIDParamConstants.RESIDENT_ADDRESS))
11   isoParamsList.append(MIDRequestParam(paramName: MIDParamConstants.RESIDENT_CITY))
12   isoParamsList.append(MIDRequestParam(paramName: MIDParamConstants.RESIDENT_CITY))
13
14   namespaceParamList[MIDParamConstants.DOCTYPE_ORG_AAMVA_US] = aamvaParamsList
15   namespaceParamList[MIDParamConstants.NAMESPACE_18013_5 ] = isoParamsList
16
17   let apiConfigs = ApiConfigs.MIDRequestBuilder()
18       .version(version: MIDParamConstants.REQUEST_VERSION)
19       .addDocType(docType: "my.cusom.docType.custom1") //example docType1
20
21       //1. add
22       .addParams(namespaceParamList)
23       // add again to test if duplicates are removed
24       .addParams(MIDParamConstants.NAMESPACE_18013_5,isoParamsList)
25       //2. add more params one by one with custom namespce
26       .addParam(MIDParamConstants.NAMESPACE_18013_5,MIDRequestParam(paramName: "custom_param1"))
27       .addParam("my.custom.namespace",MIDRequestParam(paramName: "custom_param1"))
28
29       .addParam("my.custom.namespace",MIDRequestParam(paramName: "custom_param2"))
30       .addParam("my.custom.namespace",MIDRequestParam(paramName: "custom_param3"))
31       //duplicates will be removed
32       .addParam("my.custom.namespace",MIDRequestParam(paramName: "custom_param1"))
33       .addParam("my.custom.namespace",MIDRequestParam(paramName: "custom_param3"))
34       //3. or add a custom namespace like this
35       .addParams("my.custom.namespace2", [
36           MIDRequestParam(paramName: "custom_param_nm21"),
37           MIDRequestParam(paramName: "custom_param_nm22"),
38           MIDRequestParam(paramName: "custom_param_nm23"),
39           MIDRequestParam(paramName: "custom_param_nm21") ]//duplicate
40   )
41
42       .buildDoc()  //build doctype1
43       .addDocType(docType: "my.cusom.docType.custom2") //example docType2
44       .addParams("my.custom.namespace2", [
45           MIDRequestParam(paramName: "custom_param_nm21"),
46           MIDRequestParam(paramName: "custom_param_nm22"),
47           MIDRequestParam(paramName: "custom_param_nm23"),
48           MIDRequestParam(paramName: "custom_param_nm21") ]//duplicate
49   )
50       .buildDoc() //build doctype2
51
52       .build()
53
54   //call sendRequest API
55   sharedVSDKClient?.sendRequest(apiConfig: apiConfigs, responseCallback: self)
56   // 3. Read request params supplied from app and make the request structure accordingly.
57
58}

Callback for the sendRequest API to receive and display the response data from the Mobile ID App.

Swift
1/**
2    * Request callback for the `sendRequest` SDK API to receive and display the response data from the mDL.
3    */
4
5   func onSuccess(response: Any?){
6   }
7   func onError(error: VerifyError){
8   }
9   func onRequestCanceled(response: Any?){
10   }
11   func onProgress(totalBytesRecived: Int){
12   }
13   func onRequestSent(status: Bool?){
14   }
15   func currentBLEStatus(currentState: TransferState){
16   }
17   
18   // onSuccess callback method for handling Multi request reqsponse
19   func onSuccess(response: Any?, callback:MultiRequestCallback?) {
20   }
21   
22   // On next callback is used for sending next request in same session. 
23   func onNext(apiConfigs:ApiConfigs){
24   }
25   
26   // Terminate connection method is used for terminate session in Multirequest.
27   func onTerminateConnection() {
28   }
29   
30    /**Set Multi Request Info.
31    - Parameter multiRequestEnable: Set for identify request is Multi Request supported
32    - Returns: MIDRequestBuilder object
33    */
34   public func setMultiRerquestInfo(multiRequestEnable: Bool) -> MIDRequestBuilder {
35       self.isMultiRequest = multiRequestEnable
36       return self
37   }
38   
39   // Sample code for multi request Api config
40   let apiConfigs = ApiConfigs.MIDRequestBuilder()
41                           .version(version: MIDParamConstants.REQUEST_VERSION)
42                           .setMultiRerquestInfo(multiRequestEnable: VerifyAppManager.sharedInstance.getMultiRequestMode() ?? false)
43                           .addDocType(docType: MIDParamConstants.DOCTYPE_18013_5)
44                           .addParams(MIDParamConstants.NAMESPACE_18013_5,isoParamsList)
45                           .addParams(MIDParamConstants.NAMESPACE_ORG_AAMVA_US,aamvaParamsList)
46                           .addRequestInfo(key: "attributesInfo", value: attributeInfoMap())
47                           .build()

Step and sample code for Reader Authentication(Signature only)[optional].


11. Add/Enable the callback in the RequestBuilder.
2
32. Implement the readerAuthSignerCallback at app side. readerAuthSignerCallback provides the interface to perform signing of readerAuthentication structure. Verify SDK will call doSignRequest with the readerAuthentication structure to sign by the integrator with the reader private key. They will sign the bytes using certificate private key and return ReaderAuthSign data model with generated signature, algorithm used to sign and a x509 certificate with the corresponding public key of the private key that the readerAuthenticationBytes structure is signed.[Refer 9.1.4 mdoc reader authentication ISO/IEC FDIS 18013-5:2021(E) page 54]
4
53. List the required resources e.g cert, keys at Integrator side.
6An mdocReader private key to sign the Reader Auth structure. the resulting signature and algorithm used to sign shall be included within the mdoc request to be sent to mdoc.
7CA signer certificate containing the corresponding public key of the private key used in signing which shall be sent to mdoc within the mdoc request. Integrator would submit a CSR to a valid CA to get a signer certificate.
8(Optional) CA root certificate from CA which shall be shared by Reader to mDoc Holder which they can use to authenticate the signer certificate received within Reader Request

You can cancel / terminate a transaction any time if an error occurs in the app as shown in the snippet:

Swift
1sharedVSDKClient?.cancelRequest(responseCallback: self,cancellationReason: .CANCELED_BY_USER)

For V2 API’s

Swift
1sharedVSDKClient?.terminateConnection(responseCallback: Any?, cancellationReason: CancellationReason)

6.1. To terminate the running connection and session use terminateSession API. This API is available only in IDVerifyTerminalV2 client

Swift
1sharedVSDKClient?.terminateSession(responseCallback: Any?, cancellationReason: CancellationReason)

You can get the SDK version by calling it directly with the class name as shown in the snippet:

Swift
1IDVerifyTerminal.version

For V2 API’s

Swift
1IDVerifyTerminalV2.version

Added new configuration setReaderAuthInfo for reader authentication; here is a sample code snippet:

Swift
1let apiConfigs = ApiConfigs.MIDRequestBuilder()
2    .version(version: MIDParamConstants.REQUEST_VERSION)
3    .addDocType(docType: "org.iso.18013.5.1.mDL")
4    .addParams(namespaceParamList)
5    .buildDoc()
6    .setReaderAuthInfo(readerAuthSignerCallback: self.callbackReceiverVC, signingAlgo: .ALGO_SHA256WITHECDSA)
7    .withData(inputData: MOCK_QR_CODE_DATA_N1938)
8    .build()

Added new protocol ReaderAuthSignerCallback for reader authentication callback; here is a sample code snippet of implementation:

Swift
1extension ViewController: ReaderAuthSignerCallback {
2    func doSignItemRequest(readerAuthenticationBytes: Data, docType: String) -> ReaderAuthSign? {
3        //Generating Public Private KeyPair
4        let keyPairDict = try? ECUtils.generateKeyPair()
5        let privateKey = keyPairDict?["private"]
6        //Generating Signature
7        let signedDataSignature = (try? EncyptionDecryption.createSignature(privateKey: privateKey, dataToSign: readerAuthenticationBytes, algorithm: .ecdsaSignatureDigestX962SHA256)) ?? Data()
8        //returning Signature and Certificate
9        return ReaderAuthSign(signature: signedDataSignature, x509Certificate: x509CertSample.bytes.getData())
10        }
11}

Call loadCertificates() API to load IACA certificates from given path(libraryDirectory path) and provides the number of certificats loaded as response(Int). This step is necessary for a successful transaction since Verify SDK will validate the mDL response against the certificates from supplied path. Refer sample Application.

Swift
1sharedVSDKClient?.loadCertificates(path: "CERTIFICATEDIRECTORY_NAME", responseCallback: self())
2    func onSuccess(response: Any?){
3        print("Certificate load success \(response)")
4    }
5    func onError(error: Any?){
6        print(error)
7      }

Call setDisconnectBleTimeout() method to set BLE disconnect timeout time from app side. Default timeout is 3 sec.

Swift
1let sharedClient = self.getVerifySDKClient()
2    let configs = ApiConfigs.ConfigBuilder().withData(inputData: "").useBLE().setDisconnectBleTimeout(time: 5).build()

Test and production apps

The Verify SDK allows you to create a test app with the steps below. You can also use these steps to create your production application by changing the target definition in your Podfile to your Xcode production project.

Open your terminal and type the command "cd project_path" (the path to the project file where .xcodeproj file is located) and press .
Type the command "pod init" and press .
Go to the finder and open the pod file (in the same place where your .xcodeproj file is located).

Type the following in podfile under your target. In our case, the target is VerifyIDTestApp; change it according to your target in podfile and add the snippet shown:

Language not specified
1target 'VerifyIDTestApp' do
2  use_frameworks!
3  pod 'Verify', '~> 3.7.0.1462'
4
5  target 'VerifyIDTestAppTests' do
6    inherit! :search_paths
7    # Pods for testing
8  end
9
10  target 'VerifyIDTestAppUITests' do
11    # Pods for testing
12  end

Type the command “pod install” and then press .
Open .xcworkspace (i.e., at the same place where your .xcodeproj file is located).
Call IDVerifyTerminal.getClient and initialize the IDVerifyTerminal shared object in the AppDelegate.swift file as shown in the snippet:

For V2 API’s Call IDVerifyTerminalV2.getClient and initialize the shared object of IDVerifyTerminalV2 in AppDelegate.swift file**


1let config = Configs.Builder()
2     .enableDebug(isDebuggable: isDebuggable)
3     .build()
4 **For V1 API’s-**
5 sharedVSDKClient = IDVerifyTerminal.getClient(configs: config)
6 **For V2 API’s-**
7 sharedVSDKClient = IDVerifyTerminalV2.getClient(configs: config)

Use enableDebug(logLevelArr: [LogLevel.VERBOSE]) for debugging purposes only if needed, as shown in the snippet:

Swift
1let config = Configs.Builder()
2  .enableDebug(logLevelArr: [LogLevel.VERBOSE]) // multiple option can be passed. Default is LogLevel.NONE
3  .build()
4
5 
6 **For V1 API’s-**
7 sharedVSDKClient = IDVerifyTerminal.getClient(configs: config)
8 **For V2 API’s-**
9 sharedVSDKClient = IDVerifyTerminalV2.getClient(configs: config)

Request Parameters

The following table provides a list of attributes which can be configured for sendRequest API.

Item#	Identifier	Param Name	CBOR Type
	Namespace= "org.iso.18013.5.1"
1	ADMINISTRATIVE_NUMBER	administrative_number	Major type 3
2	SEX	sex	Major type 3
3	HEIGHT	height	Major type 0
4	WEIGHT	weight	Major type 0
5	EYE_COLOR	eye_color	Major type 3
6	HAIR_COLOR	hair_color	Major type 3
7	BIRTH_PLACE	birthplace	Major type 3
8	RESIDENT_ADDRESS	resident_address	Major type 3
9	PORTRAIT_CAPTURE_DATE	portrait_capture_date	Tag value 0 of major type 6
10	AGE_IN_YEARS	age_in_years	Major type 0
11	AGE_BIRTH_YEAR	age_birth_year	Major type 0
12	AGE_OVER_NN	age_over_NN	Value 20/21 of major type 7
13	ISSUING_JURISDICTION	issuing_jurisdiction	Major Type 3
14	NATIONALITY	nationality	Major type 3
15	RESIDENT_CITY	resident_city	Major type 3
16	RESIDENT_STATE	resident_state	Major type 3
17	RESIDENT_POSTAL_CODE	resident_postal_code	Major type 3
18	BIOMETRIC_TEMPLATE_XX	biometric_template_xx	Major type 2
19	NAME_NAT_CHAR	name_nat_char	Major type 3
20	MGMT_NEXT_UPDATE	mgmt_nextupdate	Tag value 0 of major type 6

21	FAMILY_NAME	family_name	Major type 3
22	GIVEN_NAME	given_name	Tag value 0 of major type 6
23	BIRTHDATE	birthdate	Tag value 0 of major type 6
24	ISSUE_DATE	issue_date	Tag value 0 of major type 6
25	EXPIRY_DATE	expiry_date	Major type 3
26	ISSUING_COUNTRY	issuing_country	Major type 3
27	ISSUING_AUTHORITY	issuing_authority	Major type 3
28	DOCUMENT_NUMBER	document_number	Major type 3
29	PORTRAIT	portrait	Major type 2
30	MGMT_LAST_UPDATE	mgmt_lastupdate	Tag value 0 of major type 6
31	MGMT_VALIDITY	mgmt_validity	Tag value 0 of major type 6
32	ONLINE_TOKEN_XXXX	online_token_xxxx	Major type 3
34	DRIVING_PRIVILEGES	driving_privileges	Major type 4

35	SIGNATURE_USUAL_MARK	signature_usual_mark	Major type 3
36	ONLINE_URL_XXXX	online_url_xxxx	Major type 3
37	BIRTHDATE	birth_date	Major type 3
38	BIRTH_PLACE	birth_place	Major type 3
39	NAME_NAT_CHAR	name_national_character	Major type 3
40	FAMILY_NAME_NATIONAL_CHAR	family_name_national_character	Major type 3 //added in N19xx
41	GIVEN_NAME_NATIONAL_CHAR	given_name_national_character	Major type 3 //added in N19xx

	Namespace= "org.iso.18013.5.1.aamva"		//based on mDL-Implementation-Guidelines-1-0_2021.pdf
1	DOMESTIC_DRIVING_PRIVILEGES	domestic_driving_privileges	Major type 3
2	DHS_COMPLIANCE	DHS_compliance	Major type 3
3	NAME_SUFFIX	name_suffix	Major type 3
4	ORGAN_DONOR	organ_donor	Major type 0
5	VETERAN	veteran	Major type 0
6	FAMILY_NAME_TRUNCATION	family_name_truncation	Major type 3
7	GIVEN_NAME_TRUNCATION	given_name_truncation	Major type 3
8	AKA_FAMILY_NAME_V2	aka_family_name.v2	Major type 3
9	AKA_GIVEN_NAME_V2	aka_given_name.v2	Major type 3
10	AKA_SUFFIX	aka_suffix	Major type 3
11	WEIGHT_RANGE	weight_range	Major type 0
12	RACE_ETHNICITY	race_ethnicity	Major type 3
13	EDL_CREDENTIAL	EDL_credential	Major type 0
14	SEX	sex	Major type 0
15	RESIDENT_COUNTY	resident_county	Major type 3
16	HAZMAT_ENDORSEMENT_EXPIRATION_DATE	hazmat_endorsement_expiration_date	Major type 3
17	DHS_TEMPORARY_LAWFUL_STATUS	DHS_temporary_lawful_status	Major type 0

Expected Results

QR code

Below are expected response from the sendRequest API with the expected data type.

Data Fields	Data type/Unit	Sample Value
Namespace= "org.iso.18013.5.1"
administrative_number	Text/String	"1234453"
gender	Text/String	"M"
height	Integer/Centimeter	"157"
weight	Integer/Kg	"56"
eye_color	Text/String	"BLU"
hair_color	Text/String	"BLACK"
birthplace	Text/String	"NY"
resident_address	Text/String	"123, ABC Street"
portrait_capture_date	DateTime/RFC3339	"1985-04-12T23:20:50Z"
age_in_years	Integer/String	"34"
age_birth_year	Integer/String	"1978"
age_over_NN	Boolean/String	"true"
issuing_jurisdiction	Text/String	"NY"
nationality	Text/String	"US"
resident_city	Text/String	"NY"
resident_state	Text/String	"NY"
resident_postal_code	Text/String	"58773"
name_nat_char	Text/String	"US"
mgmt_nextupdate	DateTime/RFC3339	"1985-04-12T23:20:50Z"
family_name	Text/String	"Sample"
given_name	Text/String	"Joe"
birthdate	DateTime/RFC3339	"1985-04-12T23:20:50Z"
issue_date	DateTime/RFC3339	"1985-04-12T23:20:50Z"
expiry_date	DateTime/RFC3339	"1985-04-12T23:20:50Z"
issuing_country	Text/String	"US"
issuing_authority	Text/String	"NY"
document_number	Int/String	"782593823"
portrait	ByteArray/Bytes
mgmt_lastupdate	DateTime/RFC3339	"1985-04-12T23:20:50Z"
mgmt_validity	DateTime/RFC3339	"1985-04-12T23:20:50Z"
driving_privileges	Text/String	"[{"codes":[{"sign":"Sign","value":"value","code":"C"}],"issue_date":"2018-08-09","vehicle_category_code":"A","expiry_date":"2024-06-11"}]"
RealID	Boolean/String	true
signature_usual_mark	ByteArray/Bytes
birth_date	DateTime/RFC3339	"1985-04-12T23:20:50Z"
birth_place	Text/String	"NY"
name_national_character	Text/String	"US"
given_name_national_character	Text/String	"US"
family_name_national_character	Text/String	"US"

Namespace = "org.iso.18013.1.aamva"
DHS_compliance	Text/String	“F” = fully compliant “N” = non-compliant
domestic_driving_privileges	Text/String	[{"domestic_vehicle_class": {"expiry_date": "2027-08-12", "issuer_date":"2019-10-12", "domestic_vehicle_class_code": "A", "domestic_vehicle_class_description": "vehicle category description"}, "domestic_vehicle_endorsements": [{"domestic_vehicle_endorsement_code": "E", "domestic_vehicle_endorsement_description": "vehicle endorsement description"}], "domestic_vehicle_restrictions": [{"domestic_vehicle_restriction_code": "C", "domestic_vehicle_restriction_description": "vehicle restrictions description"}]}]
name_suffix	Text/String	“SR”
organ_donor	Integer	1
veteran	Integer	1
family_name_truncation	Text/String	“N”
given_name_truncation	Text/String	“N”
aka_family_name.v2	Text/String	“N”
aka_given_name.v2	Text/String	“S”
aka_suffix	Text/String	“N”
weight_range	Integer	“3” //Indicates the approxi- mate weight range of the credential holder: 0 = up to 31 kg; 1 = 32 – 45 kg ; 2 = 46 - 59 kg ; 3 = 60 - 70 kg
race_ethnicity	Text/String	“A” //Codes for race or eth- nicity of the creden- tial holder, as defined in AAMVA D20.
EDL_credential	Integer	1 //This field is either absent or has one of the following values: 1: Driver’s license, 2: Identification card (Applicable only in the US. )
sex	Integer	1
resident_county	Text/String	"107" //The 3-digit county code of the county where the credential holder lives, as per the 2010 FIPS Codes for Counties and County Equivalent Entitiesf. (Applicable only in the US. )
hazmat_endorsement_expiration_date	Text/String	"2024-01-11"
DHS_temporary_lawful_status	Integer	1 // This field is either absent or has value= 1: Temporary lawful status (Applicable only in the US. )

IACA certificate file format support

Supports following formats for IACA certificates - (.pem, .crt, .der).

Elliptic curve support

Operation	Curve	Specification	Curve Identifier
ECDH/ECDSA	P-256	FIPS-PUB 186-4	IANA COSE Registry
ECDH/ECDSA	P-384	FIPS-PUB 186-4	IANA COSE Registry
ECDH/ECDSA	P-521	FIPS-PUB 186-4	IANA COSE Registry

ISO-18013-5 specification support

ISO Version	Supported
N1985 (published 1.0)	Yes
N1938	Yes
N1818	Yes
N1677	Yes

Additions and updates

Removal of OpenSSL Dependency
Added support of CryptoKit
Added iOS 17 support
Dropping iOS 13 support
Load certificate from Library directory
Bug fixes and improvements

Notes:

IDEMIA has many IACA certificates added to our Verify App, so we must categorize these certificates, such as Production, Demo, UAT, in our App. This allows the Verify App integrator to know which certificate matches pertain to which environment at any time during a transaction.
A certificate validation match is performed with the Mobile ID credential, and a certification tag is created for every certificate. This flag is used used in the Verify SDK to distinguish between different purposes of the certifications, leading to indicators in the Verify App results screen that some Mobile IDs credentials are “Not for Official Use”. If a certificate is not in production, then it is not meant for official use.
A popup/updated UI on the Verify App displays whether the Mobile ID credential is applicable for official use or not, based on the matched IACA certificate. Currently, for integrators, this provides additional information for IACA certificate matching.
The classification of these certificates is shown in this link: https://idemiadigitallabs.atlassian.net/wiki/spaces/MI/pages/478052581/IACA+Certificates
Verify SDK support following file formats for IACA certificates - (.pem, .crt, .der)
NFC implementation for Device Engagement (It only supports Static Device Engagement)

Error codes

This table contains the list of data error codes, messages, descriptions, and actions required.

Error Code	Error Code Message	Description	Action Required
101	Invalid QR Code	Please try again.	Try Again.
102	QR Data item is missing or found any issue	If item type is not as expected.	Try Again.
103	QR Data item is missing or found any issue	If DataItem(Map) is empty.	Try Again.
104	QR Data item is missing or found any issue	If DataItem(Array) is empty.	Try Again.
105	QR code scan error	Unable to Scan QR code may be because of invalid data or bad encoding.	Try Again.
111	Invalid EDeviceKey	Not supported or unspecified curve Id in DeviceEngagement structure sent by the mdoc	Try Again
123	Parsing Error	Error in compact mode qr code parsing and verification	Try Again.
124	Image Conversion Error	Error in convert image from bitmap to Image	Try Again.
141	Invalid NFC Tag, unable to read data	Please try again	Try Again.
142	Incorrect types for ac record,carrier record and auxiliary record.	Please try again.	Try Again.
143	Reference length indicated longer than available bytes.	Please try again.	Try Again.
144	Tag was lost.	Main Error during APDU transmission, tag may be out of field.	Try Again.
145	ISO-DEP is not supported.	Main Tag is not supporting ISO-DEP technology.	Try Again.
146	Exception when initializing TT4.	Error with TT4 configuration.	Try Again.
147	Wrongly formatted Service Parameter record	Please try again.	Try Again.
148	Error with Carrier Configuration record linking.	ConnectionHandoverException with Carrier Configuration record linking.	Try Again.
149	Main Initial message is null.	Please try again.	Try Again.
150	NFC Connection Timeout	NFC scanning has timedout.	Try Again.
151	NFC not supported	NFC not supported on this device.	Try Again.
186	NFC Session cancelled by user	NFC Reader Session invalidated by user	Try Again.
187	NFC Capability is not added.	Session invalidated unexpectedly. Please add NFC capability.	Try Again.
201	Unable to initialize BLE	Error in initializing BLE feature of this	The Mobile ID reader is not able to get BLE. The Mobile ID credential reader may abort the transaction.
202	Device Doesn't Support BLE	This device doesn't support the BLE feature.	The Mobile ID reader is not able to get BLE. The Mobile ID reader may abort the transaction.
203	BLE Scanning Error	Scanning of the BLE devices failed.	The Mobile ID reader is not able to scan the BLE devices. The Mobile ID reader may abort the transaction.
204	Bluetooth is OFF	This device's Bluetooth is off.	The Bluetooth of the device is not enabled. The Mobile ID credential reader may abort the transaction.
205	BLE Scanning Error	Please provide the BLUETOOTH permissions.
206	BLE Connection Timeout	Unable to create BLE communication channel with the Mobile ID device.	BLE connection failure. The Mobile ID reader may abort the transaction.
209	BLE L2CAP Read Error	BLE L2CAP connection error while reading.
210	BLE L2CAP Write Error	BLE L2CAP connection error while writing.
211	BLE L2CAP Channel Creation Error	L2CAP channel creation error, Using fallback.
301	Transaction Cancelled	The transaction has been cancelled by the end-user.	Unable to scan the QR code.
302	Device Disconnected	Unfortunately device has disconnected. Maybe the device is not in the range of BLE.	The Mobile ID credential reader may abort the transaction.
303	Timed Out, Please try again		BLE connection failure. The Mobile ID credential reader may abort the transaction.
304	Request Incomplete.	Please select one or more attributes to be included in the request to the Mobile ID credential.	The Mobile ID credential reader may inspect the request, ensure request is complete, and resend. The Mobile ID credential reader may abort the transaction.
305	Incomplete Request	An Mobile ID comes to an end of data when expecting more data. For example, an Mobile ID expects certain length, number of arrays elements, or map entries but instead encounters the end of the data. The Mobile ID does not return any data but the error message.	The Mobile ID credential reader may inspect the request, ensure request is complete, and resend. The Mobile ID credential reader may abort the transaction.
306	Request Rejected	The Mobile ID App indicates that the request is rejected.	The Mobile ID credential reader may inspect the problem. The Mobile ID credential reader may continue the transaction.
307	Mobile ID Reader Authentication Failed	The Mobile ID indicates there is an error with Mobile ID Reader authentication	The Mobile ID credential reader may inspect the problem. The Mobile ID credential reader may continue the transaction.
308	General Error	The Mobile ID App returns an error without any given reason.	The Mobile ID credential reader may inspect the request, ensure request is complete, and resend. The Mobile ID credential reader may abort the transaction.
309	Invalid Request	Request can't contain more than 2 age_over_nn as request attributes.
310	Error in Reader Authentication	ReaderAuthSign Signature or Certificate cannot be null or empty.
401	Parsing Error	A Mobile ID credential request encountered a data element that is not well-formed (e.g., invalid initial byte) and failed decoding data. The Mobile ID App does not return any data but the error message.	The Mobile ID credential reader may inspect the request, ensure request is complete, and resend. The Mobile ID credential reader may abort the transaction.
402	Invalid Format	The Mobile ID App cannot process the requested data element due to a formatting error.
403	Data Not Found	The requested NameSpace or data element within a NameSpace is not found.
404	Data Request Denied	The release of requested data element was rejected by the Mobile ID credential holder.
405	Data Not Returned	The Mobile ID App does not provide the requested data element without any given reason.
406	CBOR decoding error	The mdoc indicates an error during CBOR decoding that the data received is not valid CBOR.. Returning this status code is optional.
407	CBOR validation error	The mdoc indicates an error during CBOR validation, e.g. wrong CBOR structures. Returning this status code is optional.
451	Certificate Path Error	Either Path is invalid or inaccessible or not a folder path or folder is empty.

Test samples

QR + BLE sample

The following screen shows a scan of QR code in the IDEMIA Mobile ID App.

Note: This is for device engagement QR code testing. The full QR code + BLE scenario will only work with a real device using the IDEMIA Mobile ID App.