kinegram.digital

Appearance

MOBILE CHIP SDK Online

The MOBILE CHIP SDK online enables reading and verification of electronic passports and ID cards (eMRTDs) in environments where the client device is not fully trusted. The security-critical verification steps run on the DocVal Server, while the mobile eMRTD Connector handles the NFC session and chip reading on the device.

Architecture

When to Use Online vs. Offline

The key difference between MOBILE CHIP SDK online and offline is the trust model:

  • MOBILE CHIP SDK online is designed for scenarios where the client device cannot be trusted. The device is outside of your control, for example an end user's personal smartphone. Because the device could be compromised, the security-critical verification steps (Passive Authentication, Active Authentication, Chip Authentication) are performed on the DocVal Server, ensuring that a manipulated client cannot forge verification results.

  • MOBILE CHIP SDK offline is designed for trusted devices that are under your organization's control. The entire reading and verification process happens locally on the device, with no server required.

Components

DocVal Server

The kinegram.digital Document Validation Server (DocVal Server) is the server component responsible for the security-critical parts of the verification process.

The Connector SDKs perform the NFC session and read most of the chip data locally on the device. The DocVal Server handles the steps that must not be performed on an untrusted client:

  • Passive Authentication: Verifying the authenticity and integrity of the chip data against trusted country certificates.
  • Active Authentication: Generating the cryptographic challenge and verifying the chip's response to detect cloned chips.
  • Chip Authentication: Performing the server-side key exchange to verify the chip holds its private key.

The verification result is posted to your server.

The DocVal Server also offers an HTTP API for server-to-server verification: your backend sends pre-read eMRTD files to the DocVal Server, which verifies and parses them. This is useful if you already read chip data yourself (e.g. with MOBILE CHIP SDK offline) but want server-side Passive Authentication against the DocVal Server's certificate list.

Read the DocVal Server documentation

eMRTD Connector Android

The eMRTD Connector for Android is a mobile library that handles the NFC session with the eMRTD chip. It reads the chip data locally and communicates with the DocVal Server via WebSocket for the security-critical verification steps.

eMRTD Connector iOS

The eMRTD Connector for iOS provides the same functionality for iOS devices, using Core NFC for the NFC session.

eMRTD Connector Flutter

The eMRTD Connector for Flutter is a Flutter plugin that wraps the native Android and iOS connectors, exposing a single Dart API for cross-platform apps.

eMRTD Connector MAUI

The eMRTD Connector for .NET MAUI is a multi-platform MAUI integration that wraps the native Android and iOS connectors for use in cross-platform C# apps.