1.12 Push Notification 2FA configuration
This topic provides information on Push Notification 2FA configuration.
- This is 2fa authentication set for any transaction. With the setup,
whenever any user initiates any transaction, they will receive a push
notification on the registered device. They have to click on the notification to
accept/reject the transaction. Based on the action, the transaction will be
proceeded.
Note:
PUSH notifications are received only if user has allowed push notification when the application was installed and logged in the mobile application for the first time. - If user disallows the notification when the application for installed for the first time., they will not receive any push notifications on their devices.
- If Push notification 2fa is enabled at bank side for any transaction then, the
screen displays message to wait for the push notification to accept/reject the
transaction authentication. The message displayed on the text as well contains a
timer of 5 minutes displayed on the UI. This value is set in the UI code. If
bank needs to change this value, bank needs to update the value in UI
code:
File path: channel/metadata/user-components/push-out-of-band/push-out-of-band/hook.js
Code to be changed: const mins = <<value>>;
Update the value to what bank needs to set it. This value is in minutes.
So, ideally 5 minutes (existing value in base UI code) is an ideal time. Any changes made in this value should satisfy below pre-condition.
- There is an OTP expiration time set in “digx_fw_config_ALL_b” table.
- Also, there is business policy check set to 10 minutes for validation of the
generated 2fa token. Bank can write their own business policy where they can
modify the 10 minutes time.
So, the time in UI code should not exceed 10 minutes and OTP expiration time in “digx_fw_config_ALL_b” table.
Parent topic: OBDX Servicing Application