SonicAuth Library - Android
SonicAuth is a service that provides the benefits of a secure communication session among various entities. The access to the session is given once a proximity verification process is completed. The verification process is performed by exchanging audio signals among the entities. SonicAuth service is the core of CopSonic Technology.
The session is the core of the verification process. Opening a session in SonicAuth is the process by which a part defines the session properties and therefore, the proximity verification procedure’s parameters. Among its most common properties are the session lifetime, the maximum number of entities allowed to connect and whether the audio signals will be audible or not by the human ear. A session can be open programmatically using the SDKs or manually in the SonicAuth Management Site.
The entity that opens the session is called host. The host can lock or close the session at will. When a session is locked, no other entities are allowed to connect to it and use it. When a session is closed it ceases to exist, as well as its properties and facilities. All the other entities are called clients. Once a client is connected to a session is considered a session party. All this system entities are composed by pieces of code running in their respective platforms and devices. Such devices must be connected to internet in order to perform any verification, with the exception of the verification through a telephony service, as it will be later introduced.
The verification procedure starts when a session is opened by the host, wherein the sound mode is defined. Next, the host requests the sound data (audio token) associated with the session to broadcast it. To play the sound information, the host must rely on the audio hardware at hand, such as loudspeakers. The sound information related to a session is often referred as session sound data.
The clients willing to connect to the session, must demonstrate their proximity to the emission source. In doing so, they must scan the audio in the near environment where the host‘s emitter is playing the session audio data. The recorded samples must be submitted to the service which ultimately validates the client presence and grants the necessary information to connect to the session.
A client currently scanning and physically located near the emission source will always be evaluated positively and will be notified by the service about the session found. Finding a session is the challenge a client must fulfill in order to connect to the aforementioned session. Once a session is found, the service will provide a session identifier referred as the session ID. If the client executes the Connect command using this session identifier found, the client will be henceforth a session party.
When a proximity verification procedure is completed, the information exchange will happen through the use of properties. The properties are key-value pairs that can be used to exchange information between client and the host. Both sessions and parties will have their respective properties. The session properties can be accessed by any party, but they can be created/updated only by the host. The party’s properties are managed by the parties and are accessible only to the host session.