Previous Topic: Questions and Answers AuthenticationNext Topic: QnA Authentication Using Server Verification

CA AuthMinder Java Developer's GuideAuthenticating UsersQuestions and Answers AuthenticationQnA Authentication Using Caller Verification Feature

QnA Authentication Using Caller Verification Feature

The following steps explains how to perform QnA authentication if caller verification feature is enabled:

  1. Invoke the getQuestions() method of the QnAAuth interface to retrieve the user’s questions and answers from the AuthMinder Server.

    Note: The QnAAuth interface provides two getQuestions() methods, you must call the method that takes the boolean input (fetchAnswers) to fetch the answers.

    This method returns an instance of the QnAResponse interface, which includes the questions to be asked, answers for each question, transaction ID, message, response code, and reason code.

  2. Prepare an object to hold the questions and answers of the user. For this, you must invoke the methods of AuthQnAInfo interface in the following order:
    1. getNumberofQuestions

      Invoke this method to know the number of questions that are set for the user.

    2. getQuestion

      Invoke this method to get the questions that are set for the user. The number of questions fetched by this method depends on the number returned by the getNumberofQuestions() method.

    3. Implement the logic to collect the answers from the user for the questions retrieved from AuthMinder Server.
    4. answerQuestion

      Note: The AuthQnAInfo interface provides two answerQuestion() methods, you must call the method that takes the verification status as one of the input.

      Invoke this method to set the answer collected by the application.

  3. (Optional) If you are implementing a plug-in, then invoke the setAdditionalInput() method in the AdditionalInput class to obtain an object that implements the class.

    See "Preparing Additional Input" for more information.

  4. Invoke the verifyAnswers() method of the QnAAuth interface by passing the AuthQnAInfo object created in Step 2 to verify the answers provided by the user. Optionally, you can also specify the token type that must be returned to the user after successful authentication by using the AuthTokenType class.

    This method returns an instance of the AuthResponse interface, which provides the transaction details, credential details, and token information.