Adaptive SDK for Android

Introduction

This guide will walk though how to make use of Adaptive Access in a native Android application using the IBM Security Verify Adaptive SDK for Android. The Adaptive SDK for Android provides classes which manage authentication transactions that are dependent on policies that include Adaptive Access risk determinations.

For a deeper understanding on the different entities involved in Adaptive Access see Adaptive Access.

Prerequisites

Adaptive Access subscription

Ensure that your IBM Security Verify tenant has the Adaptive Access subscription enabled. You can check you active subscriptions under Configuration > Subscriptions in your tenant administration console.

Android Studio

You must have the Android Studio installed on the machine where you will create and run the sample application described in this guide. Download Android Studio here.

Adaptive SDK for Android

You need to have the Adaptive SDK for Android available in your development environment. This can be downloaded from the IBM Security App Exchange.

Custom application definition

Create a custom application definition and perform Adaptive Sign-On on-boarding. As part of the on-boarding process ensure you select mobile. This will create a link where you can download the Trusteer SDK. For more information, see On-board your application.

Trusteer SDK

Use the link that is displayed after Adaptive Sign-On on-boarding to download the Trusteer SDK.

Set up your environment

You will now set up your Android Studio development environment by creating a new mobile application and installing the required dependencies.

Create a new Android Studio project

Open Android Studio, and click + Create New Project.
Select Empty Activity from the Phone and Tablet tab, and click Next.
Name your sample application, and click Finish.

Add the Adaptive Android SDK and Trusteer SDK to the project

Go to File > New > New Module....
Select Import .JAR/.AAR Package, and click Next.
Under File name, select the location of the downloaded tas-release.aar file from the Trusteer SDK (see Trusteer SDK).
Click Finish.
Repeat steps 2 to 4 for the downloaded IBMAdaptiveSdk.aar file from the IBM Security Verify Adaptive SDK for Android.

Add the following lines to the dependencies body of your application's build.gradle file:

implementation project(':tas-release')
implementation project(':IBMAdaptiveSdk')
implementation 'androidx.lifecycle:lifecycle-extensions:2.2.0'

Reference the SDK support files

From the downloaded Trusteer SDK, move the SDK-S/TrusteerServiceCollection.kt file to your Android Studio project.
- You may need to update the package name at the top of this file.
From the downloaded Trusteer SDK, move the default_conf.rpkg and manifest.rpkg files to your Android Studio project's assets folder at <YOUR_PROJECT>/app/src/main/assets.
- You may need to manually create this assets folder if it doesn't exist.
- You will need to generate the manifest.rpkg file. To do this, refer to step 4C in the Manual Configuration Procedure documentation.

You can use the SDKs in-code by importing the modules:

import com.ibm.security.adaptivesdk.*
import com.trusteer.tas.*

Use the SDK

The Adaptive Android SDK should be used in conjunction with the Adaptive Proxy SDK.

For more documentation on the Adaptive Android SDK's functions, refer to the README.md file in the downloaded IBM Security Verify Adaptive SDK for Android.

For an overview of Adaptive Access, see Adaptive Access.

Sample Code

For a sample Android app using the Adaptive Android SDK, see the sample app GitHub repo.