High-Level Flow
The end-to-end biometric flow is:
- The web app starts a biometric operation.
- The backend issues a signed
BST. - The Web SDK launches SophID Mobile or presents a QR handoff.
- The mobile flow completes biometric capture.
- The Web SDK retrieves the resulting
BRT. - The backend validates the
BRTand completes the operation.
System Roles
- Web App: triggers the operation
- Web SDK: handles browser/mobile handoff
- SophID Mobile: collects biometric input
- SophID Server: signs biometric results
- Server SDK: validates result tokens and session integrity