Issue Mobile Credentials

A key feature of the Unifyia platform is its capability to issue mobile digital credentials on the Unifyia ID Wallet app, accessible only on iOS mobile devices. This secure digital wallet offers an intuitive way to manage digitally signed credentials on mobile devices, with credentials issued directly from the Unifyia platform.

Before You Begin

  • Ensure that you are registered as a user with the necessary privileges to access the Unifyia platform user portal by an authorized operator within the organization.
  • The users from the integrated relying parties can use their existing credentials to log in to before the platform.
  • You have an iOS or Android mobile device.
  • You have the option to issue device-bound authenticators or external security keys that can be connected as an USB or over NFC for FIDO2 registration. However, this is based on your organizations's passkeys (FIDO2) policy.
  • Download and install the Unifyia ID Wallet app on an iOS mobile from the mobile device's app store and for an Android device from the Play Store.

Supported Mobile Phones

  • iOS 13+

Issue Credentials

You can register your mobile device and issue the credentials in the following ways:

  • Using the Unifyia Platform
  • Using Email Invite Using a QR Code

Using Unifyia Platform

Supported Browsers

  • Windows
    • Google Chrome
    • Microsoft Edge
  • macOS
    • Safari

This section helps you understand how to issue credentials by using the Unifyia platform.

  1. Log in to the platform using your credentials.
  2. Select Identities on the main menu.
  3. Select + Add Identity. If more than one identity is approved for you, you are prompted to select for which workflow you wish to issue an identity to continue. Otherwise, the page to set up the ID Wallet app is displayed.
  4. Open your ID Wallet app on your mobile. Scan the QR code displayed on the page.
  5. On scanning the code, the app fetches your identities.
  6. Tap OK. If your organization has approved FIDO2 credential issuance for your group, the app prompts you to continue the FIDO2 registration process. Refer to section Passkeys (FIDO2) Registration. Otherwise, the app displays all the mobile identities and their credentials approved for your group as per your organization's policy. Typically, four credentials can be issued for your account based on the configured workflow – Visual ID, PKI, OTP, and Consent.
  7. If QR code scanning fails in the ID Wallet app, select Enter Manually.
  8. On the Unifyia platform navigate to the ID Wallet Locate the section displaying the URL and secret key. Input the platform URL (e.g., https://org.Unifyia.net) and the Secret Key shown on the platform page.
  9. Tap Submit to complete registration and get your mobile credentials.

Using a QR Code

  1. Open the email sent to your registered email ID on your computer.
  2. You will find a QR code to pair your device.
  3. Launch the ID Wallet app on the mobile and use the QR code scanner within the app to scan the QR code provided in the received email.
  4. Once the scanning of the code is successful, the app fetches your identities.
  5. Tap OK. If your organization has approved FIDO2 credential issuance for your group, the app prompts you to continue the FIDO2 registration process. Refer to section Passkeys (FIDO2) Registration. Otherwise, the app displays all the mobile identities and their credentials approved for your group as per your organization's policy. Typically, four credentials can be issued for your account based on the configured workflow – Visual ID, PKI, OTP, and Consent.
  6. If the QR code scanning from the email fails on the ID Wallet app, select Enter Manually.
  7. On the email invite, locate the section Unable to scan.
  8. Input the platform URL (g.: https://org.utopia.net) and the Secret Key that you see under this section.
  9. Tap Submit to complete registration and get your mobile identities.

Passkeys (FIDO2) Registration

  1. Upon completing the credential issuance process, a popup message will appear on the ID Wallet app, prompting you to proceed with FIDO security key registration. Tap OK to continue.
  2. You can delay the FIDO2 registration until later. To proceed with the registration at a convenient time, access the notification to register in the app's Notification Note that this link will only be active for twelve hours.
  3. On the FIDO2 registration page, select Register to configure your mobile device to be used as the FIDO Security Key. Ensure to use either Google Chrome or Safari browser for registration.
  4. You are redirected to the Unifyia platform on your phone browser.
  5. Select the link Click here to proceed.
  6. Select Get Started.
  7. You have to choose how to use your security key.
    • User security key with Bluetooth: Select this option if wish to connect to another device to pair your key. To do so, ensure you have an identity device with Bluetooth capability enabled.
    • User security key with USB: Select this option if you want to use the USB security keys/tokens such as a YubiKey to use as a security key. Connect the security key to your USB port or link it using a USB cable. If your key features a button or a gold disc, press or tap it accordingly.
    • User security key with NFC: Select this option if you wish to use the NFC-enabled device such as a Yubikey to be used as a security key. Tap the device at the back of the mobile device. You will feel the mobile device vibrate indicating that the Yubikey is successfully registered.
    • Use this device with screen lock: Choose this option if you prefer to use the mobile with its configured screen lock (PIN, fingerprint, face, or pattern) as a security key. On the popup screen verify your identity. If you prefer to use your screen lock PIN, tap Use screen lock and enter your PIN. On successful verification, your FIDO2 credential will be issued on the device.
  8. On the next screen, a label for the registered passkey is displayed. If required, rename it and select OK. You have completed the registration process.
  9. Tap Back to Application.
  10. Your mobile identity is successfully updated with the FIDO Passkey credential. Select OK.
  11. You are now all set to use your mobile device as a FIDO Passkey to initiate multi-factor authentication/passwordless authentication/app-less authentication.
  12. You have the following mobile credentials issued: Visual, FIDO2, Consent, PKI, and OTP.

Mobile Digital Credentials

You can view and use all the issued mobile identities and their credentials.

Visual ID: This is similar to the physical identity but in digital form. Use the flip icon to switch between the front and back sides of the ID. Tap on the document icon to access user details. Tap the QR Code icon to reveal the QR code for identity and age verification.

The visual credential shows your picture and name if you have used a PIV ID credential for verification or you have completed enrollment with face. In all other cases, you can only view the name.

PKI: This credential is used for the certificate-based login requests received as consent requests or push notifications from either the platform or third-party applications for passwordless authentication. It is one of the most secure credentials that can be leveraged for authentication. Tap the certificate to review its details.

If you have used a PIV ID card for primary card verification, derived PIV certificates (authentication, card authentication, digital signature, and encryption) are issued. In all other cases, PIV certificates (authentication, card authentication, digital signature, and encryption) are issued.

Consent: The consent keys are used for approving an authentication request sent to the ID Wallet from the platform or integrated applications.

OTP: The OTP credential allows a user to login to the platform in an offline mode. Displays the OTP that can be used to authenticate in an offline mode.

FIDO2: The FIDO2 credential allows a user to log in to the platform using security keys connected to a computer or over NFC or Bluetooth. Additionally, if you have registered the mobile device as an authenticator, then you can use the configured device screen lock (Pattern, Password, PIN, Fingerprint, Face) to authThe FIDO2 credential allows a user to log in to the platform using security keys connected over NFC. enticate to the platform or integrated applications.


Back Next
On this page