Epic: SM-1818 - IAM: Authenticate and authorize to CC agent In Progress
Priority:
Effort estimate:
Review status: in preparation/ready to review/approved
As a Customer I want to confirm my identity of CC agent so that I can authorize the agent to take any action on my behalf
Role: Bank User, Customer
Objective: Confirm identity of bank user
Reason: security
Functional requirements:
To prove to the customer that caller is bank employee, following check can be initiated:
Customer will log in to app and reach the authenticate calling CC agent screen
Customer will pick 4 random numbers and press authenticate
This action will be logged in the BOFE communication log
CC agent will read out loud the random numbers, proving that he in fact has access to bank systems
If the customer wants to verify the veracity of the TLS,CS,Sales personnel they are talking with, customer can:
There is a verify bank employee button in the app wherein customer can press the button - enter a 4 digit code then bank personnel can verify the code by checking the automated Jira ticket created/Communication log/notes created.
App will display the “enter code” UI, customer enters code, app calls the back-office endpoint and send this code, BOFE displays code.
UI requirements:
Process flow: n/a
Execution steps: n/a
Internal dependencies:https://safibank.atlassian.net/l/cp/xqdAxB5Z , SM-4995 - Review - Support hub (temporary name) Done
External dependencies: OKTA
Acceptance criteria: https://safibank.atlassian.net/l/cp/xqdAxB5Z
Links to wireframes/UI: https://www.figma.com/file/dkDQHRa1zq7tU58MiL6hBR/SaFi---UI---MVP-(Shared)?node-id=13914%3A84032 SM-4777 - Authenticate calling CC agent - screen Done
Technical Analysis
The new endpoint /agent-verification
should be protected with LEVEL1 signature.
The payload for /communicationRecords
should look like this:
val communicationHistoryRecord = CommunicationRecordCreateDto( /* direction = */ CommunicationRecordDirection.INBOUND, /* communicatedAt = */ Instant.now().truncatedTo(ChronoUnit.MILLIS).atOffset(ZoneOffset.UTC), /* source = */ "mobile-app", /* channel = */ CommunicationRecordChannel.INTERNAL, /* domain = */ CommunicationRecordDomain.IAM, /* customerHandle = */ customerId.toString(), /* purpose = */ "callCenterAuthenticationChallenge", /* title = */ "Authentication challenge", /* body = */ "Customer generated authentication challenge for call center operator: ${code}" ).customerId(internalMessage.customerId).interactionId(null) communicationHistoryManagerApi.createCommunicationRecord(idempotencyKey, communicationHistoryRecord)
Some of the enum values mentioned above are not yet available and will be added in SM-6860 - Add more communication enum values Done
When doing audit log, EventActionType
should be AGENT_VERIFICATION_INITIATED
.
Attachments:
plantuml_1667367592352.svg (image/svg+xml)
plantuml_1667367592352.png (image/png)
plantuml_1667367592352 (text/plain)
plantuml_1667367592352.svg (image/svg+xml)
plantuml_1667367592352.png (image/png)
plantuml_1667367592352 (text/plain)
plantuml_1667367592352.svg (image/svg+xml)
plantuml_1667367592352.png (image/png)
plantuml_1667367592352 (text/plain)
plantuml_1667367592352.svg (image/svg+xml)
plantuml_1667367592352.png (image/png)
plantuml_1667367592352 (text/plain)
plantuml_1667367592352.svg (image/svg+xml)
plantuml_1667367592352.png (image/png)