Advanced Chip Reader Customizations

PassportChipReader works right out of the box. However, if some of the behavior doesn’t suit your needs, there are additional customizations you can make.

Custom Messaging

All of the text displayed in the NFC prompt can be customized:

nfc-prompt

The text displayed above the “Cancel” button is called an alert message. The alert message is updated based on the active-reading substate of the reader:

reading-substates

When the active-reading substate changes and when the progress for a substate is updated, the PassportChipReader will update the alert message. You can use the defaults provided by the SDK, or you can provide your own custom strings:

import UIKit
import CFNFCReaderSDK

class ViewController: UIViewController {

    private var passportReader: PassportReader?

    override func viewDidLoad() {
        let passportReader = PassportReader()

        passportReader.customAlertMessageProvider = CustomAlertMessageProvider { state in
            switch state {
            case .searching:
                return "Place your phone in the center of your passport" // Custom alert message
            default:
                return nil // Use SDK defaults
            }
        }
    }

}

Important

The Human Interface Guidelines provide best practices on writing good alert messages.

CSCA Verification

The NFC Reader SDK is capable of verifying the embedded Document Signer Certificate (DSC) in the EF.SOD against a Country Signing Certification Authority (CSCA) certificate list, commonly referred to as a Master List. You can do this by providing a cscaMasterListURL to your PassportChipReader, where the URL points to a PEM-encoded list of CSCA certificates. Many master lists, such as those provided by the ICAO PKD, come in the form of OpenLDAP diffs which must be converted to a PEM list. This may require looping through diffs and ASN.1 parsing, which we currently do not provide scripts for.

Warning

Many master lists, including the ICAO PKD, are not meant for commercial distribution. Before adding them to your app, make sure you are aware of any restrictions around their use in personal and commercial applications.

With a CSCA master list provided, you can now verify the authenticity of PassportChipData via PassportChipData.didPassAuthenticityCheck. Be aware that this doesn’t yet take Certificate Revocation Lists (CRLs) into consideration.