CheckoutCheckout Security

Strong Authentication

Developers can use this documentation to enable strong authentication to optimize security around card and bank account details.

What Is Strong Authentication

An optional parameter that can enabled for your account for added security is to enforce authentication for customers and withdrawers. This prevents anyone who knows a wallet address from being able to view the cards and bank accounts linked to a particular wallet address.

Implementation

Coinflow uses wallet message signing authentication to validate that a particular user owns the wallet associated with their account. In order to enable this in your integration you will need to implement the signMessage function in your wallet.

📘 Please upgrade to @coinflowlabs/react > v3 and @coinflowlabs/react-native > v2

Solana

1<CoinflowPurchase
2  ...
3  wallet={{
4    ...
5    signMessage: (message: UInt8Array) => Promise<UInt8Array>;
6  }}
7 />

EVM

1import { useSignMessage } from "wagmi";
2
3const {signMessageAsync} = useSignMessage();
4
5const signMessage = useCallback(
6  async (message: string) => {
7    // It is not necessary to use wagmi you can use any custom logic to generate a valid signature for the address
8    return await signMessageAsync({ message });
9  },
10  [signMessageAsync]
11);
12
13<CoinflowPurchase
14  ...
15  wallet={{
16    ...
17    signMessage,
18  }}
19 />

Enable Strong Authentication on Merchant Settings

Once you have message signing integrated for your application you can head to your settings page and enable strong authentication for your account.

🚧 Enabling this without implementing signMessage from above will break all withdraws and not allow checkout customers to view their saved cards.