E2EE iOS SDK Integration Guide

Overview of E2EE

End-to-End Encryption (E2EE) adds an extra layer of security to your communications by encrypting the data transmitted between the server and client. The process begins with a key exchange where the client and server share keys for encrypting and decrypting messages. This exchange acts like a handshake and ensures that all subsequent communications are encrypted. Only the intended server and client are able to decrypt the messages.

Security

The SDK uses CryptoKit for all cryptographic operations, ensuring industry-standard security:

• RSA-OAEP with SHA-256 asymmetric encryption for secure key exchange.
• AES-GCM symmetric encryption for securing server requests and responses.

Prerequisites

Starting with SDK version 5.37, E2EE functionality is built into the standard IncdOnboarding SDK and no longer requires the OpenSSL framework. No additional setup or separate variant is required.

What Changed

• The separate "-e2ee" SDK variant has been deprecated
• E2EE capabilities are now included in the main SDK
• E2EE no longer requires the OpenSSL framework

Steps to Enable E2EE in the SDK

1. Set Up a Custom Server for E2EE

Initialize the IncdOnboarding SDK with a custom API URL for E2EE as follows:

IncdOnboardingManager.shared.initIncdOnboarding(
    url: url, // URL for regular non-encrypted API requests
    e2eeURL: e2eeURL, // URL for E2EE API requests
    apiKey: apiKey)

2. Enable E2EE via IncdOnboardingSessionConfiguration:

let sessionConfig = IncdOnboardingSessionConfiguration(e2eEncryptionEnabled: true, ...)

3. Start Onboarding

Start Onboarding with the configuration created at the previous step.

• Start onboarding by creating the flow and calling startOnboarding as explained here
• Start onboarding sections as explained here