From a462b7df6530800a31debc8f41b66acaa8904605 Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Mon, 15 Jul 2024 15:36:06 +0200 Subject: [PATCH 1/7] Create SIM-Swap_retrieve_User_Story.md --- .../API_documentation/SIM-Swap_retrieve_User_Story.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 documentation/API_documentation/SIM-Swap_retrieve_User_Story.md diff --git a/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md new file mode 100644 index 0000000..c451e91 --- /dev/null +++ b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md @@ -0,0 +1,11 @@ +# SIM Swap Retrieve API User Story + + +| **Item** | **Details** | +| ---- | ------- | +| ***Summary*** | As an enterprise application developer, I want to verify the last SIM Swap date for a user's mobile number so that I can enhance security measures against account takeover fraud. | +| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
**Actors:** Application service providers, hyperscalers, application developers, end users.
**Scope:**
- Retrieves the timestamp of the last SIM Swap event for a given phone number. | +| ***Pre-conditions*** |The preconditions are listed below:
  1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
  2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
  3. The Customer:Administrator has onboarded the Customer:User to the platform.
  4. The Customer:User performs an authorization request to CSP
  5. The Customer:User has the access token allowing a secure access of the API.| +| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /retrieve-date endpoint via the SIM Swap API, including the phone number provided by the user in the application.
    **Ends when:** The SIM Swap server responds with the timestamp of the last SIM swap event, or the SIM activation date if no swap has occurred. | +| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | +| ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
    - Unauthorized: Not valid credentials (e.g., use of already expired access token).
    - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).
    - Not able to provide: Legal restrictions or data retention policies preventing the retrieval of the requested information.| From ef9e191d229103bda01681ef7f02b268440afc0a Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Mon, 15 Jul 2024 15:40:39 +0200 Subject: [PATCH 2/7] Create SIM-Swap_check_User_Story.md --- .../API_documentation/SIM-Swap_check_User_Story.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 documentation/API_documentation/SIM-Swap_check_User_Story.md diff --git a/documentation/API_documentation/SIM-Swap_check_User_Story.md b/documentation/API_documentation/SIM-Swap_check_User_Story.md new file mode 100644 index 0000000..5cde329 --- /dev/null +++ b/documentation/API_documentation/SIM-Swap_check_User_Story.md @@ -0,0 +1,11 @@ +# SIM Swap Check API User Story + + +| **Item** | **Details** | +| ---- | ------- | +| ***Summary*** | As an enterprise application developer, I want to check if a SIM swap has occurred within a specified period for a user's mobile number so that I can enhance security measures against account takeover fraud. | +| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
    **Actors:** Application service providers, hyperscalers, application developers, end users.
    **Scope:**
    - Checks if a SIM Swap has occurred within a specified period for a given phone number. | +| ***Pre-conditions*** |The preconditions are listed below:
    1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
    2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
    3. The Customer:Administrator has onboarded the Customer:User to the platform.
    4. The Customer:User performs an authorization request to CSP
    5. The Customer:User has the access token allowing a secure access of the API.| +| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /check endpoint via the SIM Swap API, providing the phone number and the desired period to check for SIM swaps.
      **Ends when:** The SIM Swap server responds indicating whether a SIM swap has been performed within the specified period. | +| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | +| ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
      - Unauthorized: Not valid credentials (e.g., use of already expired access token).
      - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).| From 1c81c10717d4092524747f484604d16f39c19446 Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Mon, 15 Jul 2024 16:19:08 +0200 Subject: [PATCH 3/7] Create API-Readiness-Checklist_SIM-Swap-1.0.0.md --- .../API-Readiness-Checklist_SIM-Swap-1.0.0.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 documentation/API_documentation/API-Readiness-Checklist_SIM-Swap-1.0.0.md diff --git a/documentation/API_documentation/API-Readiness-Checklist_SIM-Swap-1.0.0.md b/documentation/API_documentation/API-Readiness-Checklist_SIM-Swap-1.0.0.md new file mode 100644 index 0000000..8061576 --- /dev/null +++ b/documentation/API_documentation/API-Readiness-Checklist_SIM-Swap-1.0.0.md @@ -0,0 +1,27 @@ +# API Readiness Checklist + +Checklist for SIM Swap 1.0.0 in FALL24 + +| Nr | API release assets | alpha | release-candidate | initial
      public | stable
      public | Status | Comments | +|----|----------------------------------------------|:-----:|:-----------------:|:-------:|:------:|:----:|:----:| +| 1 | API definition | M | M | M | M | | link | +| 2 | Design guidelines from Commonalities applied | O | M | M | M | | | +| 3 | Guidelines from ICM applied | O | M | M | M | | | +| 4 | API versioning convention applied | M | M | M | M | | | +| 5 | API documentation | M | M | M | M | | link | +| 6 | User stories | O | O | O | M | | link | +| 7 | Basic API test cases & documentation | O | M | M | M | | link | +| 8 | Enhanced API test cases & documentation | O | O | O | M | | link | +| 9 | Test result statement | O | O | O | M | | link | +| 10 | API release numbering convention applied | M | M | M | M | | | +| 11 | Change log updated | M | M | M | M | | link | +| 12 | Previous public release was certified | O | O | O | M | | | + +To fill the checklist: +- in the line above the table, replace the api-name, api-version and the rx.y by their actual values for the current API version and release. +- in the Status column, put "Y" (yes) if the release asset is available or fulfilled in the current release, a "N" (no) or a "tbd". Example use of "tbd" is in case an alpha or release-candidate API version does not yet provide all mandatory assets for the release. +- in the Comments column, provide the link to the asset once available, and any other relevant comments. + +Note: the checklists of a public API version and of its preceding release-candidate API version can be the same. + +The documentation for the content of the checklist is here: [API Readiness Checklist](https://wiki.camaraproject.org/x/HQBFAQ) From 4ea572eb6234d6e95f6d407faadd1b5b6645087d Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Wed, 24 Jul 2024 18:14:20 +0200 Subject: [PATCH 4/7] Update SIM-Swap_retrieve_User_Story.md --- .../API_documentation/SIM-Swap_retrieve_User_Story.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md index c451e91..d8d55a4 100644 --- a/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md +++ b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md @@ -4,8 +4,8 @@ | **Item** | **Details** | | ---- | ------- | | ***Summary*** | As an enterprise application developer, I want to verify the last SIM Swap date for a user's mobile number so that I can enhance security measures against account takeover fraud. | -| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
      **Actors:** Application service providers, hyperscalers, application developers, end users.
      **Scope:**
      - Retrieves the timestamp of the last SIM Swap event for a given phone number. | -| ***Pre-conditions*** |The preconditions are listed below:
      1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
      2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
      3. The Customer:Administrator has onboarded the Customer:User to the platform.
      4. The Customer:User performs an authorization request to CSP
      5. The Customer:User has the access token allowing a secure access of the API.| -| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /retrieve-date endpoint via the SIM Swap API, including the phone number provided by the user in the application.
        **Ends when:** The SIM Swap server responds with the timestamp of the last SIM swap event, or the SIM activation date if no swap has occurred. | +| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
        **Actors:** Application service providers, hyperscalers, application developers, end users, Communication service Provider (CSP).
        **Scope:**
        - Retrieves the timestamp of the last SIM Swap event for a given phone number. | +| ***Pre-conditions*** |The preconditions are listed below:
        1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
        2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
        3. The Customer:Administrator has onboarded the Customer:User to the platform.
        4. The Customer:User performs an authorization request to CSP
        5. The Customer:User has the access token allowing the access of the API and SIM Swap information of the target phoneNumber, if applies"| +| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /retrieve-date endpoint via the SIM Swap API, including the phone number provided by the user in the application.
          **Ends when:** The CSP's SIM Swap server responds with the timestamp of the last SIM swap event, or the SIM activation date if no swap has occurred. | | ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | | ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
          - Unauthorized: Not valid credentials (e.g., use of already expired access token).
          - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).
          - Not able to provide: Legal restrictions or data retention policies preventing the retrieval of the requested information.| From 5a242536bc7a0bbea6006825845bb64409a0313b Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Wed, 24 Jul 2024 18:17:11 +0200 Subject: [PATCH 5/7] Update SIM-Swap_check_User_Story.md --- .../API_documentation/SIM-Swap_check_User_Story.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/documentation/API_documentation/SIM-Swap_check_User_Story.md b/documentation/API_documentation/SIM-Swap_check_User_Story.md index 5cde329..80d3efd 100644 --- a/documentation/API_documentation/SIM-Swap_check_User_Story.md +++ b/documentation/API_documentation/SIM-Swap_check_User_Story.md @@ -4,8 +4,8 @@ | **Item** | **Details** | | ---- | ------- | | ***Summary*** | As an enterprise application developer, I want to check if a SIM swap has occurred within a specified period for a user's mobile number so that I can enhance security measures against account takeover fraud. | -| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
          **Actors:** Application service providers, hyperscalers, application developers, end users.
          **Scope:**
          - Checks if a SIM Swap has occurred within a specified period for a given phone number. | -| ***Pre-conditions*** |The preconditions are listed below:
          1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
          2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
          3. The Customer:Administrator has onboarded the Customer:User to the platform.
          4. The Customer:User performs an authorization request to CSP
          5. The Customer:User has the access token allowing a secure access of the API.| -| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /check endpoint via the SIM Swap API, providing the phone number and the desired period to check for SIM swaps.
            **Ends when:** The SIM Swap server responds indicating whether a SIM swap has been performed within the specified period. | +| ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
            **Actors:** Application service providers, hyperscalers, application developers, end users, Communication service Provider (CSP).
            **Scope:**
            - Checks if a SIM Swap has occurred within a specified period for a given phone number. | +| ***Pre-conditions*** |The preconditions are listed below:
            1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
            2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
            3. The Customer:Administrator has onboarded the Customer:User to the platform.
            4. The Customer:User performs an authorization request to CSP
            5. The Customer:User has the access token allowing the access of the API and SIM Swap information of the target phoneNumber, if applies| +| ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /check endpoint via the SIM Swap API, providing the phone number and the desired period to check for SIM swaps.
              **Ends when:** The CSP's SIM Swap server responds indicating whether a SIM swap has been performed within the specified period. | | ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | | ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
              - Unauthorized: Not valid credentials (e.g., use of already expired access token).
              - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).| From 3ce2b6f6bf8f5fb00717a913ac8c9977a89a7e31 Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Wed, 24 Jul 2024 18:22:54 +0200 Subject: [PATCH 6/7] Update SIM-Swap_check_User_Story.md --- documentation/API_documentation/SIM-Swap_check_User_Story.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/API_documentation/SIM-Swap_check_User_Story.md b/documentation/API_documentation/SIM-Swap_check_User_Story.md index 80d3efd..c7a8053 100644 --- a/documentation/API_documentation/SIM-Swap_check_User_Story.md +++ b/documentation/API_documentation/SIM-Swap_check_User_Story.md @@ -7,5 +7,5 @@ | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
              **Actors:** Application service providers, hyperscalers, application developers, end users, Communication service Provider (CSP).
              **Scope:**
              - Checks if a SIM Swap has occurred within a specified period for a given phone number. | | ***Pre-conditions*** |The preconditions are listed below:
              1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
              2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
              3. The Customer:Administrator has onboarded the Customer:User to the platform.
              4. The Customer:User performs an authorization request to CSP
              5. The Customer:User has the access token allowing the access of the API and SIM Swap information of the target phoneNumber, if applies| | ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /check endpoint via the SIM Swap API, providing the phone number and the desired period to check for SIM swaps.
                **Ends when:** The CSP's SIM Swap server responds indicating whether a SIM swap has been performed within the specified period. | -| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | +| ***Post-conditions*** | The customer application could continue offering its service to the end user with the confirmation of the validity of the SIM based on the SIM Swap information. | | ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
                - Unauthorized: Not valid credentials (e.g., use of already expired access token).
                - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).| From ce374ce4770cd2427dde07f4780e12b66ac9e940 Mon Sep 17 00:00:00 2001 From: Jorge Garcia Hospital <129095857+jgarciahospital@users.noreply.github.com> Date: Wed, 24 Jul 2024 18:23:09 +0200 Subject: [PATCH 7/7] Update SIM-Swap_retrieve_User_Story.md --- documentation/API_documentation/SIM-Swap_retrieve_User_Story.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md index d8d55a4..8f19a29 100644 --- a/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md +++ b/documentation/API_documentation/SIM-Swap_retrieve_User_Story.md @@ -7,5 +7,5 @@ | ***Roles, Actors and Scope*** | **Roles:** Customer:User, Customer:BusinessManager, Customer:Administrator
                **Actors:** Application service providers, hyperscalers, application developers, end users, Communication service Provider (CSP).
                **Scope:**
                - Retrieves the timestamp of the last SIM Swap event for a given phone number. | | ***Pre-conditions*** |The preconditions are listed below:
                1. The Customer:BusinessManager and Customer:Administrator have been onboarded to the CSP's API platform.
                2. The Customer:BusinessManager has successfully subscribed to the SIM Swap API product from the product catalog.
                3. The Customer:Administrator has onboarded the Customer:User to the platform.
                4. The Customer:User performs an authorization request to CSP
                5. The Customer:User has the access token allowing the access of the API and SIM Swap information of the target phoneNumber, if applies"| | ***Activities/Steps*** | **Starts when:** The customer application makes a POST request to the /retrieve-date endpoint via the SIM Swap API, including the phone number provided by the user in the application.
                  **Ends when:** The CSP's SIM Swap server responds with the timestamp of the last SIM swap event, or the SIM activation date if no swap has occurred. | -| ***Post-conditions*** | The customer application could continue offering its service to the user with the confirmation of the validity of the SIM based on the SIM Swap information. | +| ***Post-conditions*** | The customer application could continue offering its service to the end user with the confirmation of the validity of the SIM based on the SIM Swap information. | | ***Exceptions*** | Several exceptions might occur during the SIM Swap API operations
                  - Unauthorized: Not valid credentials (e.g., use of already expired access token).
                  - Invalid input: Not valid input data to invoke operation (e.g., improperly formatted phone number).
                  - Not able to provide: Legal restrictions or data retention policies preventing the retrieval of the requested information.|