Cei
Builder for a KYC read session against a Romanian CEI card.
Obtain an instance from EidKit.reader. Configure the desired operations using the builder methods, then call read with the IsoDep tag received from ro.eidkit.sdk.nfc.NfcManager.
Passive authentication always runs — ReadResult.passiveAuth is always populated. Photo and signature image are opt-in because they are slow (~7s and ~1.5s respectively).
Example
override fun onNewIntent(intent: Intent) {
super.onNewIntent(intent)
val isoDep = nfcManager.handleIntent(intent) ?: return
lifecycleScope.launch {
val result = EidKit.reader()
.withPhoto(true)
.withPersonalData(pin = userEnteredPin)
.withActiveAuth(true)
.read(isoDep)
// result.passiveAuth is always set
// result.identity is set because withPersonalData was called
// result.claim is set when passiveAuth is Valid and identity is present
}
}Functions
Execute the read session on the given IsoDep tag.
Request active authentication — verifies the chip is genuine and has not been cloned. Requires withPersonalData to also be called (shares the same PACE session).
Request active authentication with a server-generated nonce.
Request Chip Authentication (BSI TR-03110 CA) — cryptographically binds the identity data in EF.SOD to the physical chip via ECDH key agreement against the DG14 public key.
Request server-key Chip Authentication (v2 backend-key CA).
Request personal data from the EDATA applet (name, CNP, address, document info). Requires the card holder's 4-digit auth PIN.
Request the handwritten signature image (DG7, ~2.6KB JPEG). Adds approximately 1.5 seconds to the session. Disabled by default.