@authme/identity-verification 2.8.57 → 2.8.59

package/assets/styles/style.scss

@@ -0,0 +1,11 @@
+@use 'base';
+@use 'ocr';
+@use 'liveness';
+@use 'theme';
+
+:root {
+  --authme-close-icon-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABkAAAAYCAYAAAAPtVbGAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAADoSURBVHgB7ZTNDYJAEIUf0ogNgB4ogDoIMfFGF2AXHDmgdcCdi9CAneBONIZs1t23xoMmfAnhJzv7ZdiZAVb+guxQlHJ9KybUP+R5kc5Aox7TaJ9gug49CAFmVBKzi5N+HIebVSILojgJECBlRAsB1P10busGrkyEaRw6RqQLLm1dmfYzShgRK7BKbCIfgRCAIMuLSq0snwGdKoyUFQghCLSMtj4CYQOWjdrW9m6BymR5BvK78MiG7iOnxHDIR58+ckreVRHbR06Jq0x9ROEnAl+RbUBSZaqL/AYk0LN98BKpGNOAXPk97mOkwoggZdKjAAAAAElFTkSuQmCC');
+  --authme-back-icon-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAD7SURBVHgB3ZU9EoIwEIVXuQA3MCWl3EA7y3ACh5voSeQIWFI53sCSztYypR2+jHGGwYT8NvpmdhIW+B4hP0v061pQgDjnazQXhECUbdsK07NL8tQIniOYCkpiMIFLHfH1t7l3nH+RAX6wvec0gqqq9iFwKesIJHwYhmaUcoZbDWLhswYp4EYDDbwGvKEAfRlgtTA09xRwKd0qEio+WlGEsmmi7/tnURQdujt6L8sNrmX+SgHKdEnAHoCe0eWxJpnpBmBCY5Ij35GHrBtNTbrcxUylGkx6TY5yOotiTHwOOxZi4lVwQky8K5rGpJyrCaElk6E5yT7gW/prvQCHpnbdSHXj/AAAAABJRU5ErkJggg==');
+  --authme-camera-icon-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABoAAAAXCAYAAAAV1F8QAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAADFSURBVHgB7VbRDYIwFLzHAnYERmADZQM3ECdgBd1AJ1A30AlgBDaQDXSDei+pCSGRSqT+0EuOl5Jr773+XAUeWGtLlrVHVovIfkggGDZZsVRkQz4/yAyZkTnNaowFTQx5dzS/6qTTeem6G92pZ/IL95+FooKLkxM0PdGNogO+AM/ZsSx7v1PHXAWVjo1A4NkP8pq4dYtw0FtaJPgTolE0ikbRaC5GmkMZwiHVj3TSscX0caEDaFJv31FesGwwPfS2jvoUeAEf2F2Th2w/vQAAAABJRU5ErkJggg==');
+  --authme-check-icon-image: url('data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iNDgiIGhlaWdodD0iNDgiIHZpZXdCb3g9IjAgMCA0OCA0OCIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHBhdGggZD0iTTQ4IDI0QzQ4IDM3LjI1NDggMzcuMjU0OCA0OCAyNCA0OEMxMC43NDUyIDQ4IDAgMzcuMjU0OCAwIDI0QzAgMTAuNzQ1MiAxMC43NDUyIDAgMjQgMEMzNy4yNTQ4IDAgNDggMTAuNzQ1MiA0OCAyNFoiIGZpbGw9IiMwMEMxQjYiLz4KPHBhdGggZD0iTTE5Ljk5MzQgMjguODQ0MUwxNC43ODA5IDIzLjYzMTZMMTMuMDA1OSAyNS4zOTQxTDE5Ljk5MzQgMzIuMzgxNkwzNC45OTM0IDE3LjM4MTZMMzMuMjMwOSAxNS42MTkxTDE5Ljk5MzQgMjguODQ0MVoiIGZpbGw9IndoaXRlIi8+Cjwvc3ZnPgo=');
+}

package/index.cjs.js

@@ -70,6 +70,13 @@ require('core-js/modules/es.uint8-array.set-from-hex.js');
 require('core-js/modules/es.uint8-array.to-base64.js');
 require('core-js/modules/es.uint8-array.to-hex.js');
 require('core-js/modules/es.iterator.some.js');
+require('core-js/modules/es.set.difference.v2.js');
+require('core-js/modules/es.set.intersection.v2.js');
+require('core-js/modules/es.set.is-disjoint-from.v2.js');
+require('core-js/modules/es.set.is-subset-of.v2.js');
+require('core-js/modules/es.set.is-superset-of.v2.js');
+require('core-js/modules/es.set.symmetric-difference.v2.js');
+require('core-js/modules/es.set.union.v2.js');
 
 function _objectWithoutPropertiesLoose(r, e) {
   if (null == r) return {};
@@ -29333,7 +29340,11 @@ const modal = arg => {
   domTitle.innerText = arg.title;
   domSubtitle.innerText = arg.subtitle;
   domImage.src = arg.image;
-  domContent.textContent = arg.content;
+  if (arg.content instanceof HTMLElement) {
+    domContent.appendChild(arg.content);
+  } else {
+    domContent.innerHTML = arg.content;
+  }
   domClose.textContent = '';
   domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${uiThemeConfig.nonEkycCloseButton.contentColor}" fill-opacity="${uiThemeConfig.nonEkycCloseButton.contentOpacity}" /></svg>`);
   domConfirm.innerText = arg.confirm;
@@ -29623,15 +29634,18 @@ async function startLiveness(config) {
   // Start
   const step1 = rxjs.defer(() => {
     return new Promise((resolve, reject) => {
+      const hintList = document.createElement('ul');
+      ['sdk.liveness.detection.infopageHint.face', 'sdk.liveness.detection.infopageHint.environment'].forEach(key => {
+        const li = document.createElement('li');
+        li.textContent = translateService.translate(key);
+        hintList.appendChild(li);
+      });
       modal({
         header: translateService.translate('sdk.liveness.detection.header'),
         title: translateService.translate('sdk.liveness.detection.subtitle'),
         subtitle: translateService.translate('sdk.liveness.detection.content'),
         image: LIVENESS_GUIDE_IMG,
-        content: `<ul>
-        <li>${translateService.translate('sdk.liveness.detection.infopageHint.face')}</li>
-        <li>${translateService.translate('sdk.liveness.detection.infopageHint.environment')}</li>
-        </ul>`,
+        content: hintList,
         confirm: translateService.translate('sdk.general.start'),
         onClose: () => {
           sendStatusAction$2(core.StatusAction.BtnClose);
@@ -32211,10 +32225,10 @@ const ocrResultModal = arg => {
   domCountDownContainer.style.color = uiThemeConfig.resultPageCountdown.textColor;
   domCountDownContainer.style.fontSize = `${uiThemeConfig.resultPageCountdown.fontSize}px`;
   domCountDownContainer.style.fontWeight = util.fontWeight[uiThemeConfig.resultPageCountdown.textWeight];
-  domCountDownContainer.innerHTML = `${arg.countDown1Text} <span class="video-container__ocrResultModal-countdown" style="color: ${uiThemeConfig.resultPageCountdown.timeTextColor};font-size:${uiThemeConfig.resultPageCountdown.timeFontSize}px;font-weight:${util.fontWeight[uiThemeConfig.resultPageCountdown.timeTextWeight]}"> ${formatTime(timer)} </span> ${arg.countDown2Text}`;
+  domCountDownContainer.innerHTML = `${arg.countDown1Text} <span class="video-container__ocrResultModal-countdown" style="color: ${util.safeColor(uiThemeConfig.resultPageCountdown.timeTextColor)};font-size:${util.safeFontSize(uiThemeConfig.resultPageCountdown.timeFontSize)}px;font-weight:${util.safeFontWeight(util.fontWeight[uiThemeConfig.resultPageCountdown.timeTextWeight])}"> ${formatTime(timer)} </span> ${arg.countDown2Text}`;
   domConfirm.innerText = arg.confirmText;
   domClose.textContent = '';
-  domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${uiThemeConfig.nonEkycCloseButton.contentColor}" fill-opacity="${uiThemeConfig.nonEkycCloseButton.contentOpacity}" /></svg>`);
+  domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${util.safeColor(uiThemeConfig.nonEkycCloseButton.contentColor)}" fill-opacity="${util.safeOpacity(uiThemeConfig.nonEkycCloseButton.contentOpacity)}" /></svg>`);
   const countdownInterval = setInterval(() => {
     timer -= 1;
     const countdownEl = domModal.querySelector('.video-container__ocrResultModal-countdown');
@@ -37102,6 +37116,23 @@ function renderCardTypeAndCountryConfig(config) {
   });
 }
 
+const VALID_COUNTRY_CODES = new Set(Object.values(idRecognition.CountryCode));
+/**
+ * Defense-in-depth check for the public `getCardTypeAndCountry` API.
+ *
+ * The `supportCountries` value is interpolated into translation keys like
+ * `sdk.general.country.${country}`. TypeScript's `CountryCode` enum does not
+ * enforce values at runtime, so a misconfigured integrator could pass an
+ * arbitrary string. Reject anything outside the SDK's known country list at
+ * the entry point.
+ */
+function validateSupportCountries(countries) {
+  const invalid = countries.filter(c => !VALID_COUNTRY_CODES.has(c));
+  if (invalid.length > 0) {
+    throw new Error(`Invalid country code in supportCountries: ${invalid.join(', ')}`);
+  }
+}
+
 const _excluded = ["canvas", "loadingLottie"];
 function identityVerificationFeatureIdentityVerification() {
   return 'identity-verification-feature-identity-verification';
@@ -37201,6 +37232,9 @@ class AuthmeIdentityVerification extends engine.AuthmeFunctionModule {
   }
   async getCardTypeAndCountry(userConfig) {
     var _userConfig$supportCo, _userConfig$supportCa;
+    if (userConfig.supportCountries) {
+      validateSupportCountries(userConfig.supportCountries);
+    }
     const defaultCountries = [idRecognition.CountryCode.TWN, idRecognition.CountryCode.JPN, idRecognition.CountryCode.ZAF, idRecognition.CountryCode.USA, idRecognition.CountryCode.CHN, idRecognition.CountryCode.PHL, idRecognition.CountryCode.GBR, idRecognition.CountryCode.KOR, idRecognition.CountryCode.HKG, idRecognition.CountryCode.FRA, idRecognition.CountryCode.ESP, idRecognition.CountryCode.MEX, idRecognition.CountryCode.ITA, idRecognition.CountryCode.IND, idRecognition.CountryCode.COL, idRecognition.CountryCode.RUS, idRecognition.CountryCode.DEU, idRecognition.CountryCode.TUR, idRecognition.CountryCode.CAN, idRecognition.CountryCode.AUS, idRecognition.CountryCode.IDN, idRecognition.CountryCode.MYS, idRecognition.CountryCode.EGY, idRecognition.CountryCode.SAU, idRecognition.CountryCode.NLD, idRecognition.CountryCode.SGP];
     const defaultCountry = userConfig.defaultCountry !== undefined && defaultCountries.includes(userConfig.defaultCountry) ? userConfig.defaultCountry : defaultCountries[0];
     const supportCountries = (_userConfig$supportCo = userConfig.supportCountries) != null ? _userConfig$supportCo : defaultCountries;
@@ -37371,8 +37405,134 @@ class AuthmeIdentityVerification extends engine.AuthmeFunctionModule {
   }
 }
 
+const MIN_IOS_MAJOR = 16;
+const MIN_IOS_MINOR_FOR_16 = 4;
+const MIN_ANDROID_MAJOR = 9;
+const IN_APP_WEBVIEW_PATTERNS = [{
+  key: 'line',
+  pattern: /\bLine\//i
+}, {
+  key: 'messenger',
+  pattern: /\bMessenger\b/i
+}, {
+  key: 'fb',
+  pattern: /\bFBAN|FBAV|FB_IAB\b/i
+}, {
+  key: 'instagram',
+  pattern: /\bInstagram\b/i
+}, {
+  key: 'wechat',
+  pattern: /MicroMessenger|WeChat/i
+}];
+function detectWebAssembly() {
+  return typeof WebAssembly !== 'undefined';
+}
+function detectWebAssemblySimd() {
+  if (!detectWebAssembly()) return false;
+  // Mirrors libs/engine/src/lib/engine.ts isSimdSupported(); kept independent
+  // so callers don't have to load the engine bundle just to introspect.
+  try {
+    if (/iPad|iPhone|iPod/.test(navigator.userAgent)) {
+      return false;
+    }
+    return WebAssembly.validate(new Uint8Array([0, 97, 115, 109, 1, 0, 0, 0, 1, 4, 1, 96, 0, 0, 3, 2, 1, 0, 10, 9, 1, 7, 0, 65, 0, 253, 15, 26, 11]));
+  } catch (_unused) {
+    return false;
+  }
+}
+function detectMediaDevices() {
+  var _navigator$mediaDevic;
+  return typeof navigator !== 'undefined' && 'mediaDevices' in navigator && typeof ((_navigator$mediaDevic = navigator.mediaDevices) == null ? void 0 : _navigator$mediaDevic.getUserMedia) === 'function';
+}
+function detectSecureContext() {
+  var _window$location;
+  if (typeof window === 'undefined') return false;
+  if (typeof window.isSecureContext === 'boolean') {
+    return window.isSecureContext;
+  }
+  return ((_window$location = window.location) == null ? void 0 : _window$location.protocol) === 'https:';
+}
+function detectInAppWebView() {
+  var _navigator$userAgent;
+  const ua = (_navigator$userAgent = navigator.userAgent) != null ? _navigator$userAgent : '';
+  for (const {
+    key,
+    pattern
+  } of IN_APP_WEBVIEW_PATTERNS) {
+    if (pattern.test(ua)) return key;
+  }
+  return 'none';
+}
+function parseIosVersion() {
+  const m = navigator.userAgent.match(/OS (\d+)[._](\d+)(?:[._](\d+))?/);
+  if (!m) return null;
+  return {
+    major: Number(m[1]),
+    minor: Number(m[2])
+  };
+}
+function parseAndroidMajor() {
+  const m = navigator.userAgent.match(/Android\s+(\d+)/i);
+  if (!m) return null;
+  return Number(m[1]);
+}
+function detectHardwareConcurrency() {
+  if (typeof navigator === 'undefined') return null;
+  const v = navigator.hardwareConcurrency;
+  return typeof v === 'number' && v > 0 ? v : null;
+}
+function detectDeviceMemory() {
+  if (typeof navigator === 'undefined') return null;
+  const v = navigator.deviceMemory;
+  return typeof v === 'number' && v > 0 ? v : null;
+}
+/**
+ * Synchronous pre-flight check that the current browser/device can run the
+ * eKYC SDK. Returns a binary `supported` flag plus the reasons it failed
+ * (when applicable) and a snapshot of the detected environment.
+ *
+ * The check is UA + feature detection only — it does not request the camera,
+ * load the engine, or make network requests. Typical execution time < 5 ms.
+ */
+function isSupported() {
+  const info = {
+    device: util.getDeviceInfo(),
+    system: util.getSystemInfo(),
+    webAssembly: detectWebAssembly(),
+    webAssemblySimd: detectWebAssemblySimd(),
+    mediaDevices: detectMediaDevices(),
+    secureContext: detectSecureContext(),
+    inAppWebView: detectInAppWebView(),
+    hardwareConcurrency: detectHardwareConcurrency(),
+    deviceMemory: detectDeviceMemory()
+  };
+  const reasons = [];
+  if (!info.webAssembly) reasons.push('NO_WEBASSEMBLY');
+  if (!info.mediaDevices) reasons.push('NO_MEDIA_DEVICES');
+  if (util.isMobileOrTablet() && !info.secureContext) {
+    // Camera APIs require a secure context on mobile; localhost is always
+    // treated as secure by the platform, so this fires for true plaintext only.
+    reasons.push('INSECURE_CONTEXT');
+  }
+  if (info.inAppWebView !== 'none') reasons.push('IN_APP_WEBVIEW');
+  const ios = parseIosVersion();
+  if (ios) {
+    const tooOld = ios.major < MIN_IOS_MAJOR || ios.major === MIN_IOS_MAJOR && ios.minor < MIN_IOS_MINOR_FOR_16;
+    if (tooOld) reasons.push('OLD_IOS');
+  }
+  const android = parseAndroidMajor();
+  if (android !== null && android < MIN_ANDROID_MAJOR) {
+    reasons.push('OLD_ANDROID');
+  }
+  return {
+    supported: reasons.length === 0,
+    reasons,
+    info
+  };
+}
+
 var name = "authme/sdk";
-var version$1 = "2.8.57";
+var version$1 = "2.8.59";
 var packageInfo = {
 	name: name,
 	version: version$1};
@@ -37401,6 +37561,7 @@ exports.defaultIdentityVerificationConfig = defaultIdentityVerificationConfig;
 exports.defaultLivenessConfig = defaultLivenessConfig;
 exports.fraudScanIntroPageStep1 = fraudScanIntroPageStep1;
 exports.identityVerificationFeatureIdentityVerification = identityVerificationFeatureIdentityVerification;
+exports.isSupported = isSupported;
 exports.renderExtraUI = renderExtraUI;
 exports.scan = scan;
 exports.startExtra = startExtra;

package/index.esm.js

@@ -9,7 +9,7 @@ import 'core-js/modules/web.dom-collections.iterator.js';
 import { getTranslateInstance, TrackingEvent, generateStatus, EventListenerService, StatusDescription, AuthmeError, ErrorCode, Feature, StatusEvent, StatusView, StatusAction, setRequestLoggingFunc, setAccessToken, getCustomerState } from '@authme/core';
 import { EAuthMeFASServiceStatus, EAuthMeIDCardAntiFraudStage as EAuthMeIDCardAntiFraudStage$1, EAuthMeCardClass as EAuthMeCardClass$1, AuthmeFunctionModule, MlEngine, EngineModule, EAuthMeEngineReturnCode, AuthmeEngineModuleBase } from '@authme/engine';
 import { CountryCode, IdRecognitionCardType, EAuthMeCardClass, EAuthMeIDCardAntiFraudStatus, thicknessDefaultConfig, EAuthMeIDCardAntiFraudStage, mapCardtypeToAuthmeClass, getRecognitionColumnOrder, cardTypeTitle, cardTypeConfirmTitle, cardTypeHeader, EAuthMeCardOCRStatus, EAuthMeMRZServiceStatus, saveExtraDoc, initScanDocumentResourceBase64, MRZService, ResourceImageType, uploadFrameBase64, finishScanDocument, initScanDocument, initScan, option, themeUI, CardOCR, IdCardAntiFraudService, twoWayAuthmeCardClassMap, RecognitionFileType, recognizeBase64, getCardSubTypes, getCardTypes, confirmScan } from '@authme/id-recognition';
-import { getCssVariable, RGBToLottieColor, colorToRGB, Storage, useState, uiThemeText, uiThemeHint, clearCanvas, getImageData, hidePopup, showPopup, waitTime, TIME_UNIT, AuthmeError as AuthmeError$1, ErrorCode as ErrorCode$1, isMobile, uiThemeButton, requestCamera, showElement, asyncOnLineShowErrorMessage, getCanvasSize, startSpinner, stopSpinner, themeConfigDefault, mergeThemeConfig, uiThemeDirection, fontWeight, hideElement, checkOnlineStatus, showErrorMessage, dataURItoBlob, uiThemeSmallButton, dropMenu, hideErrorMessage, UintArrayToBlob, isIphone14proOrProMax, cropByRatio, switchCamera, asyncShowPopup, retryPromiseWithCondition, asyncShowErrorMessage, uploadModal, backgroundRequest, debugTools, STORAGE_KEY, splitResult, RUN_FUNCTION_NAME, DEVICE_TYPE, combineResult, startLoadingSDK, stopLoadingSDK } from '@authme/util';
+import { getCssVariable, RGBToLottieColor, colorToRGB, Storage, useState, uiThemeText, uiThemeHint, clearCanvas, getImageData, hidePopup, showPopup, waitTime, TIME_UNIT, AuthmeError as AuthmeError$1, ErrorCode as ErrorCode$1, isMobile, uiThemeButton, requestCamera, showElement, asyncOnLineShowErrorMessage, getCanvasSize, startSpinner, stopSpinner, themeConfigDefault, mergeThemeConfig, uiThemeDirection, fontWeight, hideElement, checkOnlineStatus, showErrorMessage, dataURItoBlob, uiThemeSmallButton, safeColor, safeFontSize, safeFontWeight, safeOpacity, dropMenu, hideErrorMessage, UintArrayToBlob, isIphone14proOrProMax, cropByRatio, switchCamera, asyncShowPopup, retryPromiseWithCondition, asyncShowErrorMessage, uploadModal, backgroundRequest, debugTools, STORAGE_KEY, splitResult, RUN_FUNCTION_NAME, DEVICE_TYPE, combineResult, startLoadingSDK, stopLoadingSDK, getSystemInfo, getDeviceInfo, isMobileOrTablet } from '@authme/util';
 import 'core-js/modules/es.array.push.js';
 import { mergeMap, animationFrames, filter, tap, map, from, catchError, EMPTY, concatAll, takeUntil, of, merge, fromEvent, Subject, defer, throttleTime, switchMap, take, concatMap, throwError, finalize, Observable, interval, mapTo, firstValueFrom, shareReplay, switchMapTo, takeWhile as takeWhile$1, timer, race } from 'rxjs';
 import 'core-js/modules/es.iterator.for-each.js';
@@ -68,6 +68,13 @@ import 'core-js/modules/es.uint8-array.set-from-hex.js';
 import 'core-js/modules/es.uint8-array.to-base64.js';
 import 'core-js/modules/es.uint8-array.to-hex.js';
 import 'core-js/modules/es.iterator.some.js';
+import 'core-js/modules/es.set.difference.v2.js';
+import 'core-js/modules/es.set.intersection.v2.js';
+import 'core-js/modules/es.set.is-disjoint-from.v2.js';
+import 'core-js/modules/es.set.is-subset-of.v2.js';
+import 'core-js/modules/es.set.is-superset-of.v2.js';
+import 'core-js/modules/es.set.symmetric-difference.v2.js';
+import 'core-js/modules/es.set.union.v2.js';
 
 function _objectWithoutPropertiesLoose(r, e) {
   if (null == r) return {};
@@ -29331,7 +29338,11 @@ const modal = arg => {
   domTitle.innerText = arg.title;
   domSubtitle.innerText = arg.subtitle;
   domImage.src = arg.image;
-  domContent.textContent = arg.content;
+  if (arg.content instanceof HTMLElement) {
+    domContent.appendChild(arg.content);
+  } else {
+    domContent.innerHTML = arg.content;
+  }
   domClose.textContent = '';
   domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${uiThemeConfig.nonEkycCloseButton.contentColor}" fill-opacity="${uiThemeConfig.nonEkycCloseButton.contentOpacity}" /></svg>`);
   domConfirm.innerText = arg.confirm;
@@ -29621,15 +29632,18 @@ async function startLiveness(config) {
   // Start
   const step1 = defer(() => {
     return new Promise((resolve, reject) => {
+      const hintList = document.createElement('ul');
+      ['sdk.liveness.detection.infopageHint.face', 'sdk.liveness.detection.infopageHint.environment'].forEach(key => {
+        const li = document.createElement('li');
+        li.textContent = translateService.translate(key);
+        hintList.appendChild(li);
+      });
       modal({
         header: translateService.translate('sdk.liveness.detection.header'),
         title: translateService.translate('sdk.liveness.detection.subtitle'),
         subtitle: translateService.translate('sdk.liveness.detection.content'),
         image: LIVENESS_GUIDE_IMG,
-        content: `<ul>
-        <li>${translateService.translate('sdk.liveness.detection.infopageHint.face')}</li>
-        <li>${translateService.translate('sdk.liveness.detection.infopageHint.environment')}</li>
-        </ul>`,
+        content: hintList,
         confirm: translateService.translate('sdk.general.start'),
         onClose: () => {
           sendStatusAction$2(StatusAction.BtnClose);
@@ -32209,10 +32223,10 @@ const ocrResultModal = arg => {
   domCountDownContainer.style.color = uiThemeConfig.resultPageCountdown.textColor;
   domCountDownContainer.style.fontSize = `${uiThemeConfig.resultPageCountdown.fontSize}px`;
   domCountDownContainer.style.fontWeight = fontWeight[uiThemeConfig.resultPageCountdown.textWeight];
-  domCountDownContainer.innerHTML = `${arg.countDown1Text} <span class="video-container__ocrResultModal-countdown" style="color: ${uiThemeConfig.resultPageCountdown.timeTextColor};font-size:${uiThemeConfig.resultPageCountdown.timeFontSize}px;font-weight:${fontWeight[uiThemeConfig.resultPageCountdown.timeTextWeight]}"> ${formatTime(timer)} </span> ${arg.countDown2Text}`;
+  domCountDownContainer.innerHTML = `${arg.countDown1Text} <span class="video-container__ocrResultModal-countdown" style="color: ${safeColor(uiThemeConfig.resultPageCountdown.timeTextColor)};font-size:${safeFontSize(uiThemeConfig.resultPageCountdown.timeFontSize)}px;font-weight:${safeFontWeight(fontWeight[uiThemeConfig.resultPageCountdown.timeTextWeight])}"> ${formatTime(timer)} </span> ${arg.countDown2Text}`;
   domConfirm.innerText = arg.confirmText;
   domClose.textContent = '';
-  domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${uiThemeConfig.nonEkycCloseButton.contentColor}" fill-opacity="${uiThemeConfig.nonEkycCloseButton.contentOpacity}" /></svg>`);
+  domClose.insertAdjacentHTML('beforeend', `<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.1943 6.41714C19.6393 5.97216 19.6393 5.2507 19.1943 4.80571C18.7493 4.36073 18.0278 4.36073 17.5829 4.80571L12 10.3886L6.41714 4.80572C5.97216 4.36073 5.2507 4.36073 4.80571 4.80571C4.36073 5.2507 4.36073 5.97216 4.80571 6.41714L10.3886 12L4.80571 17.5829C4.36073 18.0278 4.36073 18.7493 4.80571 19.1943C5.2507 19.6393 5.97216 19.6393 6.41714 19.1943L12 13.6114L17.5829 19.1943C18.0278 19.6393 18.7493 19.6393 19.1943 19.1943C19.6393 18.7493 19.6393 18.0278 19.1943 17.5829L13.6114 12L19.1943 6.41714Z" fill="${safeColor(uiThemeConfig.nonEkycCloseButton.contentColor)}" fill-opacity="${safeOpacity(uiThemeConfig.nonEkycCloseButton.contentOpacity)}" /></svg>`);
   const countdownInterval = setInterval(() => {
     timer -= 1;
     const countdownEl = domModal.querySelector('.video-container__ocrResultModal-countdown');
@@ -37100,6 +37114,23 @@ function renderCardTypeAndCountryConfig(config) {
   });
 }
 
+const VALID_COUNTRY_CODES = new Set(Object.values(CountryCode));
+/**
+ * Defense-in-depth check for the public `getCardTypeAndCountry` API.
+ *
+ * The `supportCountries` value is interpolated into translation keys like
+ * `sdk.general.country.${country}`. TypeScript's `CountryCode` enum does not
+ * enforce values at runtime, so a misconfigured integrator could pass an
+ * arbitrary string. Reject anything outside the SDK's known country list at
+ * the entry point.
+ */
+function validateSupportCountries(countries) {
+  const invalid = countries.filter(c => !VALID_COUNTRY_CODES.has(c));
+  if (invalid.length > 0) {
+    throw new Error(`Invalid country code in supportCountries: ${invalid.join(', ')}`);
+  }
+}
+
 const _excluded = ["canvas", "loadingLottie"];
 function identityVerificationFeatureIdentityVerification() {
   return 'identity-verification-feature-identity-verification';
@@ -37199,6 +37230,9 @@ class AuthmeIdentityVerification extends AuthmeFunctionModule {
   }
   async getCardTypeAndCountry(userConfig) {
     var _userConfig$supportCo, _userConfig$supportCa;
+    if (userConfig.supportCountries) {
+      validateSupportCountries(userConfig.supportCountries);
+    }
     const defaultCountries = [CountryCode.TWN, CountryCode.JPN, CountryCode.ZAF, CountryCode.USA, CountryCode.CHN, CountryCode.PHL, CountryCode.GBR, CountryCode.KOR, CountryCode.HKG, CountryCode.FRA, CountryCode.ESP, CountryCode.MEX, CountryCode.ITA, CountryCode.IND, CountryCode.COL, CountryCode.RUS, CountryCode.DEU, CountryCode.TUR, CountryCode.CAN, CountryCode.AUS, CountryCode.IDN, CountryCode.MYS, CountryCode.EGY, CountryCode.SAU, CountryCode.NLD, CountryCode.SGP];
     const defaultCountry = userConfig.defaultCountry !== undefined && defaultCountries.includes(userConfig.defaultCountry) ? userConfig.defaultCountry : defaultCountries[0];
     const supportCountries = (_userConfig$supportCo = userConfig.supportCountries) != null ? _userConfig$supportCo : defaultCountries;
@@ -37369,8 +37403,134 @@ class AuthmeIdentityVerification extends AuthmeFunctionModule {
   }
 }
 
+const MIN_IOS_MAJOR = 16;
+const MIN_IOS_MINOR_FOR_16 = 4;
+const MIN_ANDROID_MAJOR = 9;
+const IN_APP_WEBVIEW_PATTERNS = [{
+  key: 'line',
+  pattern: /\bLine\//i
+}, {
+  key: 'messenger',
+  pattern: /\bMessenger\b/i
+}, {
+  key: 'fb',
+  pattern: /\bFBAN|FBAV|FB_IAB\b/i
+}, {
+  key: 'instagram',
+  pattern: /\bInstagram\b/i
+}, {
+  key: 'wechat',
+  pattern: /MicroMessenger|WeChat/i
+}];
+function detectWebAssembly() {
+  return typeof WebAssembly !== 'undefined';
+}
+function detectWebAssemblySimd() {
+  if (!detectWebAssembly()) return false;
+  // Mirrors libs/engine/src/lib/engine.ts isSimdSupported(); kept independent
+  // so callers don't have to load the engine bundle just to introspect.
+  try {
+    if (/iPad|iPhone|iPod/.test(navigator.userAgent)) {
+      return false;
+    }
+    return WebAssembly.validate(new Uint8Array([0, 97, 115, 109, 1, 0, 0, 0, 1, 4, 1, 96, 0, 0, 3, 2, 1, 0, 10, 9, 1, 7, 0, 65, 0, 253, 15, 26, 11]));
+  } catch (_unused) {
+    return false;
+  }
+}
+function detectMediaDevices() {
+  var _navigator$mediaDevic;
+  return typeof navigator !== 'undefined' && 'mediaDevices' in navigator && typeof ((_navigator$mediaDevic = navigator.mediaDevices) == null ? void 0 : _navigator$mediaDevic.getUserMedia) === 'function';
+}
+function detectSecureContext() {
+  var _window$location;
+  if (typeof window === 'undefined') return false;
+  if (typeof window.isSecureContext === 'boolean') {
+    return window.isSecureContext;
+  }
+  return ((_window$location = window.location) == null ? void 0 : _window$location.protocol) === 'https:';
+}
+function detectInAppWebView() {
+  var _navigator$userAgent;
+  const ua = (_navigator$userAgent = navigator.userAgent) != null ? _navigator$userAgent : '';
+  for (const {
+    key,
+    pattern
+  } of IN_APP_WEBVIEW_PATTERNS) {
+    if (pattern.test(ua)) return key;
+  }
+  return 'none';
+}
+function parseIosVersion() {
+  const m = navigator.userAgent.match(/OS (\d+)[._](\d+)(?:[._](\d+))?/);
+  if (!m) return null;
+  return {
+    major: Number(m[1]),
+    minor: Number(m[2])
+  };
+}
+function parseAndroidMajor() {
+  const m = navigator.userAgent.match(/Android\s+(\d+)/i);
+  if (!m) return null;
+  return Number(m[1]);
+}
+function detectHardwareConcurrency() {
+  if (typeof navigator === 'undefined') return null;
+  const v = navigator.hardwareConcurrency;
+  return typeof v === 'number' && v > 0 ? v : null;
+}
+function detectDeviceMemory() {
+  if (typeof navigator === 'undefined') return null;
+  const v = navigator.deviceMemory;
+  return typeof v === 'number' && v > 0 ? v : null;
+}
+/**
+ * Synchronous pre-flight check that the current browser/device can run the
+ * eKYC SDK. Returns a binary `supported` flag plus the reasons it failed
+ * (when applicable) and a snapshot of the detected environment.
+ *
+ * The check is UA + feature detection only — it does not request the camera,
+ * load the engine, or make network requests. Typical execution time < 5 ms.
+ */
+function isSupported() {
+  const info = {
+    device: getDeviceInfo(),
+    system: getSystemInfo(),
+    webAssembly: detectWebAssembly(),
+    webAssemblySimd: detectWebAssemblySimd(),
+    mediaDevices: detectMediaDevices(),
+    secureContext: detectSecureContext(),
+    inAppWebView: detectInAppWebView(),
+    hardwareConcurrency: detectHardwareConcurrency(),
+    deviceMemory: detectDeviceMemory()
+  };
+  const reasons = [];
+  if (!info.webAssembly) reasons.push('NO_WEBASSEMBLY');
+  if (!info.mediaDevices) reasons.push('NO_MEDIA_DEVICES');
+  if (isMobileOrTablet() && !info.secureContext) {
+    // Camera APIs require a secure context on mobile; localhost is always
+    // treated as secure by the platform, so this fires for true plaintext only.
+    reasons.push('INSECURE_CONTEXT');
+  }
+  if (info.inAppWebView !== 'none') reasons.push('IN_APP_WEBVIEW');
+  const ios = parseIosVersion();
+  if (ios) {
+    const tooOld = ios.major < MIN_IOS_MAJOR || ios.major === MIN_IOS_MAJOR && ios.minor < MIN_IOS_MINOR_FOR_16;
+    if (tooOld) reasons.push('OLD_IOS');
+  }
+  const android = parseAndroidMajor();
+  if (android !== null && android < MIN_ANDROID_MAJOR) {
+    reasons.push('OLD_ANDROID');
+  }
+  return {
+    supported: reasons.length === 0,
+    reasons,
+    info
+  };
+}
+
 var name = "authme/sdk";
-var version$1 = "2.8.57";
+var version$1 = "2.8.59";
 var packageInfo = {
 	name: name,
 	version: version$1};
@@ -37380,4 +37540,4 @@ const version = packageInfo.version;
 (_window$_Symbol$for = (_window = window)[_Symbol$for = Symbol.for('authme-sdk')]) != null ? _window$_Symbol$for : _window[_Symbol$for] = {};
 window[Symbol.for('authme-sdk')][packageInfo.name] = version;
 
-export { AuthmeIdentityVerification, arrow_down, arrow_left, arrow_right, arrow_up, card_lr, card_rotate_down, card_rotate_left, card_rotate_right, card_rotate_up, card_ud, circle_large_to_sm_mask, circle_sm_to_large_mask, defaultExtraDocumentConfig, defaultIdRecognitionConfig, defaultIdentityVerificationConfig, defaultLivenessConfig, fraudScanIntroPageStep1, identityVerificationFeatureIdentityVerification, renderExtraUI, scan, startExtra, startLiveness, startOCR, success, tutorial, version };
+export { AuthmeIdentityVerification, arrow_down, arrow_left, arrow_right, arrow_up, card_lr, card_rotate_down, card_rotate_left, card_rotate_right, card_rotate_up, card_ud, circle_large_to_sm_mask, circle_sm_to_large_mask, defaultExtraDocumentConfig, defaultIdRecognitionConfig, defaultIdentityVerificationConfig, defaultLivenessConfig, fraudScanIntroPageStep1, identityVerificationFeatureIdentityVerification, isSupported, renderExtraUI, scan, startExtra, startLiveness, startOCR, success, tutorial, version };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@authme/identity-verification",
-  "version": "2.8.57",
+  "version": "2.8.59",
   "peerDependencies": {
     "core-js": "^3.6.0",
     "lottie-web": "^5.9.2",

package/src/index.d.ts

@@ -2,4 +2,5 @@ export * from './lib/identity-verification-feature-identity-verification';
 export * from './lib/interface';
 export * from './lib/ui';
 export * from './lib/lottie';
+export * from './lib/support';
 export { version } from './lib/version';

package/src/lib/support.d.ts

@@ -0,0 +1,27 @@
+export type SupportReason = 'NO_WEBASSEMBLY' | 'NO_MEDIA_DEVICES' | 'INSECURE_CONTEXT' | 'OLD_IOS' | 'OLD_ANDROID' | 'IN_APP_WEBVIEW';
+export type InAppWebView = 'none' | 'line' | 'fb' | 'messenger' | 'instagram' | 'wechat' | 'other';
+export interface SupportInfo {
+    device: string;
+    system: string;
+    webAssembly: boolean;
+    webAssemblySimd: boolean;
+    mediaDevices: boolean;
+    secureContext: boolean;
+    inAppWebView: InAppWebView;
+    hardwareConcurrency: number | null;
+    deviceMemory: number | null;
+}
+export interface SupportCheckResult {
+    supported: boolean;
+    reasons: SupportReason[];
+    info: SupportInfo;
+}
+/**
+ * Synchronous pre-flight check that the current browser/device can run the
+ * eKYC SDK. Returns a binary `supported` flag plus the reasons it failed
+ * (when applicable) and a snapshot of the detected environment.
+ *
+ * The check is UA + feature detection only — it does not request the camera,
+ * load the engine, or make network requests. Typical execution time < 5 ms.
+ */
+export declare function isSupported(): SupportCheckResult;

package/src/lib/v2/ui/modal.d.ts

@@ -3,7 +3,7 @@ export declare const modal: (arg: {
     title: string;
     subtitle: string;
     image: string;
-    content: string;
+    content: string | HTMLElement;
     confirm: string;
     copyRight?: string;
     onClose?: () => void;

package/src/lib/validate-config.d.ts

@@ -0,0 +1,11 @@
+import { CountryCode } from '@authme/id-recognition';
+/**
+ * Defense-in-depth check for the public `getCardTypeAndCountry` API.
+ *
+ * The `supportCountries` value is interpolated into translation keys like
+ * `sdk.general.country.${country}`. TypeScript's `CountryCode` enum does not
+ * enforce values at runtime, so a misconfigured integrator could pass an
+ * arbitrary string. Reject anything outside the SDK's known country list at
+ * the entry point.
+ */
+export declare function validateSupportCountries(countries: readonly CountryCode[]): void;