NoTap SDK - Portable, Device-Free Authentication

NoTap is a revolutionary passwordless, device-free payment authentication platform powered by zero-knowledge proofs and multi-factor authentication.

🌟 Why NoTap?

• 🔐 Passwordless: No passwords to remember or forget

• 📱 Device-Free: No phone? No problem! Authenticate on any terminal

• 🛡️ Ultra-Secure: Zero-knowledge proofs + multi-factor authentication

• ⚡ Fast: Sub-second authentication

• 🌐 Universal: Works on POS terminals, web, mobile

• 🔒 Privacy-First: Your factors never leave your device

🔗 Links

• 🌐 Website: notap.xyz

• 📚 Documentation: docs.notap.xyz

• 💬 Discord: Join Community

• 🐦 Twitter: @NoTapAuth

• 📧 Support: [email protected]

NoTap

Authentication Reimagined

Your identity is a master key that opens any door — but it lives in your mind, not your pocket.

The Master Key Idea

Imagine your identity as a master key — it opens any door (any device), without you having to carry it physically.

A physical key requires you to carry it. Lose it? You're locked out. Your phone is just another physical key. Dead battery? Stolen? You're locked out. NoTap puts the key in your mind. It can't be stolen, lost, or run out of battery.

Your phone number works from any phone — your phone, a friend's phone, a hotel phone. The number follows you, not the device.

NoTap works the same way. Your PIN, your pattern, your rhythm — they follow you. Use them on any device: a store's tablet, a friend's laptop, a hospital kiosk, any browser.

Enroll once on your device. Authenticate anywhere without it.

What NoTap Is (And Isn't)

We Are: The Bouncer at the Club

NoTap is an authentication service. Think of us as the bouncer at a nightclub:

Our job is answering one question: "Is this person who they claim to be?"

We Enable: Authentication Without Your Phone

The fundamental problem with modern authentication:

NoTap solution: Authenticate on any device — the merchant's POS, a kiosk, a web browser, a friend's phone. Your authentication factors live in your memory, not a device.

We Are NOT Competing With:

How It Fits Together

Users keep their preferred services:

• Already use Apple Pay? Great — we authenticate, Apple Pay processes

• Prefer Google Wallet? No problem — we verify identity, Google handles payment

• Love Samsung Pay? Perfect — we confirm it's you, Samsung does the rest

The Problem NoTap Solves

You need to make a purchase or access something secure, but:

• 📱 Your phone was stolen or the battery died

• 💳 You forgot your wallet at the hotel

• 🏃 You're at the gym and left everything in your locker

• 🏖️ You're at the beach and don't want to risk losing your phone

• 🎢 You're at a theme park and want to store everything safely

• 🚕 Your credit card was declined and you need a taxi home

• 🏥 You're a nurse with phone locked away (hospital rules)

• 💻 You need to pay on an untrusted device (public computer, friend's phone)

Traditional solutions all fail the same way:

Every solution requires you to CARRY something. NoTap requires only what you already have: your memory.

"Wait, Is This Complicated?"

No. Here's why NoTap is actually EASIER than traditional passwords:

Real Example

You enroll 6 factors (one-time, 10 minutes): PIN + Pattern + Emoji + Rhythm + Fingerprint + Colors

Daily usage (every transaction):

You NEVER complete all 6 factors in one transaction. The system picks 2-3 based on purchase amount.

How It Works

Step 1: Enroll Once (5 minutes, on your device)

Pick 3+ things only you know or do (6+ recommended):

Optional: Add fingerprint or face for extra security when your phone IS available.

These get turned into math (cryptographic digests). The actual values never leave your phone. We only store the "puzzle" — not the answer.

Step 2: Get Your NoTap Name

Choose how you want to be identified:

Step 3: Use It Anywhere

Walk up to any device. Enter your name. Complete 2-3 of your factors. Done.

That's it. No phone. No card. No wallet. Just you.

Real Stories: When This Matters

🔋 The Dead Phone

You're at the airport. Flight boards in 20 minutes. Phone battery: 0%. You need coffee.

Before NoTap: Beg strangers for a charger. Miss your flight.

With NoTap: Walk to the cafe. Say "tiger-4829". Enter your PIN on their tablet. Tap your rhythm. Coffee paid. 15 seconds.

🏥 The Locked-Out Nurse

Your phone is in your locker (hospital rules). A patient needs medication from the secure cabinet. Now.

Before NoTap: Run to locker. Unlock phone. Get 2FA code. Run back. Critical minutes lost.

With NoTap: Walk to cabinet. Type your NoTap ID. Draw your pattern. Cabinet unlocks. Patient gets medication.

🏖️ The Beach Day

Phone locked in the car (smart). Kids want ice cream.

Before NoTap: Walk back to car. Get phone. Walk back. Ice cream melted.

With NoTap: Walk to vendor. Use their device. Authenticate. Ice cream for everyone.

🎢 The Theme Park

You're at a theme park with the family. You want to store everything in a locker — phone, wallet, everything — and just enjoy the rides worry-free.

Before NoTap: Keep your phone in a zippered pocket. Worry about it on every roller coaster.

With NoTap: Lock everything away. Buy lunch, souvenirs, whatever — completely hands-free. Enjoy the day.

🚕 The Declined Card

It's 2 AM. You're stranded. Your credit card was declined. You need a taxi home.

Before NoTap: Call a friend to send money. Wait 30 minutes. Feel helpless.

With NoTap: Open the taxi's payment tablet. Authenticate with your backup payment method. Get home safe.

🏃 The Post-Workout Smoothie

Finished your workout. Wallet and phone locked in the locker. Just want a smoothie.

Before NoTap: Go back to locker. Get dressed. Get phone. Come back. The moment's gone.

With NoTap: Walk to the counter. Use their tablet. PIN + pattern. Smoothie paid. Stay in the zone.

Two Operating Modes

Authentication Mode Use Cases

• Enterprise: Building entry, computer login, secure rooms, time clocks

• Healthcare: HIPAA-compliant device-free login, prescription verification, lab equipment access

• Finance: ATM without card, wire transfer approval, vault access

• Education: Campus access, exam authentication, dorm entry

Security (Without the Jargon)

What we store: A math puzzle that only your factors can solve.

What we DON'T store: Your actual PIN, pattern, colors, or words.

How it works:

1. You enter your PIN on any device

2. That device turns it into a math result (a "digest")

3. We check if the math result matches — without ever seeing your PIN

It's like a teacher checking if your math homework answer is correct, without seeing your work.

Security Features

If Your Phone Is Stolen

Traditional auth: Attacker has your 2FA forever until you notice.

NoTap:

• Your authentication factors live in your memory, not your phone

• Stored digests expire in 24 hours with daily rotation

• After 24h: Attacker is completely locked out

Available Factors (15 Total)

You choose 3+ from these:

Knowledge (Something You Know)

• PIN — 4-12 digits

• Colors — Sequence of 3-6 colors

• Emoji — Sequence of 3-8 emojis

• Words — 4 memorable words

Inherence (Something You Are)

• Pattern — Visual unlock pattern with timing

• Rhythm Tap — Your unique tapping pattern

• Voice — Spoken passphrase

• Image Tap — Tap specific points on an image

• Mouse/Stylus Draw — Your signature style

• Balance — Device tilt pattern

• Fingerprint — Via device sensor

• Face — Via device camera

Possession (Something You Have)

• NFC — Tap your NFC tag/card

Blockchain Name Support

Use human-readable names instead of UUIDs:

Merchant asks: "What's your NoTap ID?" You can say: tiger-4829 or alice.notap.sol — both work.

For Developers

Quick Start

SDKs Available

Supported PSPs

Stripe, Adyen, Square, Tilopay, MercadoPago — with parallel session creation (28% faster checkout).

Developer Portal

• API Keys: Generate sandbox + production keys

• Webhooks: enrollment.completed, verification.succeeded, etc.

• Analytics: Usage stats, success rates, response times

• Sandbox: Test mode with fake payments

For Merchants

Why Integrate NoTap?

Integration Options

• E-Commerce Plugins: Shopify, WooCommerce (via Startup tier)

• Direct API: RESTful + SDKs

• White-Label: Enterprise tier only

Pricing (Pay per Verification)

Merchant Plans:

• Sandbox: Free (500 verifications/month)

• Startup: $49/month (10,000 verifications/month)

• Pro: $299/month (100,000 verifications/month)

• Business: $1,299/month (1,000,000 verifications/month)

• Enterprise: Custom (Unlimited)

Consumer Plans:

• Free: $0 forever (unlimited authentications)

• Plus: $2.99/month (Cloud Backup, Advanced Security)

See Pricing Tiers Summary for details.

Who This Is For

For People

• Athletes & gym-goers — Leave phone in locker, still buy post-workout

• Beach/pool lovers — Don't risk your phone near water

• Travelers — Phone stolen abroad? Still get home

• Parents — Phone with kids? Still buy groceries

For Businesses

• Hospitals — Staff authenticate without phones in sterile areas

• Warehouses — Workers with gloves authenticate on terminals

• Call centers — Agents log in without personal devices

• Any business — No more badge replacements, no more lockouts

Technical Architecture

Note: NoTap is the public brand. Code uses zeropay for API stability (like Meta/Facebook).

Kotlin Multiplatform (95% code reuse)

Data Storage

Privacy Guarantee: Only cryptographic hashes stored. Never raw biometric data, PINs, or patterns.

Compliance

The Vision

I see a future where people live freer: shop at the beach risk-free, travel worry-free, and businesses attract customers who used to abandon carts. NoTap isn't just authentication; it's pure freedom.

What this unlocks:

NoTap enables new consumer behaviors and new ways of doing business.

And you — how do you see the future? Can you imagine the potential this has in the markets you know?

Documentation

• API Reference

• Integration Guides

• Developer Portal

• Investment Analysis

Support & Community

• Website: https://notap.io

• Documentation: https://docs.notap.io

• General Inquiries: [email protected]

• Technical Support: [email protected]

• Partnerships: [email protected]

• X/Twitter: @NoTapAuth

• Solana Name Service: notap.sol

License

Licensed under Apache License 2.0 - see LICENSE.

Commercial Use: Permitted with attribution. Contact us for white-label licensing.

Made with ❤️ by the NoTap Team

Website • Documentation • GitHub

📚 Documentation

Comprehensive guides and references available:

Getting Started

• Quick Start Guide - Get up and running in 5 minutes

• Installation - Detailed installation instructions

• First Authentication - Your first NoTap integration

Integration Guides

• Android Integration - Native Android SDK integration

• iOS Integration - Native iOS SDK integration

• Web Integration - JavaScript/Web integration

• Backend API - RESTful API documentation

Architecture & Security

• Architecture Overview - System architecture and design

• Security Best Practices - Security guidelines and threat model

• Authentication Flow - How NoTap authentication works

Testing

• Testing Guide - How to test your integration

• E2E Testing - End-to-end testing with Bugster

🚀 Quick Start

1. Install the SDK

Android (Gradle):

iOS (CocoaPods):

Web (NPM):

2. Initialize NoTap

Android:

iOS:

Web:

3. Authenticate a User

That's it! See our Developer Guides for complete integration tutorials.

🎯 Use Cases

🛒 Point of Sale (POS)

• Device-free payments: Customer left phone at home? No problem!

• Faster checkout: No fumbling with phones or cards

• Reduced fraud: Multi-factor authentication with ZK proofs

💻 E-Commerce

• Passwordless login: No more password resets

• One-click checkout: Authenticate with your chosen factors

• Cross-device: Start on phone, finish on desktop

🏦 Banking & Finance

• High-security transactions: Multi-factor + zero-knowledge proofs

• Regulatory compliance: PSD3-ready authentication

• Fraud prevention: Behavioral biometrics + knowledge factors

🏢 Enterprise

• SSO Integration: Works with existing identity providers

• Admin controls: Manage users and permissions

• Audit trails: Complete authentication history

🔐 Security

NoTap is built with security at its core:

• 🔐 Zero-Knowledge Proofs: Prove you know your factors without revealing them

• 🔒 End-to-End Encryption: Factors encrypted on device, never sent in plain text

• ⏱️ Constant-Time Operations: Protection against timing attacks

• 🛡️ PSD3 Compliant: Multi-category authentication (knowledge, biometric, possession)

• 🔑 Hardware Security: Android KeyStore, iOS Keychain integration

• 📊 Security Audits: Regular third-party security audits

See: Security Documentation for complete security architecture.

🌐 Supported Platforms

🤝 Contributing

We welcome contributions from the community!

How to Contribute

1. Found a bug? Open an issue

2. Have a feature request? Start a discussion

3. Want to improve docs? Submit a pull request!

Documentation Contributions

This repository contains public documentation only. Documentation is automatically synced from our development repository.

To contribute:

• Documentation improvements: Submit PRs directly to this repo

• Code changes: Contact us at [email protected] for contributor access

See our Contributing Guide for detailed guidelines.

💬 Community & Support

Get Help

• 📧 Email: [email protected]

• 💬 Discord: Join our community

• 📖 Documentation: docs.notap.xyz

• 🐛 Bug Reports: GitHub Issues

Stay Updated

• 🐦 Twitter: @NoTapAuth

• 📝 Blog: blog.notap.xyz

• 📬 Newsletter: Subscribe

📄 License

Copyright © 2025 NoTap Labs. All rights reserved.

This documentation is licensed under CC BY 4.0.

For SDK licensing, contact: [email protected]

🏷️ About the Name

NoTap is our public brand name. Internally, the codebase uses "zeropay" - this is intentional and follows industry standards (like Meta/Facebook, Google/Alphabet). This enables us to rebrand without breaking existing integrations.

For developers: Use package names like xyz.notap.sdk in your apps, even though internal packages may reference zeropay.

Made with ❤️ by the NoTap Labs team

Website • Docs • Discord • Twitter