Token Security

Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security

You can protect your tokens in the AuthPoint mobile app with a PIN or with biometric protection. This keeps your tokens secure if another person gets access to your mobile device. From the Token Security page, you can enable PIN and biometric protection, and select which tokens to protect. Before you can use protected tokens for authentication with any method, you must unlock them with a PIN or your biometric ID.

When PIN protection is enabled for one or more tokens, you must validate your PIN or a biometric ID (if biometric protection is enabled) when you:

  • Unlock your tokens for authentication.
  • Open the Token Security page.
  • Disable PIN protection for a token.
  • Disable biometric protection.
  • Change your current PIN.

PIN and biometric protection also protect your password vault. When enabled, you must enter your PIN or authenticate with a biometric ID, like a fingerprint, to log in to your password vault in the AuthPoint mobile app.

Some mobile devices allow users to approve push notifications from the lock screen, even when the device is locked. To prevent this, enable PIN protection for your tokens.

PIN Protection

PIN protection is the primary token security method. You create one PIN and select which tokens to protect with that PIN. When you enable PIN protection, you must type your PIN before you can authenticate with the protected tokens.

When you enable PIN protection, you are prompted to enable biometric protection as well.

Biometric Protection

Biometric protection is another method to protect tokens. When you enable biometric protection, you can use biometric IDs, such as a fingerprint or your face, to unlock any protected token without the PIN.

Unlike PIN protection, you cannot enable biometric protection for individual tokens.

Before you can enable biometric protection for your tokens:

  • You must have at least one token with PIN protection enabled.
  • You must have a strong biometric ID configured on your mobile device.

When you use biometrics to unlock your tokens in the AuthPoint mobile app, you can only use strong biometric IDs. For more information, see About Biometrics.

Unlock Protected Tokens

To unlock your protected tokens in the mobile app, select a protected token and validate with a biometric ID or your PIN. After you validate, the protected token is unlocked until you close the app or lock your device. You can see the one-time password (OTP) for that token and use the token menu.

Related Topics

About the AuthPoint Mobile App

About Authentication

Token Management