Token Security

Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security

You can protect your tokens in the AuthPoint mobile app with a PIN or with biometric protection. This keeps your tokens secure if another person gets access to your mobile device. From the Token Security page, you can enable PIN and biometric protection, and select which tokens to protect. Before you can use protected tokens for authentication with any method, you must unlock them with a PIN or your biometric ID.

When PIN protection is enabled for one or more tokens, you must validate your PIN or a biometric ID (if biometric protection is enabled) when you:

  • Unlock your tokens for authentication.
  • Open the Token Security page.
  • Disable PIN protection for a token.
  • Disable biometric protection.
  • Change your current PIN.

PIN and biometric protection also protect your password vault. When enabled, you must enter your PIN or authenticate with a biometric ID, like a fingerprint, to log in to your password vault in the AuthPoint mobile app.

Some mobile devices allow users to approve push notifications from the lock screen, even when the device is locked. To prevent this, enable PIN protection for your tokens.

PIN Protection

PIN protection is the primary token security method. You create one PIN and select which tokens to protect with that PIN. When you enable PIN protection, you must type your PIN before you can authenticate with the protected tokens.

When you enable PIN protection, you are prompted to enable biometric protection as well.

  1. Tap Three Dot Menu Icon (Android) or Hamburger Menu Icon (iOS) and select Token Security.
  2. To enable PIN protection for a token, in the PIN Management section, tap the toggle next to the token.
  3. In the PIN and Confirm PIN text boxes, type a four to eight character PIN.
  4. Tap Enable.
    The PUK dialog box appears and shows your PUK code.
  5. Save your PUK code. Tap OK.
  6. (Optional) If your device supports the use of biometric identifiers, to turn on biometric protection, tap Enable.

To enable PIN protection for additional tokens, tap the toggle next to each token. You do not have to specify a new PIN for each token.

Some tokens require PIN protection. When you activate a token that requires PIN protection, you are immediately prompted to set a required PIN.

  1. Tap Three Dot Menu Icon (Android) or Hamburger Menu Icon (iOS) and select Token Security.
  2. In the PIN text box, type your PIN. Tap OK.
  3. In the PIN Management section, tap Change PIN.
    The Change PIN dialog box appears.
  4. In the Current PIN text box, type your current PIN.
  5. In the New PIN and Confirm the new PIN text boxes, type a new four to eight character PIN.
  6. Tap Change.
    The PUK dialog box appears and shows your PUK code.
  7. Save your PUK code. Tap OK.

Biometric Protection

Biometric protection is another method to protect tokens. When you enable biometric protection, you can use biometric IDs, such as a fingerprint or your face, to unlock any protected token without the PIN.

Unlike PIN protection, you cannot enable biometric protection for individual tokens.

Before you can enable biometric protection for your tokens:

  • You must have at least one token with PIN protection enabled.
  • You must have a strong biometric ID configured on your mobile device.

When you use biometrics to unlock your tokens in the AuthPoint mobile app, you can only use strong biometric IDs. For more information, see About Biometrics.

  1. Tap Three Dot Menu Icon (Android) or Hamburger Menu Icon (iOS) and select Token Security.
    The PIN Validation dialog box appears.
  2. In the PIN text box, type your PIN. Tap OK.
  3. In the Biometric Protection section, enable the Enable Biometric ID toggle.
  1. Tap Three Dot Menu Icon (Android) or Hamburger Menu Icon (iOS) and select Token Security.
    The PIN Validation dialog box appears.
  2. In the PIN text box, type your PIN. Tap OK.
  3. In the Biometric Protection section, disable the Enable Biometric ID toggle.

Unlock Protected Tokens

To unlock your protected tokens in the mobile app, select a protected token and validate with a biometric ID or your PIN. After you validate, the protected token is unlocked until you close the app or lock your device. You can see the one-time password (OTP) for that token and use the token menu.

  1. Tap a protected token.
    The PIN Validation dialog box appears.
  2. In the PIN text box, type your PIN. Tap OK.
    Your PIN is validated and your token is unlocked.

Related Topics

About the AuthPoint Mobile App

About Authentication

Token Management