Authentication modes supported:
• Offline QRentry QR Codes: by scanning challenged QR Codes and entering manually the decoded challenge.
• Push authentication after solely entering login identifier in a Web application protected by Web Access Manager. WAM may be on premise without direct connection from the mobile device or in the cloud or as a service. WAM as Identity Provider is compatible with the multi-factor (MFA) push authentication as a high level of authentication.
• Identification without entering login name, by QR Code scanning. Authentication is then done using the previous seamless push authentication, right after the identification of the user in one of the user directory configured in WAM as a Service Provider or as an Identity Provider.
• HOTP/TOTP standard one time password. Seeds may be entered manually or in more convenient way by scanning QR Codes provided by Web applications. More than 400 well known applications’ icons and links are preconfigured. HOTP/TOTP accounts are exportable as plain text, JSON, and password protected and AES256 cyphered JSON importable in Evidian Authenticator.
Enrolled keys and accounts are protected:
• By a PIN code managed by the application, independent of the mobile protection
• By a Fingerprint, Samsung fingerprint drivers and generic Android 6+ drivers are supported
• Additionally, one or more NFC tags may be used to enforce the application protection (NFC smartcard, basic NFC tokens or zip, NFC wristbands, NFC rings …). The NFC protection depends on the NFC capability of the mobile device.
Messages and notifications:
When used with Evidian Web Access Manager, any modification of the user’s profile in WAM will generate a confirmation notification in Evidian Authenticator (GDPR). All account or key usages are tracked and kept in the history of Evidian Authenticator.