Biopass uses different methods to authenticate users. Biopass can send push notification to the user's smart phone if they have already enrolled it. The phone belongs to the user and normally user responds it. However, if admin wants to assure about authentication, they can ask local biometrics or face scan from them.
In addition, fido protocol as a reliable fast authentication method is acceptable by Biopass and users can use it if they have enrolled one. Moreover, for some low risk situations users can use OTP to log in. Users can access OTP code when they enrol their phone.

Different applications can be supported in Biopass. Some applications require user to enter username and password and then are directed to Biopass to authenticaten (Multi factor authentication). Some other applications does not require user to enter password. In both

1- Passwordless login

Passwordless authentication is a method of logging into a system or application without using a traditional password. Instead, it relies on other forms of authentication such as biometric verification (such as fingerprints, facial recognition or iris scans), hardware tokens (such as USB keys or smart cards), or one-time codes sent via email or SMS.

Passwordless authentication is becoming increasingly popular as a more secure and user-friendly alternative to traditional passwords. Passwords can be easily guessed, stolen, or hacked, leading to security breaches and identity theft. By eliminating passwords, passwordless authentication provides stronger security and helps reduce the risk of data breaches.

Additionally, passwordless authentication can be more convenient for users, as they don't have to remember and manage complex passwords or reset them when they forget. This can save time and frustration, while also increasing productivity and reducing support costs for IT departments.

📘

Biopass is an identity provider

Regular web applications, native, SPA and machine-to-machine applications can use Biopass as anidentity provider. In that case, users are not required to enter password. After entering username they are directed to authentication.

2- MFA with Biopass

Multi-factor authentication (MFA) is a security mechanism that requires users to provide more than one form of identification to access a system or application. It adds an extra layer of security beyond traditional username and password authentication.

MFA typically involves three types of authentication factors:

Something you know, such as a password, PIN or answer to a security question.
Something you have, such as a hardware token, smart card or mobile device.
Something you are, such as biometric verification using fingerprints, facial recognition, or iris scans.
To authenticate a user, MFA requires the user to provide at least two of these factors, such as a password and a fingerprint, or a smart card and a PIN. This makes it more difficult for unauthorized users to gain access to the system, as they would need to possess or know multiple forms of authentication.

MFA is an effective way to enhance security and protect against identity theft, phishing attacks, and other security threats. It is commonly used in industries such as finance, healthcare, and government where security is paramount, but is increasingly being adopted by other organizations and consumers as well.

📘

Biopass is a multi-factor authentication provider

Some organisations use AWS Cognito user pools and users log in with their username and passwords. They still can add Biopass as a mutil-factor authenticator provider. In that case after authentication with password, user is directed to authenticate with their authenticators.

3- User starts authentication

When user starts authentication whether from pass