Phone
The use of push notification as a login method is a secure way as it requires the user to have access to the user's registered device. In addition, Biopass may decide to ask user to provide their biometrics in risky situatoins which provides a higher layer of security to the login. That means aside from the phone that user possesses, they have to provide their fingetprint or face scan. The face scan which is stored on the phone can be manipulated. But the face scan which is enrolled in Biopass server is underpinned by liveness feature which determines if a user is a real, live human or an impostor using a fake or impersonated representation such as photo, video, deepfake, mask, and 3D model attacks.
When a user attempts to log in to a Biopass protected application or website using their smart phone, a push notification is sent to the user's registered device. The user is then prompted to approve the login request by clicking on the "Approve" button.
Updated over 1 year ago