A ring as unique as your fingerprint.

Yes, TokenCore Wearable is FIDO 2.1 compliant. It supports both the FIDO U2F (Universal 2nd Factor) and FIDO2 protocols, delivering strong two-factor, multi-factor, and passwordless authentication. TokenCore Wearable has earned the FIDO Certified label, affirming adherence to FIDO standards.

There are many vulnerabilities and hassles associated with a BYOD approach to MFA via One Time Passwords (OTP) over SMS and authentication apps. These include:

1. Mobile phones are vulnerable to SIM Swapping where the attackers trick the phone company into transferring the mobile number to a new SIM card, then the attacked receives all SMS messages, including OTPs.
2. SMS is not encrypted end-to-end, which means that messages can be read by cybercriminals while they are in transit.
3. Mobile phones get lost and stolen, then attackers have direct access to SMS messages and authentication apps on the stolen device.
4. SMS messages can be intercepted in various ways, such as when over un-encrypted or insecure networks allow attackers to read messages.
5. Many users inadvertently download malware onto their phone that intercepts SMS messages and forwards them to cybercriminals.

Passkeys are a passwordless authentication method that allows users to verify themselves using their biometric data instead of a password. They were developed by FIDO, of which Token is a member. Passkeys use (PKI) public-key infrastructure just as we do so there is no password to steal.

Major platforms have been working to make passkeys sync securely across devices, which is very convenient for consumers. Apple’s iCloud Keychain and Google Password Manager allow users to access passkeys across multiple devices within their own ecosystems. Token prefers a higher level of security where the user’s private key (these are the keys to the kingdom) never leaves the ring and the ring cannot be accessed via Wi-Fi or cellular signal, and users cannot inadvertently download malware onto their ring, eliminating a major vulnerability.

FIDO (Fast Identity Online) passwordless solutions offer many security benefits by eliminating the use of traditional passwords. This includes:

1. Eliminates Password Vulnerabilities
2. Resistant to Common Attacks
3. Uses Strong Cryptographic Authentication
4. Local Device-Based Authentication
5. Enhances User Convenience and Security Compliance
6. Prevents Account Recovery Exploits

By leveraging FIDO’s passwordless approach, organizations can significantly reduce the risk of security breaches, improve user experience, and comply with evolving security and privacy regulations.

Hardware tokens are great and provide strong security, but

1. They frequently get lost.
2. They often get left plugged into computers. Leaving a dongle plugged into a device is like leaving your keys in your car when you are away from it.
3. They only plug into USB ports [no Bluetooth or NFC support]. TokenCore Wearable works via NFC and BLE so it can be used with any device
4. They are often not with the user when they need it wherever they are working and with whatever device they are using.

User set up of the ring is easy, intuitive, and takes 10-15 minutes. We have a comprehensive Quick Start Guide to direct users through the process and Token also has a “User Set Up” video, online support resources, and a toll-free number where we support users directly to reduce the burden on your helpdesk.

Because Token Rings are wearables, they are less likely to be lost or stolen. If a user loses a ring, the credentials and biometrics remain safe in the Tamper-Proof Secure Element inside the ring. No one other than the user can ever use the ring or access the protected data stored inside the ring.

Yes, while other major ring makers have a strict No-Exchanges policy, Token allows each ring to be exchanged one time during its life for a different size at no charge. Exchanges are possible beyond the first free exchange for a small charge.