Passwordless Authentication.

Powered by Biometrics.
Secured by Bluetooth.

TokenCore™ Node: Enterprise Biometric Authentication Device | FIDO2 Security Certified

TokenCore™ Node combines Bluetooth proximity, on-device fingerprint verification and hardware-bound credentials to deliver phishing-resistant, passwordless authentication. The credential is generated inside an EAL5+ secure element and never leaves it. No passwords. No codes. No credential to steal.

FIDO2 Certified

Bluetooth 5.4

Wireless

No Passwords

No Codes

The Gap

Other Security Keys Leave You Vulnerable

Attackers don't break in anymore. They log in. Most systems don't fail because access was granted. They fail because identity was assumed.

  • Credentials are stolen
  • Phishing bypasses MFA
  • Sessions are hijacked
  • Identity is assumed, not proven

TokenCore™ Node proves the authorized human at the moment of access. Turn authentication into assurance.

Other Security Keys

Stolen credentials are the #1 access vector in enterprise breaches

The Verizon 2025 DBIR.

Identity-based intrusions account for 30% of all incidents

IBM X-Force Threat Intelligence Index 2025.

The Hardware

TokenCore™ Node: Enterprise Biometric Authentication Device

One touch. One person. Proven. TokenCore™ Node brings biometric, cryptographic and proximity-based verification into a single FIDO2-certified security key, built for the people and systems your organisation cannot afford to get wrong.

Why Choose TokenCore™ Node?

TokenCore™ Node protects privileged users and sensitive systems, and integrates natively with the IAM, SSO and PAM platforms you already run. Unlike software-based authentication, credentials never leave the device. There is no shared secret to phish, steal or replay.

image 203

True Passwordless Authentication

Replace passwords, OTPs and push notifications with biometric authentication, secured by FIDO2/WebAuthn standards.

image 202

Verify Identity, Not Just the Device

Every authentication requires a locally verified fingerprint. Access is bound to the authorized user, not possession of the key.

image 201

Wireless Authentication

Bluetooth 5.4 proximity confirms the authorised user is present before authentication begins. Verified in real time.

image 200

Built for Enterprise

Deploy alongside Microsoft Entra, Okta, Google Workspace, Ping Identity and CyberArk. Keep the infrastructure you already run.

Specifications

Inside TokenCore™ Node

Everything inside TokenCore™ Node exists to do one thing: prove the authorised human, then get out of the way.

  • FIDO2 L1 Certified
  • WebAuthn & U2F compatible
  • EAL5+ secure element
  • Bluetooth 5.4 connectivity
  • Device-bound biometrics
  • 508 DPI fingerprint sensor
  • OTA firmware updates
  • Windows, macOS, Android & iOS compatible
  • Passwordless authentication
  • NFC not supported
  • Standards: FIDO2 / WebAuthn / U2F
  • Passwordless authentication
  • Public key cryptography
  • Hardware-backed authentication
  • Credentials generated inside the secure element
  • No shared secrets
  • Fingerprint authentication
  • 508 DPI fingerprint sensor
  • Device-bound identity verification
  • No PIN fallback
  • No cloud verification
  • Authentication occurs entirely on-device
  • Bluetooth Low Energy (BLE 5.4)
  • Wireless proximity authentication
  • Automatic presence detection
  • No NFC support

Operating systems: Windows, macOS, Android, iOS.

Enterprise platforms: Microsoft Entra, Okta, Google Workspace, Ping Identity, CyberArk, and any FIDO2/WebAuthn IAM platform.

No drivers. No middleware. No infrastructure replacement.

Protects against credential theft, phishing attacks, replay attacks, man-in-the-middle attacks, password compromise and push fatigue attacks.

Credentials never leave the secure element.

  • Bluetooth Low Energy operation
  • Rechargeable
  • Over-the-air (OTA) firmware updates
  • FIDO2 L1 Certified
  • EAL5+ secure element
  • WebAuthn compliant
  • U2F compatible
  • Technical onboarding
  • Firmware update assistance
  • Product setup support
  • Enterprise deployment guidance

Deployment

Enterprise Ready from Day One

TokenCore™ Node drops into the identity stack you already run. No rip and replace. No new servers. Deployment fits your environment, not the other way around.

Existing Identity Platforms

Works with Microsoft Entra, Okta, Google Workspace, Ping Identity and CyberArk, and any FIDO2/WebAuthn IAM platform.

No Infrastructure Changes

Integrates with your current IAM, SSO and PAM environment. No new servers. No middleware. No application changes.

Over-the-Air Device Updates

Firmware is pushed locally to the device. No product recalls. The hardware you deploy stays current.

The comparison

Move Beyond Legacy MFA

Comparing Biometric Authentication Devices to Traditional Authentication Methods

Attack Vector Verifies the human
Legacy MFA No
Passkey Partial
USB Key No
TokenCore Yes
Attack Vector Phishing resistant
Legacy MFA No
Passkey Yes
USB Key Yes
TokenCore Yes
Attack Vector Wireless
Legacy MFA No
Passkey Yes
USB Key No
TokenCore Yes
Attack Vector Proximity enforced
Legacy MFA No
Passkey No
USB Key No
TokenCore Yes
Attack Vector No fallback risk
Legacy MFA No
Passkey No
USB Key No
TokenCore Yes
Attack Vector Always with user
Legacy MFA No
Passkey No
USB Key No
TokenCore Yes

Threat Elimination

Built to Stop Modern Identity Attacks

Most controls make attacks harder. TokenCore™ Node removes what attackers rely on: a credential that can be moved. What disappears matters more than what it does.

Eliminate Credential Theft

Eliminate Credential Theft

Credentials are hardware-bound. A stolen password is worthless. There is no credential to reuse.

Stop Phishing

Stop Phishing

FIDO2 cryptography binds authentication to the real domain. A fake site captures nothing.

Prevent Replay Attacks

Prevent Replay Attacks

Every authentication is uniquely signed with a device-bound credential. Nothing can be captured and replayed.

Protect Privleged Accounts

Protect Privileged Accounts

Only a verified fingerprint, present in real time, unlocks access to critical systems. No fingerprint, no access.

Get Started

Ready to Modernise Authentication?

Move beyond passwords and legacy MFA with phishing-resistant biometric authentication. Deploy TokenCore™ Node across your organisation without changing your existing identity infrastructure. This is handled.