Skip to main content

Biometric Authentication

Using biometric authentication for MFA (multi-factor authentication) improves security while maintaining the ease of a passwordless login. If you would like to implement biometrics for your site, select Request Activation to contact customer support. The implementation process includes using the Passwordless CNAME field to provide the alias of a CNAME record. When OwnID prompts the user to accept biometrics as their MFA, this CNAME is used as the URL of the prompt, so its value should indicate that it is a trustworthy domain.

When biometric MFA is enabled, the Fallback Method field defines what happens when a user's phone does not support biometrics. By default, a user without biometrics sets a 4-digit passcode as their secondary method of authentication. You also have the option of allowing a user to log in without MFA, in which case OwnID behaves as it does when biometrics is disabled.