Customizing the Nymi Band Authentication Method

The Nymi Band supports authentication by fingerprint only, a combination of fingerprint and liveness detection, and authentication by the Active Directory credentials of the user.

By default,

Policies allow you to define the methods that a user can use to authenticate to their Nymi Band. The following table summarizes the authentication method options that are available to you in a group policy and the advantages and disadvantages of each option.

Table 1. Authentication method advantages and disadvantages
Setting Advantage Disadvantage

Corporate Credentials = disabled

Liveness Detection = disabled

Note: This is the default configuration for new installations.
  • Biometric guarantee of the identity of the user.
  • Authentication by fingerprint does not check for an ECG signal.
  • Authentication by fingerprint does not check for an ECG signal.
  • User cannot authenticate by using their corporate credentials when authentication by fingerprint fails.

Corporate Credentials = disabled

Liveness Detection = enabled

  • Biometric guarantee of the identity of the user.
  • Authentication by fingerprint also checks for an ECG signal.
  • Authentication might fail when the fingerprint is dirty, cut, too wet or too dry, or when the fingerprint sensor is not clean.
  • A small percentage of the population has difficulty providing stable ECG to the Nymi Band during authentication,which results in the liveness check and authentication to fail.

Corporate Credentials = enabled

Liveness = enabled

  • Authentication by fingerprint also checks for an ECG signal.
  • Allows a user to authenticate to authenticate by using their corporate credentials when authentication by fingerprint fails due to a fingerprint or ECG signal failure.
  • A small percentage of the population has difficulty providing stable ECG to the Nymi Band during authentication,which results in the liveness check and authentication to fail.
  • For a user to authenticate by corporate credentials, the user must have access to the Nymi Band Application, and log into the Nymi Band Application with their corporate credentials.
  • Corporate Credentials Authentication does not:
    • Provide a biometric guarantee of the of the identity of the user.
    • Guarantee that the user who supplied password is the correct user.

Corporate Credentials = enabled

Liveness = disabled

  • Authentication by fingerprint does not check for an ECG signal.
  • Allows a user to authenticate by using their corporate credentials when authentication by fingerprint fails.
  • Users who experience issues providing a stable ECG to the Nymi Band can authenticate the Nymi Band with their fingerprint.
  • Authentication by fingerprint does not guarantee that the user who is wearing the Nymi Band is the user that is wearing the Nymi Band.
  • Corporate Credentials Authentication does not:

    • Provide a biometric guarantee of the user’s identity.
    • Guarantee that the user who supplied the password is the correct user.

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.