Skip to main content

Biometrics

Biometric authentication in azuma doa allows users to securely sign in to their existing accounts using built-in biometric sensors on their devices, such as fingerprint or facial recognition. This method provides a seamless and highly secure user experience by leveraging the unique biological characteristics of each user.

Biometric authentication in azuma doa is only available for accounts that have Device Binding successfully setup.

How Biometric Authentication Works

  1. Linking Biometrics to an Account
    Users can link their biometric credentials (e.g., fingerprint, face) to an existing device-bound account. This is typically done during a secure enrollment process, where the user is authenticated using another method (such as password or passkey) and then registers their biometric data via their device.

  2. Supported Platforms
    Azuma doa supports biometric authentication through the following built-in OS platforms:

    • Apple TouchID and Apple FaceID
    • Android Biometric Authentication

    These platforms use secure hardware and operating system features to store and match biometric data locally on the device. No raw biometric data is ever transmitted to azuma doa servers.

  3. Authentication Flow

    • When signing in, the user selects the biometric authentication option.
    • The device prompts the user to verify their identity using the registered biometric method.
    • Upon successful verification, the device uses the WebAuthn standard to generate a cryptographic assertion, which is sent to azuma doa for verification.
    • If the assertion is valid, the user is granted access to their account and azuma doa return an Access Token.

  4. Security and Privacy

    • Biometric data never leaves the user's device; only cryptographic proofs are exchanged.
    • The process is resistant to phishing and credential theft.
    • Users benefit from a fast, passwordless, and user-friendly sign-in experience.

Use Cases

  • Passwordless Sign-In: Users can log in without entering a password, using only their biometrics.
  • Multi-Factor Authentication (MFA) (coming soon): Biometrics can be used as an additional authentication factor for enhanced security. )