We take security very seriously. Token's general security model is:
- Token stores your credentials on a tamper proof secure element and they never leave the ring. It’s just like the secure chips used in credit cards and government IDs with all the certifications and protections that come native to those platforms.
- While using Token our security model uses two authentication methods to ensure the owner of each credential is protected:
When you sync a credential to Token you have to use an active ring that is paired and registered to a secured account.
To activate Token, a registered finger must be detected. Any absence of the registered finger restricts the use of paired credentials.
However, since you only need to scan your finger once, each authentication is one step.