Token's security environment ensures that only the registered user can use the credentials stored within the ring. We have taken steps to embed this vision into our security model:
- Token stores your credentials on a tamper proof secure element that never leaves the ring. This method is very similar to secure chips used in credit cards and government IDs with all the certifications and protections that come native to those platforms.
- Token uses two authentication methods to ensure the owner of each credential is protected:
When you sync a credential to Token you have to use an active ring that is paired and registered to a secured account.
To activate Token, a registered finger must be detected. Any absence of the registered finger restricts the use of paired credentials.
However, since you only need to scan your finger once, each authentication is one step.
- If your ring is ever lost or stolen, it is designed to be unusable. The secure element ensures your data is protected and unusable until the registered fingerprint is scanned.