Secure Mobile Access 12.4 Administration Guide

About Biometric Identification

This feature provides the option to use biometric identification to unlock cached credentials on Mobile Connect devices.

Credential caching allows the user to establish a connection to the SMA appliance without having to reenter authentication credentials. Credential caching provides convenience, but it could allow an unauthorized user to access a corporate network if the user device is used by someone other than the owner. Biometric identification can be used to control who can access these cached credentials.

With biometric identification, a user can use a face or fingerprint to unlock their cached credentials.

Administrators can enable biometric identification on iOS devices and Android devices. End users can choose to require biometric identification in addition to their cached credentials for authentication.

Administrators can:

  • Choose to enable credential caching.

  • Choose to allow certain types of clients (iOS, Android, or both) to use credential caching.

  • Choose to allow credential caching only in conjunction with biometric identification.

You can prevent any user from using another person’s biometric identification to access a corporate network by disabling biometric identification for that user in their configuration settings. We recommend that you include a Terms-of-Use statement that states that a device using biometrics to unlock cached credentials only contains biometric signatures for the individual whose credentials are cached. With this feature, you can only use biometric identification to unlock cached credentials, and then use the cached credentials for authentication.

Biometric Identification is not supported with the Connect Tunnel client or web access methods (Mobile Connect only).

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.