ThinC-AUTH BioPro

Passwordless Authentication Solutions for Enterprises

Secure Your Business with Advanced Biometric Solutions

ThinC Auth Biopro from Ensurity is a cutting-edge device that simplifies authentication. With built-in biometric verification, you can eliminate the need for traditional passwords. ThinC Auth Biopro uses the latest passwordless authentication standards, including FIDO2, to ensure your data remains safe from breaches and phishing attacks.

ThinC-AUTH BioPro works with AzureAD Certificate Based Authentication (CBA), Local AD SmartCard Login, RDP and Windows Server machines.

A PIV (Personal Identity Verification) uses certificate-based authentication (CBA) enables enterprise users to securely authenticate to access controlled resources (Servers, Workstations, Applications etc.) and information systems at the appropriate security level. ThinC-AUTH BioPro also works with Azure Active Directory and Microsoft Account to access Microsoft Cloud Services, including Microsoft 365, Microsoft Dynamics 365, and Microsoft Azure with a simple touch of a fingerprint authentication using FIDO2.

Features

Why choose
ThinC-AUTH BioPro

This device provides a frictionless user experience by combining passwordless technology with biometric authentication. It ensures that only authorized users can access systems, reducing the risk of unauthorized access.

Biometric multi-protocol security key

Biometric PIV (Smart Card and Certificate based Authentication); and Biometric FIDO2 security key

Local / Hybrid / Azure Active Directories

Works in multiple AD infrastructure environment

Secure Fingerprint authentication

Embedded with world’s No1 capacitive fingerprint touch sensor. Prevents from spoofed fingerprint authentication.

Strong security architecture

"ThinC-AUTH BioPro" is embedded with FIPS 140-2 Cryptographic secure element to manage all crypto functions

Single key for hundreds of services

Extensive feasibility for users to manage hundreds of WebAuthn applications with one Security Key.

Single key for multiple platforms

Secure Logon to Windows, Servers, Workstations, RDP, Linux, macOS, Applications, Firewalls, VPN, and Network Devices

Functional Features & Specifications

Category

Functionality: Biometric FIDO2

Functionality: Biometric PIV

Make & Model

Make: ENSURITY

Model: 'ThinC-AUTH BioPro' Biometric PIV+FIDO2 Security Key

Connectivity

• Full-speed USB 2.0 (Type-A) interface
• High-quality, durable, and water-resistant casing
• Strong and compact design for everyday use
• Cost-efficient alternative to expensive readers
• HID interface (requires no driver for any operating system)
• Smartcard interface (requires MiniDriver for Windows)

Fingerprint Biometrics

• 360° fingerprint touch sensor (with a life over 200,000 times)
• High-definition, fast and accurate fingerprint recognition (<1 sec.; FAR <0.001%; FRR <1%) – accepts live fingerprints and prevents from spoofed biometric authentication, such as latex-captured fingerprint images
• Support for multi-fingerprint registrations (user binding to the Security Key with fingerprints)
• High fingerprint capacity – stores up to five fingerprints
• Fingerprint minutiae templates are encrypted and stored within the secure controller (CC EAL5+ certified) of the device. The templates will never be extracted out of the security key.

Security & Cryptology

• CC EAL5+ certified 32bit Crypto RISC processor
• Supported algorithms: ECDSA, SHA256/SHA512, AES256, HMAC
• Cryptographic acceleration: RSA, ECC, ECDH
• Encrypted flash storage for biometric templates
• Dynamic on-chip Encryption/Token Key generation using inbuilt TRNG
• Hardware-based Unique ID

Authentication in compliance

• Supports FIDO2 (WebAuthN / CTAP protocols) authentication standards
• Passwordless login to Windows 10 Pro R1903+ OS systems (joined to Microsoft Azure AD)
• Supports U2F (Universal 2-Factor) authentication standards
• Passwordless authentication for upto 30 different WebAuthn accounts (Resident Key)
• Two-factor authentication to unlimited WebAuthn accounts (Server Key)
• Compatible with Microsoft Windows, MacOS, and Linux platforms — works with most of the latest version of browsers
• Smart card-based public key infrastructure (PKI) authentication for Windows login, VPN, Web Login, Remote Sessions, as well as data security, digital signature and secure email.
• Two-factor authentication with PIN
• Request a certificate from a Windows Certification Authority, generate a self-signed certificate, or import an existing certificate to the AUTH BioPro Key.
• Generate a certificate based on the Server CA Template stored in the secure element on the device. Supports all Windows smart card behaviors, including lock on removal.

Performance

• Authentication to the application is less than 750ms
• Durability tested for more than 20,000 insertion cycles

Environment

• Temperature: Storage —20°C to 70°C
• Temperature: Operating —5°C to 55°C

Transform Your Authentication Today

Security Functions

WebAuthn, FIDO2 CTAP1, FIDO2 CTAP2, Universal 2nd Factor (U2F), Smart card (PIV-compatible), OATH – HOTP (Event), OATH – TOTP (Time).

Cryptographic Specifications

RSA 2048, RSA 4096 (PGP), ECC p256, ECC p384

Benefits

Benefits of Biometric PIV & FIDO2

Phishing-resistance

Eliminates password related common attack vectors such as phishing, intercepting, stealing, sharing or any other compromisation factors.

Simplifies the authentication process

Simplifies the authentication process. PIV doesn’t require hard-to-remember or confusing passwords for the client. When employees don’t need to remember passwords, it’s easier for authorized users to access privileged services and sites. Additionally, this reduces IT support costs and employee frustration.