Local authentication

Local authentication requires the user to authenticate (with an input such as a fingerprint or a passcode) before being allowed to: access the host system, perform a punch, or both.

Note: The device must be set up with screen locking ON for local authentication.

Local authentication can be set up to be enforced in two separate places in the app:

  • Logging In: The user is prompted authenticate (passcode, fingerprint, etc.) before being allowed into the server from the mobile app.
  • Punching: When attempting a punch, after tapping the Punch button, the user is prompted to authenticate (passcode, fingerprint , etc.) before being allowed to punch from the mobile app.

Important notes about local authentication

  • Local authentication is achieved with the same method used in the device for screen unlocking, such as a passcode or a biometric identifier (fingerprint or facial recognition).
  • Device screen locking must be turned on for local authentication to work. If local authentication is enabled and the screen locking is turned off, an error will occur and the user will not be allowed to proceed with the task (logging in or punching). Screen locking is located in Settings on the device:
  • Some Mobile devices will lock out after multiple failed biometric authentication attempts. Follow your device instructions to enable biometric authentication.

 

Local Authentication is set up through the Logon Profile. If a user’s Login Profile enables Local Authentication, the user will need to locally authenticate before being allowed to: enter the server, to punch, or both.

Login Profiles are located in Administration - Application Setup - Access Profiles - Logon Profiles

Select the Mobile App Settings tab and set the following fields:

  • Local Authentication for Login - Set to Not Required, Any, or Biometric.
    • Set to Any to require the use of the screen unlock method that is set for the device (such as passcode or pattern) to login.
    • Set to Biometric to require a biometric identifier (such as fingerprint or facial recognition) to login. The system will use whatever biometric identifier is set on the device. Note that if a biometric identifier is not set on the user’s device (or if the user’s device does not support biometric), authentication will not be possible on the device and login will not be allowed.
  • Local Authentication for Punch - Set to Not Required, Any, or Biometric
    • Set to Any to require the use of the screen unlock method that is set for the device (such as passcode or pattern) to perform a punch.
    • Set to Biometric to require a biometric identifier (such as fingerprint and facial recognition) to perform a punch. The system will use whatever biometric identifier is set on the device. Note that if a biometric identifier is not set on the user’s device (or if the user’s device does not support biometric), authentication will not be possible on the device and login will not be allowed.