VIP Policy Configuration
You can view, enable and disable the account policy for FIDO-enabled biometric or security key credentials. This policy allow your end users to use FIDO-enabled biometric credentials or security keys rather than security codes or push notifications for second-factor authentication.
When a user registers a FIDO-enabled biometric credential or security key, it becomes the default authentication method for the user. When a user authenticates to a website, the user is prompted to insert a security key and press the button, authenticate with a passkey, or perform a biometric authentication through the mobile device. The credential interacts with the authenticating website directly to authenticate the user.
Biometrics and security key authenticators take precedence over IA, device fingerprint, and Remembered Devices. If this policy is enabled, end users can no longer register new Remembered Devices in My VIP.
To set the policy for biometrics and security key authentication for your VIP account:
When a user registers a FIDO-enabled biometric credential or security key, it becomes the default authentication method for the user. When a user authenticates to a website, the user is prompted to insert a security key and press the button, authenticate with a passkey, or perform a biometric authentication through the mobile device. The credential interacts with the authenticating website directly to authenticate the user.
Biometrics and security key authenticators take precedence over IA, device fingerprint, and Remembered Devices. If this policy is enabled, end users can no longer register new Remembered Devices in My VIP.
To set the policy for biometrics and security key authentication for your VIP account:
| Select Policies in the navigation bar at the top of the page. | |
| Select the "Account" tab. | |
| Select Edit to configure the Biometrics / Security Key Authentication policy settings. |