ThinC-AUTH

Security Keys & Authentication Devices

Protect business critical information through military-grade authentication. The ThinC-AUTH is a biometric security key that adds two additional layers of security to your login to ensure computers, online services and networks remain protected.

Fingerprint password protection
Military grade security
Windows & Mac compatible
Microsoft verified & approved
2018 DPA & GDPR compliant

ThinC-AUTH generates and protects security credentials like keys, certificates, tokens and sequesters user information within the hardware to provide military grade protection for your business.

Configurable security key – protects access to computers, online services, and networks.
Fingerprint authentication – biometric module prevents any misuses of the Key from unauthorised users.
Strong security architecture – impossible to reverse engineer fingerprint data from the protected storage.
Strong algorithms – AES, HMAC, ECDH achieves high-level security.
Single key for hundreds of services – compatible with multiple PC platforms and FIDO2 enabled web applications

FIDO2

FIDO2 is a phishing proof, password-less authentication protocol developed as a joint effort between the FIDO Alliance and the World Wide Web Consortium (W3C) to create a strong authentication standard for the web.

Sharing the vision of the FIDO alliance, and with the goal of building privacy by design, ThinC-AUTH conforms to FIDO U2F and FIDO2 standards.

About Ensurity

Ensurity help businesses gain cyber sovereignty in encryptions. They design and manufacture specialised secure hardware, software and mobile applications. Ensurity is a member of MISA (Microsoft Intelligent Security Association), which consists of an elite group of cyber security technology companies partnering with Microsoft in building advanced solutions for evolving threats.

ThinC AUTH/AUTH+ Biometric Security Key
- Security Algorithm: ECDSA, SHA256, AES, HMAC, ECDH
- Interface: USB-A with High speed USB2.0 / USB 3.0 (Upcoming)
- Communication Protocol: FIDO2
- Working Voltage: 0V
- Working Current: Standby: 80mA
- Power: Standby: 0.4W
- Working Temperature: (-10°C to 45°C)
- Storage Temperature: (-20°C to 70°C)
- LED Lights: 2 multi-colour LEDs
- Casing Material: Metal+ABS
Fingerprint Module in ThinC AUTH/AUTH+
- Image Pixel: 160 x 160 pixels with 8-bit depth
- DPI: 508 DPI
- Fingerprint Sensor: Capacitive 360° Touch Fingerprint Sensor with Ultra-low power consumption
- Sensor Protection: Integrated conductive bezel
- Sensor Quality: Superior 3D image quality
- Server Service Life: More than 200k times
- Storage: 5 fingerprint templates
- False Accept Rate: <0.001%
- False Reject Rate: <1%
- Recognition Time: <0.6s (for 120 finger points)
- Acquisition Time: <180ms
- ESD range: IEC61000-4-2, level X, air discharge (±30 kV)

To download the ThinC-AUTH specification sheet please CLICK HERE

Without the user biometric authentication, can ThinC-AUTH be used to access accounts?

FIDO2 Standard specifies three modes of user authentication: 1. User Presence: Just check if the user is present or not and does not verify the actual user. 2. Client PIN: Verifies the user with a PIN/password. 3. User Verification: Verifies the fingerprint to make sure the user is verified. If you don’t enrol fingerprints and don’t set the PIN then the ThinC-AUTH device works in User Presence mode. After you set the PIN it work’s in Client PIN mode and after you enrol the fingerprints it works in User Verification mode with fall back to Client PIN. Note: The FIDO Server/Web Service can choose which mode they use to authenticate the user so even after enrolling fingerprint and setting Client PIN if the server tries to authenticate in User Presence mode then the ThinC-AUTH device will not verify the fingerprint.

How many fingerprints can be registered onto the device?

The ThinC-AUTH supports up to five fingerprints.

If the user loses the device, how can the user authenticate to FIDO enabled services?

User needs to deactive the two-factor authentication (2FA) from the FIDO enabled service and needs to reactive the 2FA service on a new ThinC-AUTH device. The 2FA deactivation process depends on the Website/Service providers and may vary from one to other.

Can the user take backup of the FIDO credentials from ThinC-Manager?

Ensurity Technologies will be providing a few optional ‘add-on’ services. Using the add-on services/modules, user can securely take backup of multiple FIDO registrations and securely store them in private/public cloud in future.

Is there any limit on the number of websites/services that you can use with the ThinC-AUTH device?

For U2F (Universal 2nd Factor) services, the device supports unlimited registrations. For FIDO2 services, device supports unlimited FIDO2 registrations with non-resident keys. It can store up to 30 resident keys.

What is the use of password?

The device provides option to set password as back up authentication mechanism for fingerprint. If password/PIN is configured in the ThinC-Manager tool, in the event of three unsuccessful fingerprint authentication attempts the tool will automatically prompt for entering the password/PIN.

Is the tool required during the authentication to website/FIDO services?

No, once the fingerprints are registered using the ThinC-Manager it is no longer required to use the device with the websites/FIDO services.

What platforms do ThinC devices work on?

The “ThinC Management Tool” is a GUI tool, available on both Windows and Mac OS platforms. Using the same tool, users can register/manage multi-fingerprints and storage partitions on applicable ThinC devices. Devices are functional on any platform: ThinC-VAULT directly functions without any driver on any OS. ThinC-AUTH depends on the OS browser support with FIDO.