Product Update: Biometric Authentication
Overview
This release introduces Biometric Authentication in the mobile application, adding a layer of security for user access. Along with a new 15-minute session timeout, users are now required to re-authenticate using their device’s configured security method (such as fingerprint, PIN, or face recognition) after periods of inactivity. This enhancement improves data protection while maintaining a seamless and quick re-entry experience.
What’s New
1. Biometric Authentication for App Access
What changed:
Users can now enable biometric or device-based authentication (fingerprint, PIN, pattern, or face recognition) to unlock the application after login.
Benefit:
Provides a faster and more secure way to access the app without repeatedly entering login credentials.
2. Optional Enable/Disable from Profile
What changed:
Users can choose to enable or disable biometric authentication from the Profile section at any time.
Benefit:
Gives users flexibility and control over their preferred authentication method.
3. 15-Minute Idle Session Timeout
What changed:
The application now automatically locks after 15 minutes of inactivity and prompts the user for authentication.
Benefit:
Enhances security by preventing unauthorized access when the app is left unattended.
4. Device-Based Authentication Handling
What changed:
The authentication method displayed depends on the device’s configured security settings (e.g., fingerprint, PIN, pattern, or face recognition).
Benefit:
Ensures compatibility with a wide range of devices without requiring additional configuration.
5. Fallback to Login on Failed Attempts
What changed:
After three unsuccessful authentication attempts, users are redirected to the login screen and must complete a full login (Email, Password, OTP).
Benefit:
Maintains security by preventing repeated unauthorized access attempts.
Important Notes
- This feature is available only on the mobile application (Android/IOS) and is not supported on the web
- Biometric authentication is introduced after the first successful login
- The session timeout is triggered after 15 minutes of inactivity, including when the app is in the background
- Any user interaction resets the idle timer
- If the application is closed, normal login behaviour applies
- Authentication method depends entirely on the device’s configured security settings
Where to Find It
Navigation path: Profile → Biometric and Screen Lock