User Guide for LiveEnsure® iOS and Android Mobile App
First, login to your host site or app.
From your desktop, laptop, tablet or your mobile browser or host application, login as you normally would. Upon login, you will be redirected to authenticate via LiveEnsure® (LE) with a scan or tap.
Next, authenticate by scan or tap.
If you are authenticating to a separate screen, simply scan the QR code with the LE app on your mobile device. Once captured, the session will proceed.
If you are only on your mobile device, accessing a mobile browser site or resident mobile app, you should automatically roll to LE upon logging in or tapping the provided authentication link on the screen, in an email or message.
> First Registration via OOB PIN
If this is your first time using LE for a given site or app, you will get a registration PIN via email or other OOB means. This binds your device to the authentication context for that host. If you change devices, login with another user ID or switch hosts, you may be asked for a PIN the first time as well.
Enter the PIN or challenge when prompted to proceed.
> Normal Authentication Session
If this a normal authentication session, or after registration for a given host or app, you will simply authenticate with a tap or scan upon subsequent sessions. The LE app will prompt you for any additional security challenges. See below for details on those factors. After completing authentication, the app will display PASS or FAIL.
It’s that simple! You are done.
(But read on for more cool stuff.)
Optional: Additional Factors from Host App/Site
Your host website or app may require additional authentication context beyond the device. If so, they will add factors for you to respond to upon authentication, such as the following:
The prompt challenge resembles the registration PIN step, in that you are prompted to enter a response to a question or challenge that may be known or sent out-of-band (email, SMS, DM, etc). However, this challenge/response is custom to the session or the host. Simply respond to the challenge on the screen, or wait if it is sent out-of-band to respond.
The geolocation challenge verifies you are in the right location context, along with the device or other factors like biometrics or challenges. The location factor is automatic and will display a map showing where you are as it compares that context with the desired location or proximity.
The time factor works like location, but is invisible as it automatically and verifies you and your device are in the correct time, along with other factors.
Optional: Setting Your Personal Factors in the App
In addition to the above host factors, you have the power to add your own factors to each session in the LE app, thus ensuring that no one can login as you without your control. In this way, you can add your own twist to any LE authentication.
From within an authenticated session, simply tap OPTIONS / FEATURES and choose to enable the following. They will they be added to every LE authentication in the future, until you turn them off.
You may only have one factor active at a time. The factors are set individually. You must disable a previous factor to enable a new one. Press the toggle to enable/disable, and long press the toggle to edit or re-edit the parameters. When personal factors are disabled, their parameters are forgotten.
Note: Again, you must be within an authenticated session to access these options. If you leave the app or screen from the session, you will need to re-authenticate at the site or app to modify them. If you are locked out, the only option is to reinstall LE and re-register with the host, for your protection.
The personal biometric challenge allows you to require your configured biometric factor to be used for each and every authentication. LE supports both fingerprint (touch) and recognition (facial, eye, etc) based on your device settings. Simply enable and permit biometrics as option. Then, upon next authentication, perform the touch or scan to authenticate.
If biometrics are disabled or you cannot authenticate, there is NO fallback to the OS pin for your added personal security.
The behavior factor allows you to set a custom gesture pattern that only you know to lock and secure any authentication. The pattern consists of 3 unique swipes, from the first endpoint to the last, regardless of path. This allows you to create unique methods of entering the pattern without risk from over the shoulder detection. Simply enable the factor and set your pattern on the white screen. Then, upon authentication, you will repeat the pattern when asked on the black screen.
Finally, LE supports your own hardware devices as tokens to authenticate your context. From within LE personal factors, you can choose from any supported, enabled and connected Bluetooth devices by name as your factor, such as a wearable watch or tablet. Then, every time you authenticate, that device must be present, active and connected. Please use this factor with caution as the only way to restore authenticity if the secondary device is lost or stolen is to reinstall and re-register, for your protection.
Resetting Devices / Reinstalling the App
In addition to personal factors, you also have the ability to request LE forget all your devices in cases of lost, stolen, sold or simply upgraded mobile phones. In this case, from within a valid/registered session, go to OPTIONS | FORGET DEVICES and click confirm. Now, all devices and factors are forgotten and you will need to re-register any new sessions or devices used. This feature is also available to your host site if they need to “forget you” remotely.