User Guide for LiveEnsure® iOS and Android Mobile App

First, login to your host site or app.


From your desktop, laptop, tablet or your mobile browser or host application, login as you normally would. Upon login, you will be redirected to authenticate via LiveEnsure® (LE) with a scan or tap. 


Next, authenticate by scan or tap.


If you are authenticating to a separate screen, simply scan the QR code with the LE app on your mobile device. Once captured, the session will proceed.


If you are only on your mobile device, accessing a mobile browser site or resident mobile app, you should automatically roll to LE upon logging in or tapping the provided authentication link on the screen, in an email or message. 


> First Registration via OOB PIN

If this is your first time using LE for a given site or app, you will get a registration PIN via email or other OOB means. This binds your device to the authentication context for that host. If you change devices, login with another user ID or switch hosts, you may be asked for a PIN the first time as well.


Enter the PIN or challenge when prompted to proceed.


> Normal Authentication Session

If this a normal authentication session, or after registration for a given host or app, you will simply authenticate with a tap or scan upon subsequent sessions. The LE app will prompt you for any additional security challenges. See below for details on those factors. After completing authentication,  the app will display PASS or FAIL.


It’s that simple! You are done. 

(But read on for more cool stuff.)



Optional: Additional Factors from Host App/Site


Your host website or app may require additional authentication context beyond the device. If so, they will add factors for you to respond to upon authentication, such as the following:


> Prompt/Challenge

The prompt challenge resembles the registration PIN step, in that you are prompted to enter a response to a question or challenge that may be known or sent out-of-band (email, SMS, DM, etc). However, this challenge/response is custom to the session or the host. Simply respond to the challenge on the screen, or wait if it is sent out-of-band to respond. 


> Geofence/Location

The geolocation challenge verifies you are in the right location context, along with the device or other factors like biometrics or challenges. The location factor is automatic and will display a map showing where you are as it compares that context with the desired location or proximity. 


> Time

The time factor works like location, but is invisible as it automatically and verifies you and your device are in the correct time, along with other factors. 


Optional: Setting Your Personal Factors in the App


In addition to the above host factors, you have the power to add your own factors to each session in the LE app, thus ensuring that no one can login as you without your control. In this way, you can add your own twist to any LE authentication. 


From within an authenticated session, simply tap OPTIONS / FEATURES and choose to enable the following. They will they be added to every LE authentication in the future, until you turn them off.


You may only have one factor active at a time. The factors are set individually.  You must disable a previous factor to enable a new one. Press the toggle to enable/disable, and long press the toggle to edit or re-edit the parameters. When personal factors are disabled, their parameters are forgotten. 


Note: Again, you must be within an authenticated session to access these options. If you leave the app or screen from the session, you will need to re-authenticate at the site or app to modify them. If you are locked out, the only option is to reinstall LE and re-register with the host, for your protection.


> Biometrics

The personal biometric challenge allows you to require your configured biometric factor to be used for each and every authentication. LE supports both fingerprint (touch) and recognition (facial, eye, etc) based on your device settings. Simply enable and permit biometrics as option. Then, upon next authentication, perform the touch or scan to authenticate.


If biometrics are disabled or you cannot authenticate, there is NO fallback to the OS pin for your added personal security. 


> Behavior/Gesture

The behavior factor allows you to set a custom gesture pattern that only you know to lock and secure any authentication. The pattern consists of 3 unique swipes, from the first endpoint to the last, regardless of path. This allows you to create unique methods of entering the pattern without risk from over the shoulder detection. Simply enable the factor and set your pattern on the white screen. Then, upon authentication, you will repeat the pattern when asked on the black screen. 


> Bluetooth/Devices

Finally, LE supports your own hardware devices as tokens to authenticate your context. From within LE personal factors, you can choose from any supported, enabled and connected Bluetooth devices by name as your factor, such as a wearable watch or tablet. Then, every time you authenticate, that device must be present, active and connected. Please use this factor with caution as the only way to restore authenticity if the secondary device is lost or stolen is to reinstall and re-register, for your protection. 



Resetting Devices / Reinstalling the App


In addition to personal factors, you also have the ability to request LE forget all your devices in cases of lost, stolen, sold or simply upgraded mobile phones. In this case, from within a valid/registered session, go to OPTIONS | FORGET DEVICES and click confirm. Now, all devices and factors are forgotten and you will need to re-register any new sessions or devices used. This feature is also available to your host site if they need to “forget you” remotely.

Troubleshooting, FAQ & Getting Help


> I’m locked out of LiveEnsure® because I can’t authenticate or have lost a factor.

If you are locked out of LiveEnsure® for any reason, simply uninstall and reinstall the app. This will require to be re-trusted by your host app or site from scratch, according to their requirements and rigor and will reset all of your factors and devices. 


> My mobile does not have biometric support.

If your device does not have biometric support, you will be alerted when trying to set or access it that it is not available or configured.


> I’ve lost or sold my mobile device.

If you have lost or sold your device, either from the device itself (sold) or another of your devices (lost) simply authenticate/register, and go to OPTIONS | FORGET DEVICES and all of your settings and devices will be deleted. Then, you will need to re-register, even on the device currently on, for your protection.  Alternatively, you can contact your host app/site who can delete you from their end as well via API.


> I want to add or change my mobile device.

To add or change a device in your LE context, simply authenticate/register from that device via the out-of-band PIN.


> I did not get my registration PIN or email.

If you fail to receive your registration PIN upon first authentication for a new or recently deleted device or account, first check your SPAM filter or folder for the email. Second, verify your email user ID is correct and not misspelled. Third, contact support below for more assistance.  In addition, some hosts may deliver registration PINs via alternate means, such as SMS messages, private DMs or even mailed or printed. Check with your host app or site for details. 


> I have other questions or need help.

To get support, first check with your host app or site, Otherwise, go to 

support.liveensure.com and click on Submit A Request.

CONTACT


CONTACT US

GET THE API/SDK


DEVELOPERS, GITHUB

ABOUT US


LiveEnsure® is the contextual authentication company. We develop mobile security technology for web, cloud and apps on iOS and Android.
Trust your crowd in the cloud.

MOBILE APP


iOS,  ANDROID, USER GUIDE


© 2020 LiveEnsure Inc. Patented US/EU.