Key Concepts

Auth Factors

This document describes in detail the different authentication factors available via Pinn. Our API/SDKs allow for you to select which factors to enforce in any given scenario.

Factor Key Description Type
Device device All authentications enforce this method by default, this method uses special private keys in your app to produce a signature that can only be generated on a specific end user's mobile device while your app is running Local
Left Palm left_palm This method verifies a users presented left palm biometric data against the enrolled template Remote
Right Palm right_palm Similar to left_palm this method verified the right hand. It is usually used in conjunction with left_palm to provide a way to check both users palm. For best user experience if you want to check a single palm, user the either_palm method Remote
Either Palm either_palm Verifies either a user's left or right palm against the enrolled biometric template, whichever palm the end user presents. This gives the end user flexibility to provide whichever palm is more convenient to them. Remote
Local Biometric local_biometric Verify the user with an on-device biometric available to their phone. Commonly this is a fingerprint (most common for Android and iPhone 5-8 ), face (iPhone X and XS) or iris scan (Samsung). Local
Local Passcode local_passcode This auth method prompts the end user for their on-device passcode. Local



Using specialized cryptographic keys, both local_biometric and local_passcode enable your backend to remotely prove the end user performed these authentication methods successfully. Your local biometric data or passcode never leave the end-user's device, instead a cryptographic signature provides evidence that the authentication was completed on a given device/app.


Move onto our next section within key concepts regarding ID Tokens.



We are here to help! Contact us with any development related questions at and we'll reach back in a timely manner.