FAQs
Search The Question
General
-
How do you protect the information sent from the TraitWare mobile device App to the authentication server?
We require certificate pinning between the phone app and the authentication server. [Pinning is the process of associating a host with their expected X509 certificate or public key.]
Once a certificate or public key is known or seen by a host, the certificate or public key is associated or ‘pinned’ to the host.
The integrity of data sent from the phone app to the authentication server is verified with a digital signature for the data packets sent over the encrypted connection. [A digital signature is an authentication mechanism that enables the creator of the message to attach a code that acts as a signature.]
-
What are the two+ factors in Passwordless MFA?
We deliver up to five factors of authentication, with four of them being completely transparent to the user:
- Physical possession of the mobile device that the TraitWare authenticator app is installed on. We use patented behavioral metrics to create a rotating ‘device signature’ that locks out the user if the device is tampered with (through jail-breaking/rooting, malware, etc.)
- FaceID or another user biometric of equivalent security. We only use device-native APIs, ensuring the biometric is an algorithmic representation and never leaves the device.
- A non-replayable, time-based login code (delivered through a QR).
- The physical location of the mobile device. Authentication can be restricted to a geographic boundary and will fail once the user leaves the permitted area.
- A unique ‘Image Pin is chosen by the user as a knowledge factor. Use of a pin is reserved for cases when biometrics are unavailable or must be paired with a second factor for extra security.
-
Does the TraitWare solution require SSO?
We use auth standards of SAML 2.0, OIDC, and OATH along with a Windows agent and a PAM module for integration to applications, Windows endpoints, and for Linux SSH/SFTP. This allows us to either sit in front of an existing IAM (SSO) solution or act as the IDP. We can also go to the service provider directly.
SSO is not required nor is an AD/AAD server. What we do require is for an auth standard to be in place or the ability to install the Windows agent or Linux PAM.
-
Does TraitWare support event-based or time-based MFA?
We use a different methodology that delivers up to 5 factors of authentication per login request, of which 4 are transparent to the user. One of the factors is a rotating key; another is an OTP that can only be used from the authenticator with its device-bound crypto. So we use both an OTP and a rotating key for each event. We are also able to limit access based on geolocation at the time of the authentication event.
-
How secure is the TraitWare authentication system?
To secure each individual’s identity TraitWare utilizes
1) the user’s mobile device equipped with the TraitWare Mobile App, and
2) the cloud-hosted TraitWare Authentication Server.
Traitware’s authentication is incredibly effective against malicious attacks and identity theft by a magnitude greater than conventional username and password systems.
-
Is TraitWare supported on both iOS and Android?
TraitWare is supported on both iOS and Android, Yes.
You can download the TraitWare authentication app with iOS (10.0+) and Android (6.0+).
-
Does my 30-day trial period start when I initially sign up for my TraitWare account, or do I get 30 days for each customer I add?
Your 30-day TraitWare account trial starts when you sign up for your account. Your account customers are all associated with the initial account signup, and therefore will not be given their own 30-day trials.
Account Registration
-
I was setting up my device, but I got an error when trying to complete registration.
If you receive an error during registration, there are few steps to complete to make sure that there is not an issue.
- Make sure you are using a valid registration code
- Registration codes typically expire 24 hours after your registration email is sent
- Make sure that your device is on the approved list
- We do not support some older operating systems as they don’t provide the security we require
- Make sure that your session hasn’t timed out
- If you are registering your device and don’t complete it within 5 minutes, it will break the app. This includes choosing your authentication method, and trying to change the current photo set for using PhotoAuth
- Make sure that you have a stable internet connection
- If your wifi or cellular signal are weak, you may not be able to complete the communication to TraitWare.
- Make sure you are using a valid registration code
-
I was activating my account with TraitWare, but when I scanned the QR in the initial Account Setup window, it denied me access. What do I do now?
Please make sure that you have selected ‘QR Scan’ from the options at the bottom menu within your mobile app. If you try to use ‘Login with QR Code’, it will not work.
-
I am activating my TraitWare account, and I have sent an activation email to my email address, but I haven’t received any emails. What should I do?
If you have waited a few minutes, and checked your spam folder, and you still have nothing, select resend email from the same screen as before. If you do not receive an email still, please contact support@traitware.com.
Account Recovery
-
How do I recover my account if I lose or replace my phone?
How do I recover my account if I lose or replace my phone?
If you have lost or replaced your phone and are the only account owner, please contact us at support@traitware.com to request a new activation code. If you have another Account Owner, please ask them to sign in and choose Resend Activation Email under your user row.
Pricing and Payments
-
How does your pricing model work?
Every user begins with a 30-day free trial account of our software. During this period, they are given unlimited access and usage of the service and the ability to cancel the service. After the 30-day trial, the user will choose a pricing plan detailed on this page.
-
What if I need to be issued a refund?
If you have already purchased a yearly subscription, and you are not satisfied with the product, we can issue you a pro-rated refund based on the amount of time after your trial period expired. Contact support@traitware.com to get your refund process started.
-
How long does it take before I receive my refund in my account?
Refunds typically take 5-10 business days to be processed and refunded to your account.