Affected Version: 

BioStar 2 v2.9.7 or above 

                                                                                                                                                  

Supported Products: 

BioMini, BioMini Plus 2


In version 2.9.7, Suprema introduced a new feature called "Multi-Factor Authentication for Login." This allows users to enhance the security of their accounts by adding a fingerprint authentication step, using a fingerprint scanner, to the existing ID and password login method in BioStar 2.


Basic Concepts

The basic concept for this new feature is as the following.




Cautions

1. To use this new feature, the following Suprema's fingerprint scanners must already be connected to the BioStar 2 server or client.

1) BioMini

2) BioMini Plus 2


2. When a user with Multi-Factor Auth for Login enabled accesses BioStar 2 through the BioStar 2 Cloud, fingerprint authentication for login is NOT supported, so Multi-Factor Auth for Login CAN'T be used. 


3. Multi-Factor Auth for Login CAN'T be used if the Use for BioStar 2 Login option is enabled for an Active Directory server account


4. Users with Multi-Factor Auth for Login enabled CAN'T be registered for BioStar 2 services other than BioStar 2 AC


Execution Procedures 


Note that

Before adding the fingerprint scanner, it needs to install a USB agent in the BioStar 2 server in advance.

To install a USB agent, plesae follow the below steps. 



Step 1. Add a Suprema fingerprint scanner in BioStar 2 (BioMini or BioMini Plus 2)


Connect your Suprema fingerprint scanner to BioStar 2 and check if the icon of the USB scanner appears correctly. 


 

Step 2. Apply the feature "Multi-Factor Auth for Login" to a user


Step 2-1.

Go to the USER section and select the user to whom you will apply the new feature. First, enroll the user's fingerprint using the connected Suprema fingerprint scanner


Step 2-2.

Select an option other than None in Operator Level filed and set the Multi-Factor Auth for Login option to Use.

Next, enter the Login ID and Password.



Note that

If you select None as the option in Operator Level, the Multi-Factor Authentication for Login feature will NOT be visible, as shown in the picture below. 


Step  3. Log in to BioStar 2 Using "Multi-Factor Auth for Login" Feature


Step 3-1.

Go to the BioStar 2 login page. Enter the ID and Password set in Step 2-2, then click Login.



Step 3-2.

You will then see a screen prompting you to authenticate using your fingerprint. At this point, scan your fingerprint using the connected Suprema fingerprint scanner. 


Note that

Please consider the following cautions when authenticating using your fingerprint:


  1. The scan time limit is fixed at 18 seconds and cannot be changed.
  2. You can attempt to scan your fingerprint up to three consecutive times. If the fingerprint is not accurately scanned within these three attempts, authentication will fail.
  3. In case of authentication failure, click the Retry button to attempt fingerprint authentication again. However, please note that only two retry attempts are allowed.
  4. If fingerprint authentication fails after a total of 3 attempts, including 2 retry attempts, the login process will revert to the ID and password entry step.  


Step 3-3.

If authentication is successful, you will be logged in to BioStar 2 as normal.