VisualTouch POS: A Case Study in FIDO Strong Authentication

VisualTouch, a North American hybrid-cloud based point of sale (POS) system, has integrated LoginID’s FIDO2-certified passwordless authentication protocol into their POS system’s enterprise reporting portal. This allows management to access the VisualTouch Cloud from their laptop or mobile device using only their fingerprint, face scan, or whatever biometric is native to their device.

VisualTouch offers both hardware and software POS solutions with a focus on the hospitality and retail industries. They currently have over 50,000 locations supported by their POS solutions. This includes large enterprise clients such as Sodexo, Sysco, Salvation Army, Revera, the US Department of Defense, and Gateway News.

Through their partnership, VisualTouch POS and LoginID aim to secure the interactions between merchants, customers, and the VisualTouch POS cloud by providing functions such as passwordless login and payment authentication for their employees and customers.

How LoginID’s FIDO-Certified Strong Authentication Works with VisualTouch POS

When an employee wants to register an account in order to access the VisualTouch POS cloud, they will be directed to a screen like the one below. They will enter their email address and then be prompted to provide their biometric information that is native to their device.

Once they have scanned their face or swiped their fingerprint, the FIDO protocol will then create a public key private key pair that will be used for authentication going forward. The public key is stored on LoginID’s server, while the private key remains in the secure area of the user’s device, never leaving. For Apple products, this would be the secure enclave.

Now that an account and public key private key pair have been created, the employee will be able to access the VisualTouch POS cloud by simply using their biometric credentials whenever they wish to sign in. The device itself and the biometric act as the two strong authentication factors, eliminating the need for passwords which are vulnerable to phishing and other attacks. For more detailed information about FIDO and biometric authentication see our article HERE.

Additional Functionality - Payment Authentication with Biometric Digital Signature

For additional security measures, an online retailer might want to add payment authentication to their checkout process. Payment authentication utilizes very similar functionality to the FIDO registration and sign in process.

At checkout, the purchaser is prompted to enter their biometric information to confirm the purchase thus providing a biometric digital signature for the transaction and generating a digital receipt.

Since this purchase was confirmed with a biometric, the transaction will be very difficult to dispute as not being made by the purchaser. This can potentially eliminate cases of friendly fraud and chargebacks that retailers are often left responsible for.