PingID Administration Guide

Configuring one-time passcode fallback

The one-time passcode (OTP) fallback setting allows administrators to configure whether users can fall back to an OTP when the mobile app response times out.

About this task

Disabling this setting helps to enforce a security policy that requires authentication by biometrics only. The default setting is Enable.

  • You can also enable direct OTP selection to allow users to authenticate with an OTP immediately, without waiting for the authentication request to time out. For more information, see Configuring direct passcode usage.

  • If you are using PingOne DaVinci to orchestrate your PingID flows, and want to disable OTP fallback, you must disable it in the flow settings node in DaVinci, as well as the Admin portal.

Steps

  1. In the PingID admin portal, go to Setup → PingID → Configuration.

  2. In the One-Time Passcode Fallback section of the Authentication section, select one of the following options: A screen capture of the Authentication section. In the One-time Passcode Fallback section are he radio buttons for Disable and Enable. The Enable button is clicked. This is the default setting.

    Choose from:

    • To disable authenticating with an OTP when the mobile app response times out, click Disable. If the request times out or the user’s mobile is offline, the user receives the yellow Timed Out message.

      The yellow Timed Out error in the PingID mobile app.

      If the user’s mobile is in no push mode, the user will receive the following error message.

      The red error message in the PingID mobile app.

      To configure push mode, go to Settings → Swipe Settings → Enable Swipe → Off in the PingID mobile app.

    Users with mobile devices that do not support push notifications will not be able to authenticate if the Disable setting is selected.

    • To enable authenticating with an OTP when the mobile app response times out, click Enable. This is the default setting. If the request times out, the user can authenticate using an OTP.

      The OTP entry field on the Authentication window in the PingID mobile app.
  3. Click Save.