Enterprise Biometric Authentication Device | FIDO2 Security Certified
TokenCore™ Node
TokenCore™ Node
Couldn't load pickup availability
Share

Key Features
-
FIDO2 L1 Certified
Independently certified to the FIDO2 Level 1 standard.
-
EAL5+ Certified Secure Element
Credentials are stored in a tamper-resistant secure element.
-
Device-Bound Biometrics
Your fingerprint is verified on-device and never leaves it.
-
Bluetooth 5.4 Authentication
Wireless authentication over Bluetooth 5.4.
-
Proximity-Based Access
Presence is confirmed before authentication begins.
-
Upgradeable Firmware (OTA)
Firmware updates are delivered over-the-air.
-
Broad Platform Compatibility
Works across Windows, macOS, Android and iOS.
-
Passwordless Authentication
No passwords. No OTPs. No push notifications.
How to Set Up
Setup takes minutes.
-
Step 1: Download the Token App
Available for Windows, macOS, Android and iOS.
-
Step 2: Enroll Your Fingerprint
Enroll your fingerprint securely on the device.
-
Step 3: Add as a Security Key
Add TokenCore™ Node in your account security settings.
-
Step 4: Pair over Bluetooth
Complete Bluetooth pairing with your operating system.
-
Step 5. Authenticate
Log in instantly with fingerprint verification.
TokenCore™ Node: Technical Specifications
Core Security & Authentication
- Authentication standards: FIDO2 / WebAuthn / U2F
- FIDO certification: FIDO2 Level 1 Certified
- Authentication type: Passwordless, phishing-resistant
- Biometric verification: On-device fingerprint authentication
- Cryptography: Public key cryptography
- Security model: Hardware-based authenticator with isolated credential storage
Connectivity & Interface
- Bluetooth 5.4 connectivity
- Wireless proximity authentication
- No NFC support
- No cables required during authentication
Device Compatibility
Compatible with: Windows, macOS, Android, iOS.Works natively with: Microsoft Entra (Azure AD), Okta, Google Workspace, Ping Identity, CyberArk, and any FIDO2/WebAuthn-compatible IAM, SSO or PAM platform.
No drivers. No middleware. No infrastructure replacement.
Security Protections
- Phishing-resistant authentication
- Credentials never leave the secure element
- Protection against credential theft
- Protection against replay attacks
- Protection against man-in-the-middle attacks
- Eliminates password reuse risks
- Eliminates OTP and push notification MFA vulnerabilities
Hardware Security
- Secure element: EAL5+ Certified
- Credential storage: Device-bound secure element
- Fingerprint sensor: 508 DPI biometric sensor
- User verification: Local fingerprint authentication only
- No PIN fallback
- No cloud verification
Hardware & Build
- Bluetooth-enabled biometric authenticator
- Portable form factor
- Wireless operation
- Product Diameter: 1.25"
- Product thickness: 0.32"
- Weight: 8 grams
- Durability / IP rating: IP-65
Power & Operation
- Rechargeable battery (specification pending)
- Firmware updates: Over-the-Air (OTA)
- Battery life: 6-9 days
- Charging time: Approximately 2 hours
Certifications & Compliance
- FIDO2 Level 1 Certified
- EAL5+ Certified Secure Element
- WebAuthn compliant
- U2F compatible
Technical Support
- Dedicated customer support
- Product setup assistance
- Technical troubleshooting
- Firmware update support
What's Included
-
TokenCore™ Node & Charger
TokenCore™ Node and proprietary charging cable. Ready to enroll on day one.
-
Setup Instructions
Step-by-step onboarding guide included. First-time fingerprint enrollment takes under two minutes, with direct support available.
-
Optional Accessories
Additional carry and charging accessories available separately. Deploying across a team? See enterprise ordering below.
Meet TokenCore™ Node: Your Biometric Bluetooth Security Key
Biometric Bluetooth Authentication
One touch confirms the person. Bluetooth 5.4 confirms they are present. Fingerprint verification and proximity detection combine for passwordless authentication that is bound to the authorized user, not the device.
Simple Setup Experience
Setup mirrors the existing TokenCore™ product family. Enroll through the Token App and you are ready in minutes. No drivers. No middleware.
How It Works: Instant, Frictionless Login
-
Bluetooth Proximity Detection
Bluetooth 5.4 confirms the authorized user is physically present before authentication begins.
-
Local Biometric Verification
Fingerprint verification occurs entirely inside the secure element. No PIN. No passwords. No cloud verification.
-
FIDO2 Cryptographic Authentication
Credentials are generated and signed within the secure element using public key cryptography. Private keys never leave the device.
Works with Your Favorite Apps & Systems
Built to Stop Real Attacks
Phishing-Resistant Authentication
Identity is verified using biometrics, not passwords. A fake site captures nothing.
Hardware-Protected Credentials
Credentials stay isolated inside the EAL5+ secure element. There is no credential to steal.
Eliminates Common MFA Weaknesses
Protects against credential theft, replay attacks, man-in-the-middle attacks, password compromise, push fatigue attacks and OTP interception.
Why TokenCore™ Node Beats Traditional Authentication
-
vs. Passwords
A password is a shared secret. It gets reused, guessed, phished and sold. TokenCore™ Node has no password to share. Access is a locally verified fingerprint, and the credential is generated inside the secure element. There is no secret to steal.
-
vs. One-Time Codes
A one-time code is only as safe as the channel it travels on. Codes are intercepted, relayed and re-entered on fake sites. Node sends no code. A fingerprint and Bluetooth proximity authorize access in a single touch, faster than typing a six-digit code.
-
vs. Push-Based MFA
Push prompts train people to approve. Attackers exploit that with fatigue attacks, repeating the prompt until someone taps yes. Node has nothing to approve by mistake. No fingerprint, no access.
-
vs. Passkeys & Synced Credentials
Passkeys can be synced across devices and accounts. A synced credential can be shared. Node binds identity to the individual, verified on-device. Nothing is checked in the cloud, and the private key never leaves the secure element.
-
vs. Standard Security Keys
A standard security key proves possession. Anyone holding it can use it. Node proves the person. Bluetooth 5.4 confirms the authorized user is present, and a 508 DPI fingerprint sensor verifies them on-device before access is granted.
-
Built for Your Existing Stack
Node is not a rip and replace. It deploys alongside Microsoft Entra, Okta, Google Workspace, Ping Identity and CyberArk, and any FIDO2/WebAuthn platform. No drivers. No middleware. No infrastructure to replace.
Ordering for Enterprise?
Volume purchasing is available for organizations deploying TokenCore™ Node across teams and privileged users. For orders of 20 or more, contact Sales directly.
Enterprise deployment support includes:
- Volume pricing
- Deployment assistance
- Technical onboarding
- Returns policy
- Warranty (once confirmed)
Get Protected Today
Move beyond passwords and legacy MFA. Prove the human, every time. This is handled.