The implementation of Biometric Authentication in NetSuite involves two separate pages – one dedicated to new user registration and the other for authentication.
NEW USER REGISTRATION
Users provide details such as username and email before clicking the register button.
A QR code is generated and displayed.
Users scan the QR code using their mobile device to initiate the authentication process.
Upon opening the link, a pass key (public key) is stored securely on the device.
A custom record is created in the NetSuite backend to store user credentials, including username, email, and private key.
AUTHENTICATION
Users on a mobile device open the application link.
The system prompts for the username.
Upon clicking the login button, biometric authentication on the phone is triggered.
NOTES
IP Whitelisting: Access to the new registration page is restricted through IP whitelisting, and only static IPs can be utilized for this purpose. We kindly request confirmation on whether your organization uses static IPs.
Biometric Data Storage: This method prioritizes security by not storing any biometric data. Instead, it employs private key-public key authentication, mitigating the risks associated with storing sensitive biometric information.