Note: New instances/applications of TTP are not currently being supported.
Authentication is how a TeamTime Portal device identifies an Employee via biometric information and/or Employee Number. From the Login screen, users will authenticate into the portal by scanning a fingerprint, capturing a face image, entering their Employee number, or by entering an Employee number in combination with a fingerprint scan OR face image.
For technical details on how authentication and biometric match works, see About Authentication Via Fingerprint or About Authentication via Face Recognition
For an illustrated flow chart on how the authentication (login) process functions, see Understanding Employee Authentication and Check In Process.
Login Screen
The Login screen will display one of three methods (face, finger, employee number) based on default authentication method(s).
Authentication Process
Fingerprint Authentication
The fingerprint authentication process begins when the Employee places the finger to be scanned on the sensor surface. After scanning, "Thank you. Please wait." displays.
The system will attempt to match the fingerprint with those stored in the device cache.
If the print is not in the device cache or is unable to be matched for whatever reason, the numeric keypad will display. Up to three attempts will be made to match the fingerprint to the Employee number. After three failed attempts, the session will be reset.
Note: Employees authenticating on the device for the first time will always have to enter their Employee number because their fingerprints will not be in the device cache yet. Employees may also be required to enter their Employee number in addition to scanning a finger every time they log in if device settings require Employee number.
The Employee enters their Employee number. The system now performs a lookup in WinTeam to see if the Employee is valid, active and enrolled.
Note: If the WinTeam database is unavailable, authentication cannot continue unless a biometric match is not required or if a Device Setting ("Skip Biometric WinTeam Down") is checked.
Valid: A valid Employee is one that is set up in the Employee Master File as a TeamTime employee.
Active: An active Employee number is one whose current status in the Employee Master File is "active".
Enrolled: An enrolled Employee is one that has successfully completed the Enrollment process for the Device's default authentication method.
The Employee is allowed several attempts to enter an Employee number. If the Employee number does not meet all three of the criteria (valid, active, and enrolled), a message will display stating why it was not validated. After the final failed attempt, the session will be reset.
If the Employee number is valid, active, enrolled, and the device is set to require a biometric match, but the fingerprint did not match any stored in WinTeam, a screen will displayed indicating which fingerprints are available for biometric matching (based on what fingers were enrolled). At this point, the Employee is allowed several more attempts to scan an enrolled finger in order to authenticate. If biometric match is not required, the Employee will be taken to the Home screen. See About Authentication Via Fingerprint.
If print is not found, "Match not found. Please try again." displays on screen. After final unsuccessful attempt, the session is reset and the fingerprint authentication screen displays again.
If the print is found, the fingerprint will be authenticated.
Note: Even if the Employee is valid, active and enrolled on the device, fingerprints may not be matched (authenticated) due to a poor scan or the wrong finger being scanned. For details on how the biometric match works, see About Authentication.
Tip: For best results, ensure the scanning area is free of residue. Lay the finger even and flat on the sensor. Do not apply excess pressure.
If the Employee is valid, active and enrolled and the fingerprint matches a print stored in WinTeam, the fingerprint will be authenticated.
When the fingerprint is authenticated, the Home screen displays.
Face Authentication
The Face authentication process begins when the Employee's face displays in the webcam's live stream window. "Stand in front of the camera" displays under the webcam window until the live stream picks up a face image.
Note: If multiple cameras are detected, the Switch Camera icon displays.
The device will attempt to extract a usable face image a certain number of times, provided a face is detected. If a face is detected, but the system is unable to find a match in the device's cache, a status message displays to the left of the window - "Face not yet matched". When this occurs, a message displays under the webcam's live stream window giving guidance - "Please adjust your position by stepping forward or backward". A message also displays to the right of the window - "We are having problems authenticating".
Make sure the Employee's face has a black square around it as well as a line from eye to eye to ensure accurate face extraction.
The number of times the system attempts to match the face image is determined by the Biometric Settings of the Device. See Device Settings for details.
If the face image is not in the device cache or is unable to be matched for whatever reason, a message displays to the left of the window "Face authentication failed" and the numeric keypad Login screen will display.
Note: Employees may be required to enter their Employee number in addition to scanning a face image every time they authenticate - if device settings require Employee Number.
The Employee enters their Employee Number. At this point the system will perform a lookup in WinTeam to see if the Employee is valid, active and enrolled.
Valid: A valid Employee is one that is set up in the Employee Master File as a TeamTime employee.
Active: An active Employee number is one whose current status in the Employee Master File is "active".
Enrolled: An enrolled Employee is one that has successfully completed the Enrollment process for the Device's default authentication method.
Note: If the device setting "Skip Biometric WinTeam Down" is not checked and the WinTeam database is unavailable, authentication will not continue. If this setting is checked,the Home screen will be displayed.
When the face image is authenticated, the Home screen displays.
Employee Number Authentication
Employees can authenticate using the Login screen keypad if biometric matching is not required or if a biometric match cannot be made.
The keypad contains numbers 0-9, a BACK button to delete the last digit entered and a CLEAR button to delete all digits entered. The Submit button is located to the right of the keypad.
Enter the Employee Number and click Submit.
If the Employee Number is accepted, the Home screen will display.
Authentication Troubleshooting
"Employee is not valid" error message
Make sure the employee exists in the Employee Master File and is marked as active.
"Employee is not enrolled" error message
Enroll the Employee using the appropriate authentication method (Face or Finger - dependent on the Device Settings).