Note: New instances/applications of TTP are not currently being supported.
Overview
Caching
Unlike fingerprint enrollment, face images are cached on the device immediately during the enrollment process. This means the user can authenticate via face image immediately on that device without having to enter an Employee Number in order to verify their identity. Immediate caching speeds up the authentication process, and in the case of the WinTeam database being unavailable, authentication can still take place.
What to Expect on First Log On After Enrollment
What is required of the user during the first log on after being enrolled varies depending on biometric match settings, whether WinTeam is available and whether a good face image is captured. The following scenarios are what users can expect when logging in for the first time. See below for a review of biometric match settings.
First Log on
What to expect when Biometric Match is always required:
If the face image is not in the local cache (the device may be different than that on which enrollment took place
- The device will capture a face image.
- Since the face image is not in the cache yet, you will be taken to the Logon screen and be asked to enter your employee number.
- Upon matching the face image (from WinTeam) with the employee number, your face image is now stored in the local cache. Next time you log in, you will not have to enter your employee number (unless Require Employee Number is selected in the Device Settings screen in WinTeam).
- You are taken to the Home screen.
- If a match is not made between face image and employee number three times, you will be taken to the authentication screen. The device will capture a face image again to start the process over.
If the user's face image is already in the local cache:
- The device will capture a face image.
- If Require Employee Number is not selected, upon face image validation, you will be taken to the Home screen.
- If Require Employee Number is selected, you will be taken to the Logon screen and asked to enter your employee number, even if a match is made.
- If a match is not made between face image and employee number three times, you will be taken to the authentication screen. The device will capture a face image again to start the process over.
What to expect when Biometric Match is required if WinTeam is available, but can be skipped if WinTeam is not available:
If WinTeam is available:
- The process is identical to the 'always required' scenarios above.
If WinTeam is unavailable, and your face image is not stored in the local cache yet (the device may be different than the one on which enrollment took place):
- The device will capture a face image.
- You will be taken to the Logon screen and asked to enter your employee number.
- As long as the employee number belongs to a valid TeamTime employee, you will be taken to the Home screen.
If WinTeam is unavailable, and your face image is stored in the local cache:
- The device will capture a face image.
- You will be taken to the Home screen.
- If Require Employee Number is selected in the Device Settings screen, however, you will be required to enter your employee number, regardless.
What to expect when Biometric Match is not required:
- The process is identical to the WinTeam is unavailable scenarios above.
When Biometric Matching is Required
Require Biometric Match
This setting is enabled on the Device Settings screen in WinTeam. In certain circumstances, such as when the WinTeam database is unavailable, biometric match may not be required depending on security settings.
Always Required
This setting is the strictest and will require biometric match in all cases, regardless of whether the WinTeam database is available, the Employee is enrolled or the Employee could scan a valid fingerprint in three attempts.
Authentication will not take place if the WinTeam database is unavailable with this setting.
This setting is good for Jobs with high-security requirements (airports or banks, etc.)
To enable this setting:
Select Require Biometric Match check box
Clear Skip Biometric WT Down check box
Require if WinTeam is Available
This setting only requires biometric match if the WinTeam database is available. If WinTeam is available, the Employee must be enrolled on the device and must scan a valid fingerprint in three attempts (or capture a valid face image). If WinTeam is not available and the Employee's fingerprint or face image has been stored in the device cache, authentication can take place; however, if the fingerprint or face image is not stored in the device cache, biometric match will not be required. The Employee must enter an Employee Number in order to gain access to the Portal.
To enable this setting:
Select the Skip Biometric WT Down check box
Select the Require Biometric Match check box
When Biometric Matching is Not Required
This setting is the least strict and will allow access to the Portal even if an Employee is unable to scan a valid fingerprint in three attempts, capture a face image or is not enrolled. The Employee may also be able to skip the fingerprint authentication screen all together.
The Employee must enter an Employee Number in order to gain access to the Portal if fingerprint or face image authentication does not occur or is skipped.
To enable this setting:
Select the Skip Biometric WT Down check box
Clear the Require Biometric Match check box
Or simply select Employee Number for the authentication method
Webcams and "Mirroring"
Most webcams show images "unmirrored," that is when the subject moves, the image on the screen moves in the opposite direction. This can be confusing for users attempting to enroll or authenticate. To ease the process, TeamTime Portal has a setting for devices that display unmirrored images by default; this setting automatically mirrors images streamed from the device webcam so that when the user moves, the image on the screen will move with the user, as it would in a mirror.