HexaEight Authenticator Mobile App

Our Mobile App Issues Free Digital Authentication Tokens To Anyone With a Valid Email Address

For IOS and Android
Available for Android in Google Play Store
Available for iPhones in iOS App Store
Also available in Amazon App Store

Download Our Mobile App

HexaEight Mobile Application

HexaEight Mobile Application allows any user having a valid Email Address to register with our Platform. Upon successful verification of the Email Address, an Email Digital Token is issued which is stored in the Mobile Application.

Users can use the Digital token to scan HexaEight QR Codes to login to any Website or Application that integrates with HexaEight Authentication.  Every Digital Token is associated and secured by a Password that is known only to the user.  Digital Token Passwords are never stored on the Mobile.  In the event the user forgets the Digital token password, they can delete the  token and request for a new Digital token with a different password. 

NOTE : Our Platform does not allow users to obtain a Digital Token using  temporary email addresses.

How To Protect Tokens Tutorials

Frequently Asked Questions

1. How Is Our Mobile App Different From Other Authenticator Apps?

Most Mobile Authenticator apps in general are not protected and they are best used as a second factor authentication by displaying a code associated with an email address.  Anyone having access to the mobile, can easily open the Authenticator app and access the two-Factor security code.

HexaEight Authenticator Mobile App on the other hand uses a Digital Token protected by a password. Because the password for the Digital token is never saved on the mobile and is only known to the user, it is impossible for others to impersonate simply by taking the phone and accessing the Digital token.

2. How Do I physically Verify the identity of another email user using our Mobile App?

At times, we may wish to verify another user's identity by validating their email address if you have been dealing with them solely through their email address, such as when you are talking to someone over chat or over the phone with a support representative, or meeting someone unfamiliar.

There may also be occasions when hackers may attempt to send you a link containing QR Codes which must be decoded using HexaEight Digital Tokens. As a human user, if you are suspicious of the other user who you're interacting, you should immediately verify the other user's identity using our physical verification process as described below.

To aid this effort HexaEight provides a simple verification process for any user to identify the other user by performing the below steps.

In the below depicted example Alice wants to verify the email address of Bob whose email id is bob@anyemail.chat. Alice and Bob follow the below sequence of steps to complete the verification process.  

a)  Alice opens HexaEight Mobile App and Taps VERIFY IDENTITY button located in the Home Tab.

b)  Alice choses, YES when prompted for a new Identity Token. She is shown a QR Code 

c)  Alice shows (or transfers) the QR Code to Bob and asks him to scan the QR Code using his Digital Token associated with his email address

d) Bob scans the QR Code using his Digital Token associated with his email address and if the process is successful is shown a response  QR Code which he shows (or transfers) back to Alice.

e) Alice taps the back button on the mobile and uses the scanner app to scan the QR Code given by Bob.

f) Upon Scanning the QR Code, If Bob's email address is valid, Alice will see a success message on her mobile along with the email address thus completing the verification process.

NOTE: Alice and Bob can share the QR Code through any channel and complete the verification process.

3. Is it possible for a automated bad bot to use HexaEight Authentication and still login and mimic a human user?

Our mobile app does NOT provide any interface for bots. To thwart automated programs, we have implemented some complex screen interactions in the mobile app to prevent bots from being able to interact with our app smoothly.  However, it may be possible on a very rare instance for a bot to bypass our check.  Since our platform monitors the behavior of normal users, its easy for us to catch a bot trying to mimic human user by automating our authentication process. Whenever an email id is suspected of bot behavior, we may temporarily or permanently ban the email id from using our app unless the email owner can prove that their actions were misinterpreted as a bot 

We also provide a feature in our Token Server, to ban email addresses by adding a deny rule to authorization policies.  This can benefit anyone using our services to block an email id instantly on their token server, in the event they detect that the email was used to mimic a human user.  

Similarly, we empower any human user, to be able to detect a bot by providing a feature for physically (or virtually) verifying the other email user, this feature is very useful, if a human user suspects that the person at the other end not behaving as a normal human user and might be a bot.  We hope that these steps will allow anyone using our platform to distinguish users and bots. 

How To Download Our Mobile App?

SCAN

This QRCode

To Download Our
Mobile App From
Google Play Store

SCAN

This QRCode

To Download Our
Mobile App From
Apple Play Store

Additional Questions?

If you have more questions feel free to Contact Us and we will be happy to help you.

Contact Us

Privacy Policy

Terms of Use

© Copyright 2022 HexaEight - All Rights Reserved
HexaEight Trademark is held by HexaEight. Various trademarks are held by their respective owners.

We use cookies to give you the best experience. Read our cookie policy.