AffirmID Auth Installation

Installation on Cell Phones:

  1. Install the latest version of AffirmID Auth built for your operating system:
    • Google Android. On your Android phone, go to Google Play (tbd) to fetch the app.
    • Apple iOS. On your Apple iOS iPhone, go to the App Store (tbd) to download the app.
  2. When run for the first time a series of dialogs may appear asking your permission to use or access a resource on the phone, approve each [1].
  3. A brief introduction dialog then appears with important operational information and your BioPIN lockout reset code [2] you must record in a safe location.
  4. Using the BioPIN keypad, enter your BioPIN ensuring to keeping it simple and easy for you to memorize [3].
  5. There are 2 authenticator frames:
    • Use the passive One-Time-Code (2FA) frame for all your accounts and services secured by use of two-factor OTP codes [4].
    • Active authenticators include:
      1. FIDO Alliance compliant FIDO2 authenticator used for all your FIDO accounts [5].
      2. FIDO Alliance and W3C compliant WebAuthn authenticator for all your WebAuthn accounts [5].

Installation Notes:

  1. Your permission is needed to access some resources of the phone and so following installation you are asked to grant access to those resources.
  2. A BioPIN is like a PIN but more secure by combining the codes with biometrics of their entry thus making it exceedingly difficult for others to access your authenticators. Also, 3 successive failed attempts result in BioPIN keypad lock out. Use the supplied reset code to reset a lockout and be sure to keep it in a safe place. To reset keypad lockout:
    1. Tap the “#” hash key.
    2. Enter your reset code.
    3. Tap Reset.
    4. Your keypad is once again available with 3 try/retry enabled.
    5. Important Note: 3 failing attempts to enter the reset code will disable AffirmID Auth. Should this happen contact your Help Desk, security team or
  3. While BioPINs may be up to 16 characters in length often a shorter code just as effective. Use the double-tap feature to enhance a shorter coded by double-tapping 1 or more characters of your code. For example, a 3-character code with double-tap stays a 3-character code but with the double-tap and its unique timing making the code nearly impossible to duplicate.

Using 2-step OTP Authenticators

Setup and Use OTP Accounts:

  1. While setting up the 2-step account on the offeror service you will come to a QR code display.
  2. In the Passive authenticator frame tap + and focus camera on the QR code.
  3. The account is setup under its default name and ready for use.
  4. You can rename the account by tapping the account name, enter a unique Name in the form supplied and tap Save.

Alternative OTP account setup:

  1. In Options menu tap “Edit 2FA Account”
  2. Fill in the form setting Name to a unique name of your choice, and all other fields to values supplied by account offeror
  3. Double check your settings and tap Save


  1. The most common use of OTP codes is augmenting username + password accounts when logging in to the account.
  2. Once username and password are entered, tap the OTP account, append displayed code to the password, and submit for authentication.
  3. For all other applications apply the 6-digit code where instructed.

Using Active Authenticators

Bluetooth Pairing:

  1. Before using either FIDO2 or WebAuthn authenticators in combination with remote FIDO clients such as a laptop, tablet, or other devices a one-time Bluetooth pairing must be set up.
  2. In the Active authenticators frame double tap the AffirmID icon.
  3. On the client device, select Bluetooth pairing mode.
  4. Receive and approve on your phone pairing requests, there may be 2 such requests.

Account Setup:

  1. Account registration is a one-time event and needed before first use.
  2. In the Ready state, tap AffirmID icon making it Available for Registration (30 second time limited).
  3. On a paired client navigate to the service registration screen and select to register.
  4. When instructed to do so, tap AffirmID icon, sometimes referred to as the button.
  5. The account is now ready for use


  1. In the Ready state, tap AffirmID icon making it Available for Authentication (30 second time limited).
  2. On a paired client navigate to the service authentication screen and once setup select to authenticate.
  3. When instructed to do so, tap AffirmID icon, sometimes referred to as the button.
  4. You are now authenticated with rights to access the paired client service account(s).

Discover Why AffirmID is Right for You!