FAQ - burner apps FAQ - Office365/Azure AD MFA

• How is my credit card data stored and processed on your website?

  ---

  We do not store or process any payment information on our website. After you fill your order data, an order ID is created and passed to one of our payment processors (SIX Payments, Stripe or PayPal). You only enter the credit card information on the payment page hosted by the payment gateway.

• Can I get a free sample?

  ---

  We normally do not provide free samples. If you want to test the functionality, feel free to use our virtual TOTP toolset. It fully emulates our hardware tokens.

• Can I use the programmable tokens with AWS or Fortnite 2FA?

  ---

  Yes, our second-generation tokens support longer seeds generated by AlibabaCloud, AWS, or Fortnite. Make sure you have the latest version (at least NFC Burner 2.1 for Android or NFC Burner 0.1 Advanced for Windows). Previous versions of the app do not support longer seeds.
  

• Which of your tokens support Azure Cloud MFA?

  ---

  All our token models support Azure Cloud MFA as long as your Azure AD license is P1 or P2. If you do not have any Azure AD license, you can still benefit from our tokens, but only the programmable ones. They act as a drop-in replacement of mobile authenticator apps (i.e. Microsoft Authenticator or Google Authenticator). This flowchart decision tree will help you to choose the right token model for your case.

• Can I use hardware tokens to implement Active Directory login with two-factor authentication?

  ---

  Microsoft does not natively support TOTP authentication for the Active Directory. Azure Active Directory supports logging in with FIDO2 Security keys, but this is not really a multi-factor authentication. If you need to implement TOTP as a second factor for on-premise Azure Directory user authentication, we recommend the UserLock product from our partner, ISDecicions

• Can I get a discount?

  ---

  Discounts are possible with orders starting from 50 units. To request a discounted quote, add the products to the basket, proceed with the checkout and at the final phase, click on the « Request quote »  button.

• Can the token be used with multiple services at once or is it one token per one service?

  ---

  This depends on the authentication system itself. If the system supports importing the seeds, then yes. If out of 2 systems, one supports importing the seeds and the second is hardcoded to QR code-based provisioning, then the same token can be used for 2 systems, for example, you can use the same token to login to both Google and Office365. For other cases, you can use our multi-profile TOTP token that can hold up to 10 TOTP profiles.

• Can your tokens be used with DUO?

  ---

  DUO supports TOTP hardware tokens, but they have not fully implemented the time drift adjustment as per RFC6238. So, after some time, the tokens' hardware clock will become out of sync and the OTP codes will not be accepted by DUO authentication servers because of the system clock not matching. The time of the token then needs to be adjusted keeping the current seed intact. This is only possible with Token2 programmable tokens with unrestricted time sync: miniOTP-2, OTPC-P1, C302, Molto-1 and some others. Read more about using Token2 hardware tokens with DUO here.

• How do I receive the seeds (secret shared keys) for the purchased tokens?

  ---

  Once the products are delivered, customers should request the secret keys by filling the seed request form (the URL of the form is unique for each order and is shown on the relevant order page). Kindly note that the order verification process is done manually and may take some time. Please note that the seeds can only be sent to the emails specified when the order is placed. Keys requested in standard formats (Hex, Base32 or CSV for Azure MFA) are normally sent within one business day (CET timezone). After the secret keys are received, you should import them to your authentication system. See below the integration guides for some systems. Please note that you do not need to request secret keys for programmable tokens or FIDO keys with TOTP/HOTP - you can set the keys yourselves using one of our burner apps

• Can I use the NFC cards or dongles for my access control systems?

  ---

  Yes, even if not powered on, our NFC devices act as simple NFC tags and can be used as a part of your access control system or "follow-me" printing systems. The only requirement is to support the same standard (ISO14443)

• Do you ship to my country?

  ---

  We ship worldwide^* with regular post or FedEx or UPS express services. Kindly note that shipping with regular post is longer and delivery times shown on the shipping form are approximate and not guaranteed. Shipping with FedEx or UPS is relatively more expensive^**, but delivery times   are guaranteed (from 1 to 5 business days depending on your location, not counting customs clearance delays).

  * - except for some countries, i.e. Russia, due to local cryptography-related legislation issues. ** - the shipping cost for express delivery shown on the checkout page is a ballpark figure for the most expensive location within the country selected. You can contact us if you believe shipping to your city must be cheaper, we can check the exact price with FedEx or UPS
• I have chosen Regular Post and my order is still not delivered.

  ---

  If the shipping option chosen for your order is "Regular post" (priority or with tracking) usually delivered within a week in Europe, US & Canada, 2 weeks to MENA region and 6-8 weeks to Australia and New Zealand, and the post says it may take up to 4, 6 and 10 weeks respectively. However, please note that this is approximation without warranty and the service is of a "best-effort" type. We have absolutely no visibility (except the tracking code, which is communicated to customers when the order is shipped) nor any further control.