Understanding Keyless authentication for your N26 account

N26 is introducing Keyless, a new technology designed to provide a streamlined method to authenticate yourself when you want to access your account from a new device.

Keyless uses biometrics to authenticate your identity, which is faster and more secure than traditional passwords or one-time codes (susceptible to fraud attacks and social engineering). This process securely associates your device with your identity. Once configured, Keyless will allow you to pair your device using a biometric scan.

Keyless employs a technology — called Zero-Knowledge Biometrics — that ensures that your actual biometric data itself is not stored. Instead, when you use Keyless, your biometric information is immediately transformed into a cryptographic key that is used to verify your identity without the need to retain your original biometric data.

• Phishing-Resistant Multi-Factor Authentication: Keyless authenticates both the user and the device independently, offering a higher level of security against phishing attempts.
• No Storage of Biometric Data: The underlying technology is designed so that your actual biometric data is not stored, intended to enhance privacy.
• Account Takeover Prevention: By verifying your identity using biometrics, Keyless aims to prevent unauthorised account access.

When you use Keyless for the first time, the app will walk you through a quick setup process, and provide step-by-step guidance and tips to help you frame your face correctly. This process includes taking a selfie when prompted, which securely links your device to your identity for your account. Your device will be considered “paired”.

Simply look at your camera or follow the on-screen instructions to allow the facial scan. Keyless uses the secure cryptographic key to quickly verify that it's you.

Keyless is the biometric authentication method adopted by N26 to associate your device to your account for security purposes. It’s the most convenient and secure way to access your account through a new device.

We understand that some customers may not wish to use biometric authentication. If that’s your case, you can still access your account this way: How to pair or unpair my smartphone to my account?

Your selfie is not stored anywhere. It’s only used to generate the cryptographic key for the verification of your identity.

The cryptographic key derived from your selfie is stored securely on our side to enable future authentication.

Given that Keyless is designed not to store your biometric data, we do not have selfie data to access, rectify, or erase.

Keyless offers N26 customers a security-focused method for authentication. It provides a robust method for verifying your identity and accessing your account more efficiently while ensuring that no biometric data is stored.