To improve the balance between security enforcement and usability, we have updated the fingerprint verification failure mechanism for the ATKey.Pro series and introduced a new feature: side button click for PIN presence check. These changes apply to devices running CTAP2.1 firmware v2.00.04.
In FIDO2-based security keys, failed biometric attempts are tracked to prevent unauthorized access through repeated trial and error. This mechanism is part of the device’s internal security policy, independent of server-side logic.
For ATKey.Pro, the fingerprint authentication module records the number of failed verification attempts. If the failure count exceeds the pre-defined threshold, the authenticator will enforce a lockout and reject further verification requests until the failure counter is reset.
What has changed?
| Mechanism | Previous Behavior | New Behavior |
| Total allowed failed attempts | 15 attempts before lockout | Increased to 25 attempts before lockout |
| Failure counter reset per power cycle | Enabled (one power cycle for 3 failed attempts) | Disabled (failure counter is global, not tied to power cycle) |
| PIN entry presence check | Required touch on fingerprint sensor | Touch OR click side button |
Why We Made This Change?
There are two primary reasons behind these updates:
- Lock Cycle Caused User Confusion
The previous design required unplugging the device to reset failed attempts, which often confused users—especially when ports are hard to reach or poor finger placement caused unintentional lockouts.
- Glove Use and PIN-Only Scenarios
When no fingerprint is enrolled or gloves are worn (e.g., Lab, hospital…), touching the sensor does not respond. Adding side button click ensures smooth PIN entry without relying on fingerprint detection
New Feature: Click Side Button for PIN Entry
Use Case
This feature is designed for scenarios where:
-
Fingerprint enrollment is not configured.
-
Users may wear gloves that prevent the fingerprint sensor from detecting skin.
-
The device requires user presence confirmation (indicated by cyan blinking LED).
Behavior Overview
| Status | Meaning | Action |
| Cyan blinking light on ATKey.Pro | Waiting for user presence (Touch) | Either Touch sensor OR Click side button |
This feature ensures smooth user experience even in environments where finger (skin) touch is not feasible.