FortiToken Mobile (FTM) is an OATH compliant, event-based and time-based One Time Password (OTP) generator application for the mobile device. It is the client component of Fortinet’s highly secure, simple to use and administer, and extremely cost-effective solution for meeting your strong authentication needs. You can deploy FTM tokens using FortiOS, FortiAuthenticator or FortiToken Cloud (2FA-as-a-Service) as the back-end validation server for FTM tokens. Push notifications for approving or denying login attempts are available. FTM also supports third-party tokens for most popular web sites.

Privacy and Control:

FortiToken Mobile cannot change settings on your phone, take pictures or video, record or transmit audio, nor can it read or send emails. Further, it cannot see your browser history, and it requires your permission to send you notifications or to change any settings. And, FortiToken Mobile cannot remotely wipe your phone. Any visibility FortiToken Mobile requires is to verify your OS version to determine app version compatibility. While FortiToken Mobile cannot change any settings without your permission, the following permissions are relevant to FortiToken Mobile operations:
• Access to camera for scanning QR codes for easy token activation
• TouchID/FaceID: used for app security, respectively.
• Access to the Internet for communication to activate tokens and receive push notifications
• "Send Feedback by Email", to automatically populate the "Sender" field
• Internally share files between applications to prepare an attachment to be sent by email for "Send Feedback by Email"
• FortiToken must keep the phone awake while it is upgrading the internal database to avoid data corruption.

Supported Android Versions: 4.4 to 10.0.