Back

Token Launches Biometric Identity Protection for Salesforce Amid Rising Cyber Threats

Severity: Medium (Score: 59.1)

Sources: Au.Finance.Yahoo, Morningstar

Published: 2026-06-09 · Updated: 2026-06-09

Keywords: salesforce, biometric, identity, tokencore, token, announces, leading

Severity indicators: rce, ot

Summary

Token has introduced its TokenCore Wearable and TokenCore Portable products to enhance identity protection for Salesforce users. This initiative responds to increasing risks from AI-driven phishing, credential theft, and account takeovers. Salesforce has mandated stronger security measures, including phishing-resistant multi-factor authentication (MFA) for privileged users. Token's solution combines biometric identity verification with FIDO2 and WebAuthn protocols, ensuring that access is granted only when the authorized user is physically present and verified. The products aim to protect sensitive Salesforce data, especially for administrators whose compromised accounts could lead to significant data breaches. Token's CEO emphasized the inadequacy of legacy MFA methods in the current threat landscape. The launch is timely as Salesforce users face escalating cyber threats. Key Points: • Token introduces biometric identity protection for Salesforce users amid rising cyber threats. • Salesforce has implemented stronger security requirements, including phishing-resistant MFA. • Token's products utilize FIDO2 and WebAuthn protocols for secure authentication.

Detailed Analysis

**Impact** Salesforce customers, partners, and administrators worldwide are affected by rising cyber threats targeting privileged access to Salesforce environments. Compromised Salesforce admin accounts risk exposure of sensitive business data including customer records, donor information, sales pipelines, financial history, case notes, workflows, integrations, and system permissions. The new security requirements specifically target privileged users, increasing the operational impact on organizations relying on Salesforce for critical business functions. **Technical Details** The threat landscape includes AI-driven phishing, vishing, social engineering, credential theft, and account takeover attacks. Salesforce has mandated phishing resistant MFA for privileged users, which Token addresses by combining biometric identity verification with hardware-bound FIDO2 and WebAuthn protocols. Authentication requires a registered Token device, the user’s fingerprint, and a cryptographic challenge bound to the legitimate Salesforce login origin. No specific malware, CVEs, or IOCs are mentioned in the articles. **Recommended Response** Organizations should deploy phishing resistant MFA solutions that incorporate biometric verification and hardware-bound authentication, such as TokenCore Wearable or Portable devices, to meet Salesforce’s new security requirements. Prioritize replacing legacy MFA methods like SMS codes, push approvals, and shared passwords with FIDO2/WebAuthn-based biometric authentication. Monitor for unauthorized access attempts and ensure privileged user accounts require biometric proof before granting Salesforce access. No patching or specific detection signatures are provided in the sources.

Source articles (2)

  • Token Announces Leading Biometric Assured Identity Protection for Salesforce Access — Au.Finance.Yahoo · 2026-06-09
    TokenCore Wearable and TokenCore Portable allow Salesforce customers to exceed new phishing resistant MFA requirements with hardware bound biometric identity ROCHESTER, N.Y., June 09, 2026 --( BUSINES…
  • Token Announces Leading Biometric Assured Identity Protection for Salesforce Access — Morningstar · 2026-06-09
    Token Announces Leading Biometric Assured Identity Protection for Salesforce Access TokenCore Wearable and TokenCore Portable allow Salesforce customers to exceed new phishing resistant MFA requiremen…

Timeline

  • 2026-06-09 — Token announces biometric identity protection for Salesforce: Token launched TokenCore Wearable and Portable products to enhance security for Salesforce users against phishing and credential theft.
  • 2026-06-09 — Salesforce updates security requirements: Salesforce mandated phishing-resistant MFA for privileged users to combat increasing cyber threats.

Related entities

  • Phishing (Attack Type)
  • businesswire.com (Domain)
  • madisonalexanderpr.com (Domain)
  • [email protected] (Email)
  • T1566 - Phishing (Mitre Attack)
  • Fido2 (Platform)
  • WebAuthn (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed