Canvas mobile app currently uses token-based authentication, and the issued tokens never expire. This creates a scenario where lost devices or unauthorised access to mobile devices installed with the Canvas mobile app continued to have access. The settings for mobile session expiration that CSM helps configure ameliorates the situation. However, a balance remains to be made between regularly prompting for login and ensuring smooth access to the Canvas platform.

The ability to have biometrics authentication when launching the mobile app will help add a layer of security to the app especially for users with privileged roles like Teachers, Administrators, etc and mitigate the possibility of unauthorised modifications being made via the mobile app.

admin,instructor,student,ta,designer,observer