Unveiled at RSA Conference 2026, the TokenCore Node brings cryptographic biometric identity assurance to air-gapped and classified environments – where no credential-based solution can follow.
SAN FRANCISCO–(BUSINESS WIRE)–#Biometrics–Token, the biometric identity assurance company, today announced the TokenCore Node at RSA Conference 2026 – a compact biometric authenticator designed for organizations that require local cryptographic processing, zero cloud dependency, and support for air-gapped environments.
Founded in 2014 and backed by Grand Oaks Capital, Token has spent over a decade building identity infrastructure for government and enterprise organizations operating in high-security environments.
Credential compromise remains the leading cause of enterprise breaches – and the rise of agentic AI is accelerating the problem. For defense contractors, critical infrastructure operators, and highly regulated institutions, the risk is even greater: their most sensitive systems cannot depend on cloud-based authentication. The shift to biometric identity assurance is already underway, because credential-based authentication can no longer adequately protect the systems that matter most.
“AI isn’t creating new weaknesses – it’s exposing the ones we’ve always had,” said Kevin Surace, Chief Executive Officer of Token. “The TokenCore Node brings easy-to-use cryptographic biometric identity assurance into air-gapped and classified environments for the first time. Organizations should not have to choose between the strongest authentication available and the constraints of their most critical systems. The shift is already underway, and the organizations moving now will be the ones best protected.”
Surace holds 95 worldwide patents and has been named Inc. Magazine’s Entrepreneur of the Year, a CNBC Top Innovator of the Decade, and a World Economic Forum Tech Pioneer.
The TokenCore Node measures 31mm in diameter and 7.3mm thin and weighs only 13 grams, with a ceramic top cover, integrated fingerprint sensor, battery and LED status indicators. It connects via encrypted Bluetooth low energy and is designed for everyday carry-in badge holders, retractable reels, back-of-phone and keychain accessories. It is dust- and water-resistant. The Node is a testament to Token’s commitment to launching market defining technology with leading-edge biometric identity assurance.
Unlike traditional MFA, which layers additional factors onto credential-based systems, TokenCore binds access directly to a verified, physically present individual through on-device biometric authentication enforced by secure hardware. Fingerprints never leave the device. Cryptographic keys are generated and stored on-device and are never exported – eliminating credentials that can be phished, stolen, or replayed. And the user must be within 3 feet of the device logging in. No remote activation is possible.
With the addition of the TokenCore Node, Token’s product line now includes:
— TokenCore Wearable: Ring form factor. Wireless biometric authentication for privileged users, executives, and remote teams requiring fast, frictionless access across multiple workstations.
— TokenCore Portable: Wireless “stick” form factor with integrated fingerprint sensor, Bluetooth, and NFC. Biometric assurance in a portable format for environments where wearing a ring is not desired or operationally practical.
— TokenCore Node: Small disc form factor with ceramic construction and secure local wireless. Designed for lanyard, badge holder, and keychain carry in any environment including air-gapped, high-security, and mobile environments.
— TokenCore Control: SaaS solution manages 1000’s of Token devices in all form factors across the enterprise or agency and can be installed securely on-prem.
The TokenCore product line integrates with existing IAM, SSO, and PAM infrastructure. It does not replace the identity stack; it completes it.
“Identity has become the single point of failure in modern security – and leaders know it,” said Katy Nelson, Chief Revenue Officer of Token. “Boards aren’t asking for more tools. They’re asking can you prove who took the action – and could you have prevented it? In just the past two years, MFA and authenticator apps have been compromised more than 100,000 known times. It is no longer a fringe problem. It is an epidemic. TokenCore Node answers that with cryptographic proof of user presence, local key control, and biometric assurance that cannot be forwarded, phished, or replayed. The question is no longer whether organizations will move to biometric identity assurance, but how quickly they can get there.”
“TokenCore doesn’t make stolen credentials harder to use – it makes them useless,” added Surace. “Authentication requires a live fingerprint and physical presence. There is no credential to steal, and no attack path to replay.”
Token is backed by Grand Oaks Capital, the private equity and venture firm founded by Paychex founder and philanthropist B. Thomas Golisano. With the TokenCore Node, Token now extends biometric identity assurance across mainstream enterprise, mobile, high-security, and air-gapped use cases, giving organizations a clear path to standardize on a stronger identity model. The TokenCore Node will be available for government and enterprise customers in July 2026. To schedule a meeting or request a demo, visit TokenCore.com.
About Token
Token is biometric identity assurance for organizations that cannot afford to get identity wrong. Founded in 2014 and backed by Grand Oaks Capital, Token combines wireless biometrics, cryptographic authentication, and physical proximity to make human identity non-transferable and provable. TokenCore integrates with and strengthens the IAM, SSO, and PAM tools organizations already rely on. Learn more at TokenCore.com.
Contacts
Media Contact
Dan Chmielewski
Madison Alexander PR (for Token)
714-832-8716
949-231-2965
[email protected]
@TecFlack
@MadAlexPR
