How to enable biometric login on Kite (Touch ID, Face ID, fingerprint)
Biometric login on Kite uses your phone’s own fingerprint, Touch ID, or Face ID, registered in your operating-system settings, which Kite invokes as device lock at login. It is the second authentication factor for the Kite app, mandatory since 23 September 2022, and the biometric never leaves your phone: Zerodha does not store your fingerprint or face data, it asks the OS to confirm an unlock and receives only a pass or fail. If the scan fails, your phone’s PIN, pattern, or passcode is the fallback.
This guide covers enrolling a biometric in your phone settings, the one-time Enable now step that binds it to Kite, where the OS permission sits, the PIN fallback, the Android and iOS differences, and the fixes when the biometric prompt misbehaves. Setup takes under five minutes and is free.
Conflict-of-interest disclosure. This guide is published by the WebNotes Editorial Team for informational purposes and is written independently. WebNotes operates a Zerodha account-opening referral programme, disclosed on the pages that carry the referral link; this guide does not carry it and earns no referral commission from the procedure described here.
Step-by-step procedure
The numbered box at the top of this guide gives the sequence. The detail below expands the enrolment, the OS permission model, and the troubleshooting.
1. Register a biometric in your phone settings
Kite uses the biometric your phone already holds, so enrol it in the OS first. On Android, open Settings, tap Security & LockScreen, then Fingerprint or Face unlock, and enrol your print or face. The phone requires a backup pattern, PIN, or password alongside the biometric, for example Fingerprint + PIN; enter the PIN, verify it, tap Next, record the fingerprint on the sensor, and tap Done. On iOS, open Settings, then Touch ID and Passcode or Face ID and Passcode, and enrol your fingerprint or face with a passcode as backup. Zerodha points to Google’s support page for per-version Android steps and Apple’s guide for iOS.
2. Open Kite and log in
Launch Kite, enter your registered phone number or user ID, enter your password, tap Login, and enter the OTP received on SMS or email. If your number is registered against more than one account, use your user ID, since a multi-account number cannot log in.
3. Tap Enable now to bind device lock
On the Enable 2FA Security screen, tap Enable now. This one-time step ties your phone’s device lock, including the biometric you enrolled, to Kite as the second factor. There is no separate “fingerprint” toggle buried in a Kite settings menu that you must hunt for; the Enable now step at login is the binding action, and from then on Kite calls the OS biometric prompt automatically.
4. Authenticate with your fingerprint or face
When Kite invokes the device lock, present your fingerprint or look at the camera. The operating system performs the match locally and tells Kite only whether it passed. Kite never sees the fingerprint template or the face map. This is why Zerodha can truthfully say it does not store your biometric: the data is sealed inside the phone’s secure hardware, and the app only ever receives a yes or no.
5. Use the PIN fallback when the scan fails
Biometrics fail sometimes: a wet finger, a sensor smudge, a face in poor light. When the scan fails, the OS biometric prompt falls back to your phone’s PIN, pattern, or passcode. Enter that backup and the Kite login completes. The PIN sits behind the biometric as the guaranteed path in, which is why your phone forces you to set one when you enrol a fingerprint or face.
6. Fix a broken biometric prompt
If the biometric prompt does not appear, errors, or loops, the usual cause on Android is a stale web view. Update Android System WebView and your default browser, such as Google Chrome, from the Play Store, then retry the Kite login. If that does not fix it, re-enrol the biometric in phone settings and try again. Do not route Kite through a third-party app-locker tool, since Zerodha warns those can break the login. On iOS, re-enrolling Touch ID or Face ID and updating the app usually clears a stuck prompt.
Where the OS permission lives
The biometric belongs to the phone, not to Kite. You never grant Kite a permission to read your fingerprint, because Kite does not read it; it asks the OS to run its own biometric check. On Android this is the system BiometricPrompt; on iOS it is the LocalAuthentication framework behind Touch ID and Face ID. Kite’s permission is only to invoke that OS prompt, which is implicit once you enable device lock. So the place you control the biometric is the phone’s settings, where you can add or remove fingerprints and faces; removing them there removes them for Kite too, and Kite then falls back to the PIN or pattern you kept.
This separation is the security design. If an attacker has your password but not your unlocked phone, they cannot satisfy the biometric, and they cannot extract the biometric from Kite because Kite never held it. The same model underlies device lock on Kite generally; biometric login is simply device lock where the chosen unlock is a fingerprint or face rather than a PIN.
How biometric login fits the 2FA picture
Kite app login is a password plus a second factor. The second factor is either device lock (PIN, pattern, or biometric) or a TOTP from an authenticator app, both under the Kite app code framework. Biometric is the most frictionless of these, because the unlock you already do to open your phone doubles as the Kite second factor. SEBI mandated two-factor authentication for trading-app login, and Zerodha made device lock mandatory for the Kite app from 23 September 2022; the biometric is one accepted form of that mandatory device lock, alongside PIN and pattern.
Biometric also sidesteps a friction the TOTP route creates. With TOTP on the same phone, you switch to the authenticator app to copy a code, which can trigger Kite logging you out on app switch . A fingerprint or face check happens inside the Kite login prompt itself, with no app switch, so the session stays intact. For most single-phone traders, biometric device lock is the smoother choice. Compare the second-factor options in Kite app code: TOTP versus SMS OTP before deciding.
See also
- Kite by Zerodha
- Zerodha
- How to enable device lock on Kite
- How to set up TOTP at Zerodha
- How to disable TOTP at Zerodha
- How to recover a lost TOTP at Zerodha
- How to fix an invalid TOTP at Zerodha
- How to reset 2FA at Zerodha
- How to fix Kite logging out when switching apps
- How to recover your Kite PIN
- How to recover your Kite password
- How to remove a temporary OTP on Kite
- How to unblock a blocked Kite account
- How to reset the Zerodha support code (ZPin)
- Kite app code
- Kite app code: TOTP versus SMS OTP
- Why a risk disclosure appears on every Kite login
- Why Zerodha uses separate apps
- Zerodha cyber security
- How to secure your trading account
- Zerodha client password policy
- How to set up a Zerodha password
- Zerodha Console
- SEBI
External references
- Zerodha support: How can I enable the Fingerprint or Touch ID?
- Zerodha support: How to enable device lock on mobile?
- Zerodha bulletin: Mandatory device lock for Kite app login
- Zerodha Z-Connect: Two factor authentication (2FA)
- SEBI
References
- Zerodha support, How can I enable the Fingerprint or Touch ID? (as of 20 June 2026).
- Zerodha support, How to enable device lock on mobile? (device lock data remains on the device; as of 20 June 2026).
- Zerodha bulletin, Mandatory device lock for Kite app login, 22 September 2022 (effective 23 September 2022).
- SEBI, Cyber Security and Cyber Resilience framework for Stock Brokers and Depository Participants, circular dated 3 December 2018 (basis for two-factor authentication on trading-app login).
WebNotes Editorial Team prepares factual how-to guides based on publicly available regulatory documents and broker disclosures. WebNotes is not affiliated with Zerodha Broking Limited. Procedures are subject to change; verify current requirements at support.zerodha.com before acting.