This article clarifies which data Okta Verify tracks from the device that initiates a push notification and the mobile device that receives it. It also details whether the devices require placement in the same network zone to successfully authenticate.

• Okta Verify
• Multi-Factor Authentication (MFA)
• Devices
• Okta Classic Engine
• Okta Identity Engine (OIE)

Okta Verify tracks specific data from both the initiating and receiving devices.

Initiating Device

• Standard logins track the IP address, browser type, Operating System (OS), and timestamp.
• Managed devices using the Okta Verify desktop application track the OS version, disk encryption status, firewall status, and corporate management status.

Receiving Device

• Security posture checks track the OS version, device model, root or jailbreak status, and active screen lock presence.
• Network tracking determines the general location using the IP address of the active connection.
• Identifiers track the Unique Device Identifier (ID) and push token.
• Okta Verify does not track precise Global Positioning System (GPS) coordinates, personal files, text messages, or browsing history.

Location and Zone Requirements

• Devices do not require placement on the same network or in the same geographic location to authenticate.
• Okta analyzes the IPs of both devices to enforce security policies. Security settings flag anomalies, require a secondary challenge, or block the authentication entirely.