Tag Archive for: Passwordless
Transmit Security Introduces Fully Passwordless Authentication Solution
Transmit Security is looking to accelerate the end of passwords with the release of a completely passwordless security solution. BindID offers support for face and fingerprint recognition, taking advantage of the sensors and cameras that come embedded in modern IoT devices.
Unlike other solutions, BindID does not require the use of a dedicated app. Instead, organizations can integrate BindID into their existing infrastructure through the use of open standards and APIs, allowing customers to authenticate themselves and gain access to personal accounts and corporate materials with secure device biometrics.
The solution is compatible with virtually any connected device, and can also be used to protect channels and devices that do not have their own biometric scanners. In those cases, customers can use the biometric authentication features on their own mobile devices to verify their identities. As a result, BindID can be used to secure call centers and web channels in addition to individual devices and workstations.
Transmit is hoping that BindID will motivate companies to drop passwords as an authentication option, noting that most access control solutions still allow users to sign in with passwords should they choose to do so. BindID is intended as a full replacement, to the point that organizations would be able to delete all of the passwords in their database, and eliminate the security threat that they represent, once they decide to implement it.
Transmit went on to argue that businesses that adopt BindID will generate more revenue and garner more goodwill with a better customer experience. In that regard, the company cited a recent FIDO Alliance survey that found that roughly 60 percent of consumers have abandoned an online purchase as a direct result of the hassle associated with passwords.
“BindID marks the end of the password era,” explained Transmit Co-Founder and CEO Mickey Boodaei. “Users can authenticate through their mobile or any biometrics-enabled device without the need for an authentication app.”
BindID arrives several years after the 2017 debut of the Transmit Security Platform, which was Transmit’s previous mobile authentication offering. Trasmit is one of the…
Yubico Facilitates Switch to Passwordless Security with WebAuthn Starter Kit
Yubico has released a brief explainer for developers that are interested in its Yubico WebAuthn Starter Kit. The Kit is now available in early access, and is designed to make the transition to a passwordless authentication environment as smooth as possible.
To that end, the Starter Kit comes with documentation that explains the logic behind WebAuthn, as well as ready-to-run code that can be immediately deployed to enable the use of YubiKeys on any Amazon Web Services (AWS) account. The goal is to provide developers with practical step-by-step instructions for the actual implementation, while making sure that they understand why they are taking each of those steps.
In doing so, Yubico is hoping to eliminate the most common pain points for organizations looking to migrate to a passwordless authentication environment. The Starter Kit uses a dynamic, identity-based flow that will automatically direct users to the strongest authentication option available on their device or browser, whether it is device biometrics or a security key like a YubiKey. The environment itself is designed to mimic the password-based flows that developers are already familiar with, and will still support the use of passwords for those who cannot or are not ready to make the switch.
The Starter Kit can be used with a free AWS account, and is based on the AWS Serverless Application Model. To give customers a better sense of what they can do, the Kit comes with a sample web client in addition to the AWS-hosted server needed to run the solution.
According to Yubico, the Kit will give architects the theoretical background they need to design high-level systems, while simultaneously giving user-facing developers the tools they need to deploy new authentication options and enable key features like account recovery. It also shows backend developers how to manage large numbers of user credentials.
Yubico is trying to encourage the adoption of WebAuthn as a new global security standard. The company recently proposed a new WebAuthn protocol that will make it easier to create backup security keys, while AWS brought native WebAuthn support to its Single Sign-On solution.