More than 80 per cent of all digital security leaks and attacks involve the use of stolen passwords. The password is a security vulnerability – so it makes perfect sense to use solutions that do without a password. Passwordless authentication, for instance, using FaceID or a fingerprint, not only increases security but user-friendliness as well. That’s because nobody wants to remember and type in long, complicated passwords. With passwordless authentication, users can log in conveniently and securely without a password.
After a user has identified themself – for example, by entering the username – (authentication), the next step is to authenticate the person. Biometric procedures such as FaceID or fingerprint are used to confirm that the person’s identity matches the data stored and the user is actually who they claim to be.
The use of a combination of several unique identification factors or biometric features not only streamlines the login procedure but also makes it secure. Firstly, users no longer have to remember a large number of passwords. Secondly, authentication factors cannot be reproduced – which makes them more secure than the most complex password.
And does this work? FIDO protocols have since established themselves as the gold-standard solution in this field. Put simply, FIDO protocols are based on key cryptography. When a user registers for a service, two keys are generated: one private key that remains exclusively on the user’s device, and one public key that is made available to the respective online service. From this moment on, the online service can authenticate the user’s identity by querying the private key instead of a password during the login process. Ultimately, the password process during authentication is replaced by a simple and quick scan of the user’s unique biometric characteristics – as it were, by a biometric password.
The Nevis Identity Cloud makes the login process quicker and even more convenient. Passwordless authentication functions without SMS-TAN – which means no costly transaction charges. Thanks to out-of-the-box integration for industrial standards such as Azure AD B2C, you can introduce new services in no time. Last but not least, you’ll boost customers’ loyalty to you and your services because passwordless and secure access saves them time and stress.
After completing the registration, the user can be authenticated by the system. For this purpose, they simply call up the relevant website and log in using the previously registered authenticator.
The service provider then sends the authenticator a challenge, which is signed with the user’s private key. Now, all that’s needed to complete the registration is to compare this assertion signature with the user’s public key to verify their identity.
Strong passwordless authentication, for instance, using FaceID or fingerprint is extremely secure and FIDO2-compliant thanks to cryptographic key pairings.
Reduce the incidence of fraud by up to 99 per cent and prevent the use of stolen login data to attack web applications.
Prevent identity theft and the reputational damage caused by data theft.
Support requests and password problems are eliminated. Your IT employees can focus on other more important tasks.
Expensive transaction charges for SMS-TAN are no more.
Customers expect user-friendliness and security. The login process must be quick, convenient and intuitive.
A seamless customer experience ensures a low cancellation rate during the login process.
Enhance the user experience with ease of operation and logins on mobile devices.
«With its certified FIDO implementation, Nevis guarantees compliance with the demanding security and interoperability requirements of the FIDO security standard.»