New SAML solution extends BIO-key biometric authentication to cloud and IAM applications
BIO-key has announced the launch of a new service enabling enterprises to easily secure access to their business applications with biometric authentication through the SAML protocol.
The SAML protocol allows applications to share a common authentication service, so organizations can use BIO-key’s ID Director for SAML for easy, cost-effective integration of fingerprint authentication, either in an on-premise or hosted environment, for cloud applications and Identity and Access Management (IAM) platforms, according to the announcement.
Customers have traditionally bought BIO-key software as a toolkit, to be built into applications, but the launch of ID Director for SAML to general availability makes biometrics available in a more flexible, modern way, BIO-key Senior VP of Strategy and Compliance Jim Sullivan told Biometric Update in an interview.
“Now everyone’s kind of past that point of wanting to build things in and modify an application,” he explains.
The company’s ID Director for Windows enables businesses to centralize biometric authentication through Active Directory. The Singapore Police Force recently deployed BIO-key’s ID Director for Windows, along with the company’s fingerprint scanners, to secure online access to critical information.
With ID Director for SAML, biometric authentication services can be extended to businesses’ existing SaaS applications like Salesforce, SAP, GoToMeeting, Google G Suite, and AWS, with a process that takes only 10 or 15 minutes for an experienced administrator, Sullivan says. BIO-key also supports dozens of fingerprint sensors in addition to its own, which means ID Director for SAML can be used to extend existing biometric investments to work with additional applications, as well as to upgrade access security with strong authentication.
“As a company moves to the hybrid model first with on-prem and the cloud to then ultimately having an all-cloud solution, they don’t have to rebuild their chains for authentication services. They’re always able to reach the services,” Sullivan says. “Secure, elegant, and seamless authentication that meets all the compliance levels but which end-users love.”
BIO-key’s main customer groups in the past have been those with constant need to authenticate at different workstations, such as doctors and retail staff, but as more organizations require stronger authentication, some are turning to device-based solutions, including using the employee’s mobile device as a token. Downsides to device-based authentication, however, include the need to always have it present, a reliance on the user having not enrolled anyone else on their device, and emerging labor law challenges suggesting that employers must pay for employee’s data plans if they are being used as a work requirement, according to Sullivan.
“That’s driving our customers that are aware of it to want that biometric experience. So they want to put a fingerprint reader at every desk in the call center, or put a fingerprint sensor on their kiosks, but they’re using a third party application or an application that has not been modified to understand biometrics. Our question will now be: does it support SAML? And the answer is almost universally yes.”
BIO-key is currently working with a major integrator partner, and its ID Director for SAML can be dropped into a broader identity provider solution to add fingerprint biometrics to an existing authentication workflow.
“Now it’s very quick to turn an application with what we might call ‘old-school’ authentication into something that’s using the latest biometric ease of use and strong authentication combined,” says Sullivan.
An OpenID solution will likely be the next software product developed by BIO-key, Sullivan says, to extend fingerprint authentication to consumer identification scenarios.
Microsoft will demonstrate BIO-key fingerprint scanners in its Windows Hello for Business demonstration area at RSA Conference 2019 this week in San Francisco.