Okta launches passwordless technology to bring biometric security to enterprise access control
Contextual device signals power the new FastPass, which is delivered through the Okta Verify application. Enterprise IT provisions Okta Verify and users download it to managed or unmanaged devices, and a persistent session is established when the user registers an Okta account. Users are then not prompted for passwords when accessing any application managed by Okta through a browser, desktop or mobile application.
Okta Vice President of Product Marketing Joe Diamond told Biometric Update in an email interview that the Okta Devices Platform Service “embeds Okta on every device through tight integration with iOS, Android, MacOS and Windows.” A number of the platform’s services then power FastPass through the Okta Verify mobile app.
“This enables Okta Identity Cloud to bind identity with devices, and furthers our ability to collect and evaluate device and endpoint security posture,” Diamond explains. “We can now weigh whether the device is Managed, Known and Secured as a part of every authentication request. This drastically improves security while concurrently reducing end user friction. It’s the first truly passwordless login experience across devices, applications and operating systems.”
Okta’s Passwordless Future Report showed that 37 percent of employees cannot access critical information for their job when they forget their password, and the identity verification method continues to cost hours in lost productivity and cause massive security breaches, according to the announcement.
Diamond notes that this has motivated the company to work on passwordless experiences for a while, and that with Okta customers using hundreds of applications across multiple platforms and operating systems, a unified tool is necessary.
“Advancements in biometrics made FastPass possible, as well as Okta’s ability to integrate with all types of devices and operating systems,” he says.
“IT teams are tasked with operating vast technology ecosystems made up of a diverse set of applications, operating systems, and devices, all focused on providing choice and flexibility to their workforces,” comments Okta Chief Product Officer Diya Jolly in a press release. “Going passwordless not only makes employees happy, but it can make them more secure by relying on stronger factors like biometrics. Okta FastPass eliminates the need for a password regardless of an employee’s device choice, and highlights how Okta’s independent identity platform can deliver a truly differentiated experience for our customers. This is made possible through a significant upgrade to the Okta Identity Cloud, marrying user identity to device identity for the first time, and opening the door for incredible usability and security possibilities.”
Enterprises have been looking for a true end-to-end passwordless authentication method for years, Diamond says, but legacy approaches were not pragmatic for broad deployments, and BYOD practices led to security controls being bypassed.
“With the evolution of biometric technology, paired with FastPass’s integration across every platform, it’s easier than ever before to implement a passwordless approach for every use case. FastPass also supports unmanaged devices, which makes it simple to support hybrid managed and BYOD device fleets which are typical across most enterprises,” Diamond points out.
The company says the key benefits of FastPass are always-on productivity, the ability to set consistent policies and experiences across all major platforms, and enhanced security. Admins have the option to create fine-grained policies with Okta Device Trust, Endpoint Security Integrations, and other adaptive policies. The capability also provides a reduced dependency on on-premise LDAP directories in favor of Universal Directory, giving administrators greater choice of Enterprise Mobility Management provider.
“We hope Okta FastPass signals how important the work is of those in the biometrics and digital ID industry,” Diamond says, when asked the what the launch of FastPass means for the biometrics industry. “With the heightened security concerns of today’s world, we expect to see a larger number of enterprises adopt biometrics for secure authentication. For us, the launch of Okta FastPass means end users can now benefit from a truly passwordless experience while IT maintains consistent device policies while embracing both managed and BYOD. This is the way we believe security should be.”
Okta Platform Services, a suite of six core technologies, has also been launched to the Okta Identity Cloud.
Onfido partners to provide facial biometrics for Okta customers
Digital Registration, Identity Verification and Authentication offerings from Onfido have been integrated with Okta’s identity platform to simplify customer journeys while providing high levels of authentication fraud protection, according to another announcement from Oktane20 Live.
Okta customers can use Onfido’s technology with two-factor authentication and device authorization, to tie a user to a real physical identity with government ID and facial biometrics. Onfido says its technology can onboard users in seconds with 98.7 percent of fraud detected. The integration also provides facial recognition-based account recovery, or resetting of passwords or two-factor methods.
The companies’ technologies are integrated through their APIs. The Onfido SDK allows organizations to build workflows to create validated IDs, and then tell Okta to provision, reset, or unlock the account, or take other actions.
“Identity verification has become a core requirement in most consumer projects,” says Onfido VP of Technology Partnerships Stephen Lee. “The combination of Okta and Onfido brings together a complete offering across consumer registration, verification and authentication to help secure the consumer on-boarding experience.”
Okta also announced partnerships with VMWare, Carbon Black, Crowdstrike and Tanium at the event.