ForgeRock supports biometrics with new passwordless solution as surveys show confusion remains
ForgeRock has launched a solution for replacing usernames and passwords with biometrics and other authentication factors that support WebAuthN and ForgeRock Intelligent Authentication technology.
The new ForgeRock Go enables users accessing a service or device to be recognized and authenticated with authenticators that support resident keys, such as Touch ID or Windows Hello biometrics, or pin-protected physical tokens like Yubico keys. Credentials remain on the device to reduce the risk of a data breach.
Getting rid of password entry avoids the risk associated with 51 percent of people using the same passwords for work and personal accounts, as reported by First Contact, and the inconvenience of 53 percent relying on their memory for password management. ForgeRock also notes that three quarters of shoppers on an ecommerce site will not complete their purchase if they must recover a password during checkout.
Personally-identifiable information was harvested in 98 percent of the breaches that exposed five billion consumer records in 2019, according to the ForgeRock Identity Breach Report.
“No one looks forward to entering usernames and passwords when shopping, banking or doing anything online,” states ForgeRock Chief Product Officer Peter Barker. “ForgeRock Go combines convenience with security to a whole new level. We extend our industry leadership in authentication by delivering much more secure and seamless login experiences for our global customers.”
Customer journeys with authentication not relying on usernames or passwords can be created in minutes, according to the announcement.
The ForgeRock Identity Platform 7.0 has also been launched with new cloud and AI capabilities. More than half of manual access approvals can be automated to reduce administrative tasks, and more than 150 features are introduced or updated to help organizations provide friction-free experiences, ForgeRock says in a separate announcement.
The benefits of going passwordless and implementing new identity tools may need to explained to some executives again, however.
The Americas edition of the 2020 Thales Access Management Index shows that 41 percent of executives in the U.S. and Brazil believe usernames and passwords are among the most effective access management tools, despite 94 percent saying data breaches in the past 12 months have been the largest influence over the security and access management policies at their organization.
More than half (58 percent) allow employees to use social media credentials to log on to corporate resources, and not only have 59 percent adopted smart single sign-on (SSO) technology, 86 percent plan to expand its use this year. Multi-factor authentication has been put in place by 95 percent, but only 15 percent use a dedicated multi-factor solution.
Among U.S. respondents, biometric authentication trails two-factor authentication (66 percent) and smart single sign-on (43 percent), with only 39 percent identifying it as a best tool for protecting cloud and web-based applications.
Even older adults are ready to move beyond passwords, as a new study from Hypr shows a majority of 54 percent of survey respondents 60 years old or more said they would prefer to use passwordless authentication to access their accounts via a mobile device. Some respondents also called password managers a “hassle” or “point of friction.”
Participants who prefer to continue using passwords acknowledged being motivated in part by a lack of understanding of passwordless technologies, with some people misunderstanding “passwordless” experiences as ones without authentication requirements.