SecureAuth launches mobile SDK for developing passwordless authentication apps
SecureAuth has launched a new mobile software development kit (SDK) to enable the creation of iOS or Android apps featuring an embedded mobile authenticator for multi-factor authentication (MFA).
The applications built using the SDK will allow customers to use their mobile devices as an authenticator to confirm passwordless browser access from other web devices.
Dubbed Invisible 2-FA, the new digital ID solution aims to support increased data security and protection of customer data and personally identifiable information (PII).
The announcement of the new SDK fits into SecureAuth’s wider strategy of expanding its presence in the world of cloud-hosted consumer identity and access management (CIAM).
To this end, the company has also recently partnered with PathCare, a healthcare provider based in South Africa, and ADT, a home security company headquartered in Florida.
According to a blog post on SecureAuth’s website, the firm believes that embedded authenticators are the future of mobile security and MFA, mainly due to their improvement of customer experience.
“Users perform the enrollment following the usual setup steps for your mobile app,” explained Dusan Vitek, Director of Product Marketing SecureAuth in the post.
“From that moment on, [they] will get push notifications. There is just a tap to accept, the user will not have to read or type any one-time security codes. For your customer, it will all feel like a consistent brand experience.”
In fact, according to Vitek, “the ideal customer login experience is that the login is invisible,” and two-factor passwordless push authentication gets as close to this as possible.
From a technical standpoint, the SecureAuth Mobile SDK uses the OAuth 2.0 authentication protocol, as well as the company’s new cloud Mobile Service.
“The service authenticates the mobile device, provides a token for that device with an expiry date, and based on the token the app will get access to whatever service or resource they are authorized to use within the SecureAuth cloud IAM platform,” Vitek said.
The repositories for the SecureAuth Mobile SDK can be found on GitHub. The Android version of the SDK is based on the Kotlin programming language, while the iOS one uses Swift and is built with Xcode 12.0.