FB pixel

Simplified logins with single sign-on authentication and federated identity verification

Simplified logins with single sign-on authentication and federated identity verification

As people create a myriad of accounts that require unique credentials for their online activities and have to navigate the workplace with repetitious layers of security, juggling log-in details becomes burdensome. With this problem in mind, single sign-on (SSO) and federated identity verification have found a ready audience from people who wish to condense all their log-in details under one user ID and password across related or unrelated systems and applications to streamline the process, and enterprises seeking reduced attack surfaces and efficiency improvements.

SSO covers the authentication of a person’s digital identity by centralizing multiple, yet related, log-ins and security checks for one domain with one set of credentials. SSO frees the user from having to recall many log-in and password details, which comes with the benefit of expediency, better security, fewer calls to the help desk and improved productivity. Examples of SSO are Google’s universal log-in that encompasses Gmail, YouTube, Google Play and Google Docs, or Microsoft’s Azure Active Directory.

Federated identity verification is the broad umbrella under which SSO lies under. This term refers to the creation of a trusted relationship between distinct organizations and institutions that facilitates a transfer of attributes about the user that allows them to sign on to unrelated systems without having to sign in again. A digital token, or a nugget of authentication information about the user, is shared across those groups and received by verification or delegation methods like OpenID, OAuth, Security Assertion Markup Language (SAML) and Windows Identity Foundation. Like SSO, federated identity verification simplifies log-ins with the same positives.

The two approaches can help reduce credential sprawl, password resets, and through the reduction of credential databases, enterprise liability.

Popular implementations familiar to many consumers include systems that invite users to ‘Sign in with Facebook.’

However, SSO and federated identity verification systems are still vulnerable to hacking attacks which would risk not just one account, but many. To further boost security, companies and governments integrate biometrics into SSO. By using the unique bodily features of the user, it can replace passwords and digital tokens that can be hacked or stolen from a password-based SSO system or become an additional security measure as a part of multi-factor authentication.

To help address these vulnerabilities, biometrics providers like BIO-key and Nomidio have integrated biometric authentication service with federated identity platforms like Azure Active Directory. Hospitals and healthcare providers look to biometrics integrated into SSO to eliminate repetitive levels of log-ins that caused delays in administration and medical service. The UK’s government funded a prototype of a biometric-based SSO to access public services.

Click here for more explainers on concepts in the field of biometrics.

Article Topics

 |   |   |   |   | 

Latest Biometrics News


As retailers turn to biometrics to reduce theft, costs of poor implementation loom

Demand for biometrics to reduce retail crime continues to rise, but the risk of flawed deployments of the technology are…


Socure announces faster biometric IDV, deepfake and synthetic identity fraud detection

Identity verification provider Socure has announced the launch of its next generation DocV, now including enhanced deepfake selfie biometrics detection…


Rights group criticize EU AI Act for inadequate protections against potential abuse

The EU’s AI Act is done, and no one is happy. Having been adopted by the European Parliament in March…


Kids Code bills prompt epic showdown between regulators, activists and big tech firms

The latest craze sweeping the United States – legislation to protect kids’ data and overall online safety – has its…


UK’s £54M welfare fraud case illustrates need for biometric identity verification

A team of fraudsters has been convicted for what was described as “the largest case of benefit fraud in England…


Intellicheck, OneID tout banks’ unique position to cut fraud as digital ID enablers

Banks could play a significantly larger role in protecting consumers, businesses and payment systems from fraud, Intellicheck CEO Bryan Lewis…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read From This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events