FB pixel

Passwordless authentication does not equate to biometrics in the workplace

Passwordless authentication does not equate to biometrics in the workplace
 

The enterprise IAM movement towards passwordless authentication does not appear to drive uptake of facial recognition in the workplace. Instead, organizations are harmonizing around a common set of methods and modalities.

In 2015 Microsoft announced that Windows 10 would feature an entirely new authentication framework called Hello which includes the ability to enable biometrics such as facial and fingerprint recognition as a native method of authenticating end users.  In the seven years since and the release of Windows 11, Microsoft says that more than 150 million people worldwide use biometrics to access work and there are over 1.4 Bn active Windows devices and PC globally. This represents about 11% of the entire Windows ecosystem.  While it is unknown the division between face and fingerprint, its largely believed that fingerprint is the leading biometric method in use.

In 2017 Apple announced that the iPhone X and iPad Pro would feature FaceID as the native method of authenticating users and a successor to TouchID their previous fingerprint authentication technology.  And while Apple doesn’t publish enterprise use data there are 1.8 Bn active Apple devices globally—its estimated that 50% use FaceID. In contrast, the new Mac line of laptops continue to feature TouchID and Apple executives have no plans to add facial recognition to their lines of personal and professional grade laptops.

It turns out that despite the potential of biometrics in workplace, the most widely used combination for passwordless and multi-factor authentication in the enterprise is leveraging a smartphone as the second authentication factor to enable access workplace applications.

The three common authentication methods are mobile authenticator apps (such as Microsoft Authenticator and Google Authenticator), push authentication (tap to approve/deny), and SMS-based one-time codes, which despite their vulnerabilities and weaknesses persist.  For higher security requirements and environments, the movement towards passwordless doesn’t appear to be towards facial recognition or fingerprint either, but rather by using hardware-based devices (such as Yubikey and SecurID) and hardware-based security tokens instead.

Although there are a variety of country-level policies and regulations limiting and/or restricting the use of facial recognition and other biometric technologies, its relatively minimal use within enterprises appears to be pragmatic.  Organizations are implementing a more universal, repeatable authentication journey based on what people are already doing at the time, such as touching and typing, inline with the user flow of that experience.

About the author

Carla Roncato is the Founder of Authora Research and Evangelist at the OpenID Foundation. Carla was previously the primary analyst at the Enterprise Strategy Group (ESG) covering identity and access management, data privacy, and zero trust security. She has been featured in Computer Weekly, SG Magazine, TechTarget, Wall Street Journal and a keynote speaker at Trend Micro CloudSec Conference and Open Banking Security Summit. Find Carla on Twitter and LinkedIn.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Sweden issues RFI for new ABIS, Moldova issues biometric hardware tender

Sweden is considering purchasing a new biometric system that will help the country collect fingerprints and facial images of asylum…

 

Email service Kivra acquires digital ID firm Truid

Nordic email service Kivra, which handles official communication between citizens, companies and government agencies, has taken a step towards developing…

 

Identity verification, fraud prevention benefit from boom in real-time payments

On a classic episode of The Simpsons, when Homer is shown a deep fryer that can “flash fry a buffalo…

 

Rise of digital wallets integrating payments and digital identities across Asia

Digital wallets have grown from innovation to an essential financial instrument, easily integrating into billions of people’s daily activities. By…

 

Facephi touts ‘exceptional results’ on RIVTD face liveness detection test

Facephi is celebrating an “outstanding score” in the Remote Identity Validation Technology Demonstration (RIVTD) Track 3 test for Face Liveness…

 

InverID expands certification package with ETSI 119 461 compliance

Inverid’s NFC-based identity verification product ReadID now complies with applicable requirements of the ETSI 119 461 standard for unattended remote…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events