FIDO Alliance survey shows biometrics as the preferred consumer log-in method
Biometrics are the preferred method of authentication for respondents from every country to a FIDO Alliance survey, but old-school passwords persist as the dominant form of authentication.
The Alliance conducted its third annual survey of 10,000 consumers in the U.S., U.K., France, Germany, Australia, Singapore, Japan, South Korea, India and China. The resulting report, FIDO’s 2023 Online Authentication Barometer, highlights some key findings.
The report found that password usage without two-factor authentication (2FA) remains dominant. However, when given the option, users want other authentication methods, with most preferring biometrics. A majority of consumers feel biometrics are more secure than legacy authentication methods.
Another key point mentioned was the frustration consumers have with old-school memorized passwords. This method is causing most people to abandon purchases and give up accessing services online because they can’t remember their passwords. The survey findings show this is 15 percent more likely than in 2022.
Awareness of other authentication methods, like passkeys, continues to grow, with nearly one-third now at least somewhat familiar with the concept.
The survey also reports that consumers feel less safe in the digital world. A majority of consumers perceive online scams and suspicious messages as becoming more frequent and sophisticated. The FIDO report states this is likely fueled by AI.
The report does not include recommendations beyond the data. However, it can be assumed that biometrics and passkeys will be increasingly adopted for authentication in the coming year.
New enterprise passwordless authentication tech from JumpCloud, Yubico, Intercede, Thales
Thales has unveiled the SafeNet IDPrime FIDO Bio Smart Card, a security key that enables strong multi-factor authentication (MFA) for the enterprise. This new contactless smart card lets users access enterprise devices, applications, and cloud services using fingerprint biometrics.
The SafeNet IDPrime FIDO Bio Smart Card facilitates end-user adoption of passwordless MFA, allowing users to easily enroll and authenticate using biometrics. Instead of using a password, users can access with a fingerprint with the on-card sensor. The smart cards also support contactless capabilities, which allow users to simply tap the card on any device supporting NFC. The smart card provides enterprise users with multiple benefits, including better speed, security, and convenience than traditional passwords, Thales says.
User biometrics are securely stored in the card’s chip and never leave the smart card, ensuring strong data privacy. This solution can be used for all digital resources supporting the FIDO2 standard, including Windows, Mac, Linux and more.
According to Danny de Vreeze, VP of identity and access management products at Thales, “The human factor continues to be a challenging pain point in the modern enterprise, with shifts to remote work and the cloud expanding many organizations’ attack surfaces. MFA adoption has been a common barrier to ensuring security, as many users find it cumbersome and choose to bypass it. The SafeNet IDPrime FIDO Bio Smart Card helps to solve this challenge, introducing a physical form factor to strengthen security while also providing a user experience that is both quick and seamless.”
JumpCloud Inc. has introduced a set of new features to its open directory platform. One of the new features, JumpCloud Go, is a hardware-protected and phishing-resistant passwordless login method that allows users easier access to web resources from managed devices.
JumpCloud Go is supported on MacOS and Windows and integrates with device biometric authenticators (Apple Touch ID or Windows Hello) to satisfy traditional password sign-in challenges. Users experience minimal interruptions with JumpCloud Go and are prompted for input only when required. This simpler and more secure login experience is designed to reduce cyberattack exposure while improving productivity.
Greg Armanini, vice president of product management at JumpCloud, states, “Rising security threats and tool sprawl from overly-complex identity, access, and device management stacks make it difficult for modern enterprises to deliver secure, frictionless access. With the new JumpCloud Go passwordless authentication, Android Enterprise Mobility Management (EMM) release, Dynamic Groups automation, and other new capabilities, JumpCloud makes it easy for IT teams and MSPs to deliver the safest online identity, the easiest login experience for users, and a simple, intuitive process for securely managing users and whatever IT resources they need.”
In a recent report by TechRadar Pro, Intercede announced the launch of their Enterprise Managed FIDO Authentication solution. The company’s MFA software will be used with Yubico’s YubiKeys to replace passwords, PKI and Windows Hello for Business.
Intercede believes that Enterprise Managed FIDO with YubiKeys will allow organizations to centralize all their logins. They hope its reach into a wide variety of public and private sectors means that FIDO authentication will now be more attainable for organizations everywhere.
Derek Hanson, VP of Yubico, has stated, “We’re pleased to partner with Intercede on its new solution to make the log-on process more secure and streamlined, authentication. With the cyber threat landscape continuing to evolve rapidly, solutions that benefit from the use of FIDO credentials are more critical than ever.”
According to Intercede CPO Allen Storey, “This new solution brings the benefits of secure and simple FIDO authentication to the enterprise, regardless as to whether the organization is using on-premises, desktop, cloud or different versions of Windows.”