FB pixel

New tools, Authenticate presentations coax hesitant businesses to adopt passkeys

New tools, Authenticate presentations coax hesitant businesses to adopt passkeys
 

The FIDO Alliance has launched a pair of tools at its Authenticate 2024 event online and in Carlsbad, California, Passkey Central and a secure credential exchange protocol, to help businesses move beyond passwords and embrace passkeys for phishing-resistant authentication.

This year, organizations started coming to the FIDO Alliance, unbidden, to report data on business benefits like lower costs and more successful sign-ins, Alliance CMO Megan Shamas said while introducing the conference.

The Alliance has published a working draft of the specifications for secure credential exchange. The draft Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF) are intended to enable the transfer of passkeys and other credentials between any platform that manages them. This, according to the announcement, will make it easier and more secure for users to change credential providers.

Other keynotes on the first day focused on encouraging the adoption of passkeys by end-users.

Passkey Central

CEO and ED Andrew Shikiar shared a utopian vision for passkey adoption in a keynote address, and backed it up with indications of the progress that has been made towards reaching it.

Passkeys can now be applied to 15 billion passkeys, Shikiar says, just two years after their launch. He described a day in the life of a passkey user, performing authentication without passwords for a dizzying array of use cases. Even as a preeminent FIDO optimist, he did not anticipate this kind of uptake when passkeys launched.

Accumulated time and cost savings, higher revenues and lower fraud risk can all be achieved through easier access, Shikiar argues, citing presentations to come at Authenticate 2024.

Anthony Kemp of Air New Zealand described his organization’s journey to a fully-passwordless authentication system, relying on passkeys with OTPs as a fallback.

Shikiar described FIDO’s work on standards as “an effort of collective commoditization,” and says that “our ecosystem is where the value of open standards really starts to shine.”

Passkeys are being implemented for payments by both Visa and Mastercard, for smart home devices like TVs and refrigerators by Samsung, and the Alliance will lean into the growing interest in automotive implementations in 2025, Shikiar says.

He also emphasized the influence of FIDO’s certification program for biometric components.

Despite this, there is a long tail of adoption, largely made up of smaller service providers, that must be addressed to reach the promised “passkey utopia.”

Enabling them is the purpose of Passkey Central, an online resource hub of authoritative guidance for adopting passkeys at scale.

The website presents documentations to help organizations identify their needs by understanding the cost and benefits of passkey support, offers rollout guides and design guidelines, and shares a selection of resources and tools.

Costs and benefits

With FIDO working to ease implementation through its Passkey Central resource, making a dollars-and-cents argument may be the last remaining piece for convincing organizations to adopt passkeys.

The business case for passkeys, based on return on investment and a cost-benefit analysis of going passwordless, was presented by Softvision Info Solutions Head of Product Rohit Nayak.

He starts with an estimate by Forrester of time spent on resetting passwords, and by extension productivity loss. For an organization with 5,000 employees, IT help desk staffing costs just for those resets could amount to around $1.5 million a year. He shares an online calculator for the cost of passwords, which helps add other associated costs, like for MFA maintenance, and arrives closer to $3.5 million per year.

For passwordless implementation, hardware, software, management and replacement of tokens, training and setup costs could amount to $420,000, Nayak says.

He proceeds to compare building and buying a passwordless authentication system.  Building a system means setting up identity governance, access management and directories, while buying one incurs cost not just in payments to the vendor, but also from staff.

Vendors will naturally promise cost savings, but completing a full calculation is necessary to get a clear view of which would be less costly for your particular organizations, Nayak argues. For large enterprises, that may include foregoing the tax benefit of depreciating hardware, for instance.

Related Posts

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

Deepfake ecosystem develops around apps, services as detection fights to keep pace

Deepfakes are the topic du jour in the biometrics and identity verification industries, which are increasingly involved in the global…

 

Surveillance tech firm Auror raises NZ$82M for global expansion

New Zealand crime intelligence platform Auror has raised NZ$82 million (roughly US$48.7 million) that will be used to fund its…

 

Airport biometrics integrations bring together sector’s leaders, new players

SITA has concluded an integration of newly-acquired IPS, just as its airport biometric scanners roll out in Thailand. Details are…

 

Stricter retail age verification on the agenda as UK fails to curb underage vaping

A survey of vape users in Northern Ireland is causing alarm in the UK, with some observers warning that a…

 

Facial recognition deployments must factor in risk v. reward: report

Some deployments of facial recognition technology are more publicly acceptable than others. This, according to a new article published in…

 

Mastercard brings passkeys for ecommerce payments to UAE

Mastercard will roll out its passkey-enabled Click to Pay ecommerce feature in the United Arab Emirates through a partnership with…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events