Passkeys see continued pickup by major tech names including Microsoft, Amazon

The long, slow death of the password continues, as major firms standardize stronger authentication measures to become more cyber-resilient and resistant to fraud attacks. Passkeys are an emergent option, providing phishing-resistant authentication with the help of biometrics.

A recent post from Yubico notes the astonishing number of phishing attacks (one every second) and digs into recent data from Microsoft Entra revealing a “staggering increase in attempted attacks, with password-based attacks targeting Microsoft cloud identities occurring at a rate of 4,000 per second.”

Microsoft implemented mandatory multi-factor authentication (MFA) for all Azure sign-ins, which Yubico calls “a significant step towards enhancing security across its platforms.” The post also notes Yubico’s ongoing partnership with Microsoft in making the YubiKey hardware security key compatible with Microsoft Entra ID and other Microsoft, positioning YubiKey as “an ideal solution for organizations looking to enhance their security posture in line with Microsoft’s guidelines,” and make their operations phishing-resistant.

Among the YubiKey’s advantages, Yubico says its public key cryptography specifically registered at a website or service makes “virtually impossible for attackers to intercept or redirect authentication attempts.” YubiKey is easy to use and compatible across a wide range of devices and platforms including Windows, macOS, Linux, iOS and Android. And it supports multiple authentication protocols, such as FIDO2, U2F, OTP and Smart Card.

Finally, it’s tough, with “robust construction” to ensure it functions in challenging environments.

Passkeys come to Amazon Cognito for incognito authentication

Amazon Cognito has announced support for passwordless authentication, including sign-in with passkeys, email, and text message, for low-friction and secure logins in the AWS GovCloud (U.S.) Regions, according to a release.

The release notes that, if users choose to use passkeys to log in, “they can do so using a built-in authenticator, such as Touch ID on Apple MacBooks and Windows Hello facial recognition on PCs.”

Passwordless authentication is offered as part of the Cognito Essentials tier and can be used in all AWS Regions where Amazon Cognito is available.

Key9 comes out of hiding to reveal zero-trust authentication platform

Key9, a Jacksonville, Florida-based identity and access management (IAM) firm, has been operating in “stealth mode” since September 2023, but has ripped off the cloak to announce the official launch of its passwordless authentication platform, which a release says leverages public key cryptography and open standards such as SAML2, OpenID and passkeys.“Passwords are a thing of the past,” said Champ Clark III, CEO of Key9 Identity. “Unlike our competitors, we began with a zero-trust model. With the launch of our platform, we’re empowering businesses to protect their digital assets and users without compromising convenience or security. This is the future of authentication.”

Key9 offers passkey authentication through biometrics, hardware tokens, and other frictionless methods; zero-trust architecture to protect against phishing and credential stuffing; compatibility with leading cloud-based applications and enterprise systems; and a user-centric design.

Key9’s platform is now available as a free trial that invites IT professionals, security experts and the identity community to test the solution and provide feedback.

AuthenTrend security keys integrate with KDDI Digital Security

Taiwan-based biometrics provider AuthenTrend has announced a new partnership with KDDI Digital Security Corporation (KDSec). A release says the collaboration will see integration between KDSec’s passwordless authentication product “Pasutori” and AuthenTrend’s ATKey.Pro and ATKey.CardNFC security keys, to further enhanced FIDO2 authentication.

Previously, “Pasutori” users relied solely on smartphone applications as authentication devices. With this integration, businesses and individual users can now adopt FIDO2 authentication more easily and securely, significantly enhancing cybersecurity. The ATKey.Pro and ATKey.CardNFC security keys leverage fingerprint recognition and NFC technology, delivering a next-generation authentication experience that combines robust security with user convenience.

A quote from AuthenTrend’s CEO says the company is “confident that this partnership will accelerate the adoption of passwordless authentication in Japan. The integration of KDSec’s ‘Pasutori’ with our ATKey series will provide enterprises and individual users with a highly secure yet user-friendly authentication solution.”

Biometrics for AuthenTrend were to be supplied by Norwegian fingerprint biometrics provider Idex Biometrics. It is unclear whether the shakeup at Idex will have any impact on the partnership.

Regardless, AuthenTrend and KDSec say they will continue working together to advance FIDO2 authentication technology, in pursuit of AuthenTrend’s slogan: “NO MORE PASSWORDS, NO MORE PIN CODES!!”

VicRoads driving out passwords with passkey rollout

In Australia, VicRoads has rolled out biometric passkeys as an option for accessing myVicRoads accounts. A notice says that passkeys eliminate the need for a password and provide more security for VicRoads customers by reducing the risk of phishing attacks.

VicRoads joins Telstra, myGov and UBank as one of the first organisations in Australia to adopt passkeys.

“The introduction of passkeys is a demonstration of our commitment to our 4.8 million myVicRoads customers, and the experience they have when interacting with our services,” says  VicRoads Chief Technology Officer Crispin Blackall. “Our introductory pilot program has resulted in the creation of over 200,000 passkeys, with adoption on latest smart phones, tablets and computers that support passkey technology exceeding 50 percent.”

Andrew Shikiar, CEO and Executive Director of FIDO Alliance, has noted that “customers are quickly realizing the benefits of passkeys.”

Article Topics

Amazon  |  biometric authentication  |  biometric security key  |  biometrics  |  FIDO Alliance  |  FIDO2  |  Key9  |  Microsoft  |  passkeys  |  passwordless authentication  |  Yubico