Home Resources Blog The good, the good-old and the biometric: 5 Passwordless options compared
Identity & Access Management (IAM)
Passwordless Authentication

The good, the good-old and the biometric: 5 Passwordless options compared

Dror Arie, Head of Engineering @ GlobalDots
25.08.2021
image 6 Min read

Passwords are obsolete.

Memorizing long and complicated passwords has been holding back businesses for over 50 years, while cyberattacks are evolving every day. ¹ In fact, Google has registered over 2 million phishing sites as of January 2021. The figure is up from 1.7 million in January 2020, a 27% increase year on year. ² On top of that, the latest Verizon 2021 Data Breach Investigations Report states that 61% of breaches utilize compromised credentials.

Now, with remote work becoming a new norm for many professionals, and with both small companies and international corporations hiring talent from around the globe, demand increases for platforms and software that simplify the login process, while simultaneously enhancing enterprise security. Many of those solutions promise to free the organizations completely from passwords and their increasing TCOs. Only this June, Transmit Security announced a $543 million Series A. Transmit’s appless biometric authenticator, named BindID, leverages a device’s built-in face or fingerprint scanner.

But is Transmit’s solution all that special? Let’s have a closer look at the passwordless trend and its different interpretations.

No time? Grab the eBook to go.

Passwordless Authentication Methods Today

Passwordless authentication is certainly a step forward in enterprise security and can help safeguard sensitive data from cyberattacks.

The main benefits of a passwordless authentication process are evident:

  • Time is money in business, and passwordless authentication can eliminate the time it takes the user (and the IT team) to reset passwords internally. According to recent data, entering or resetting passwords has an average annual cost of $5,217,456 per company in labor cost. ¹ Going passwordless therefore has a considerable bottom-line impact.
  • High staff turnover can take up a considerable amount of your time and resources as a business, especially around deprovisioning and provisioning of accounts and passwords. Passwordless authentication is often more efficient and secure and not as demanding on your IT department.
  • Passwordless authentication makes user authentication far less prone to phishing attacks, data leaks, or passwords being leveraged by former employees. Simply put – it’s more secure.

So, what are the different types of passwordless authentication available for implementation today?

  • Biometric Authentication – Biometrics such as fingerprint scanners, face scanners, or retinol scanners can help a business protect itself from cyberattacks. However, biometric data is typically stored in databases, which can be hacked. So, additional cloud security measures need to be in place, such as encryption to strengthen your level of security. Best suited for organizations who prioritize their employees’ time and convenience, as well as those who need a fast passwordless authentication experience. The ideal solution for fast-growing tech companies and those who support their teams with smartphone devices and laptops able to accommodate biometric authentication.
  • PIV/Smart-card-based authentication – A common and fairly long-running cyber security strategy used by the healthcare industry and governments worldwide, employees are given a smart card in order to access a device and work. While this is far better than a password, smart cards can be lost, misplaced, forgotten, stolen, or duplicated.
  • Device Trust – A passwordless login method that can be applied to both desktop and mobile devices, usually by push notifications to the authenticator app. A user already signed in can determine whether to ‘trust’ the device attempting to sign in. Should a distracted user accept a device without carrying out due diligence, this can put a business at significant risk of cyberattacks.
  • Magic Links and OTPs – This method usually involves the allocation of a One-Time Password, whether the user actually sees it or not. The user either gets a combination of characters they have to type in, or a sign-in link sent to their inbox or as a text message. These passcodes & links usually have only a few minutes usage window, after which they expire to prevent the abuse if the mailbox or mobile phone are hacked.
  • Multi-factor – Also known as two-factor authentication, it combines a number of passwordless authentication methods to increase the user’s level of security. This may involve receiving a one-time code to your smartphone device or an email magic link to sign in, combined with touchID, for example. ³

Empowering Your IAM Solution with a Passwordless Authenticator

One of today’s most advanced IAM platforms (also considering integration catalogue and level of workflow automation) is Okta. With Okta’s integrated Single Sign-On and Adaptive Multi-Factor Authentication solutions, organizations can take advantage of risk evaluation derived from context, i.e. user, location, device, or network. This means you can restrict access from high-risk login attempts and require one or more strong authentication factors – none of them is necessarily a password. Managed, secure and compliant devices can sign in, but unknown and unregistered devices will be subject to multi-factor authentication. Should malware be detected, future login attempts will be denied from a particular device.

Okta also has a FastPass solution to improve user experience, ideal for companies who hire freelancers, contractors, and remote workers. Users can sign in on any device, reducing the frustration and time needed to reset or change passwords. This solution will be available soon, and will further enrich Okta’s passwordless offering. Read more about it in our fresh new eBook: Move Beyond Passwords.

Now, let’s review the top vendors that already integrate with Okta to create a passwordless MFA+SSO experience.

HYPE

Use HYPR to transform a smartphone device into a FIDO Token. FIDO-Certified, HYPE offers a platform powered by Public-Key Cryptography and Open Authentication Standards. Backed by Samsung, Mastercard, and Comcast, it can help businesses minimize phishing, fraud and enhance business security. HYPR also eliminates fragmented identify infrastructure, unifying all of your remote login experiences, allowing companies to protect themselves online while permitting remote work.

Veridium

Veridium uses biometrics such as face and fingerprint identification to restrict and permit user access. A secure MFA-backed solution, it allows users to authenticate apps and secure transactions at scale efficiently. Used within the finances, healthcare, and government sectors, it allows for rigorous security protocols which support highly-demanding compliance requirements.

Secret Double Octopus

Secret Double Octopus offers user-friendly MFA deployable both in cloud-native and legacy environments. Instead of entering a password, users simply approve an authentication request delivered in the form of cryptographically secure push notification to their mobile authenticator app, or FIDO2-compliant authenticator. Layering biometric authentication to access the authenticator itself results in passwordless MFA. Able to integrate with a wide range of apps such as Okta, Slack, HubSpot, Digital Ocean, salesforce, and WordPress, it is ideal for technology and eCommerce businesses.

Conclusion

With vulnerabilities identified in the current passwordless authentication methods, does the future of cyber security promise a higher level of security that will empower businesses and employees?

Well, the security sphere is certainly reactive in its response to cyberattacks, and there are plenty of new and innovative vendors offering advanced passwordless authentication alternatives. The problem is, analyzing each individual offer and deciding if it’s a good fit for your unique business model can take time. And, failing to choose the right option in a world where passwords are becoming obsolete means putting your business at risk.

With so many options available, it can feel a little daunting to analyze each and every passwordless authentication provider on your own. At GlobalDots, we invest a significant amount of time and resources testing this category’s most cutting-edge vendors. With our expert insight, we pinpoint the best passwordless authentication provider for your business use case. You no longer need to conquer the quest for supreme enterprise security alone.

A world leader in implementing B2B cloud and web innovation, we have helped over 500 business clients integrate enterprise-grade security solutions. Our team considers compatibility and integration depending on your architecture, headcount, and industry. By using a seasoned and certified integration partner like GlobalDots, you earn complete peace of mind that the implemented solution is bespoke to your unique business needs.

Get the full eBook: Move Beyond Passwords

Upgrade your level of cloud security by introducing passwordless authentication and integrating today’s most potent IAM platforms.

Contact our team today!

Learn More

Long-Term LastPass Breach Sounds Alarm For Static Credentials
Identity & Access Management (IAM)
Long-Term LastPass Breach Sounds Alarm For Static Credentials
Dror Arie, Head of Engineering @ GlobalDots 02.03.23

LastPass’ password management service has introduced millions of users to the convenience and security of unique passwords. Across mobile and browser, LastPass promises a near-passwordless experience for millions of individuals and over 100,000 businesses. However, recent news threatens to drop a bombshell on credential-based security.  The Year-Long LastPass Dual Breach  In August 2022, LastPass released […]

Read more
How To Implement Passwordless Authentication: A Step by Step Guide
Customer Identity & Access Management (CIAM) Identity & Access Management (IAM) Passwordless Authentication
How To Implement Passwordless Authentication: A Step by Step Guide
Dror Arie, Head of Engineering @ GlobalDots 27.07.22

Login details are criminals’ favorite type of data, as they allow complete impersonation of a legitimate user on your system. By successfully compromising an account, an attacker becomes a wolf in sheep’s clothing, appearing completely innocuous until they launch their attack.  One of the most common consequences of cracked credentials is a data breach, the […]

Read more
2022: The Year End-User Accounts Go Passwordless
Identity & Access Management (IAM) Passwordless Authentication
2022: The Year End-User Accounts Go Passwordless
Dror Arie, Head of Engineering @ GlobalDots 23.02.22

Why Passwordless, Why Now? Advances in technologies pose new dangers online as more people use devices to do their shopping and finances. The remote work era pedaled, further extending technology adoption, so growing concerns regarding security and new methods are more valid than ever. Progress comes with leaving behind obsolete methods to improve efficiency and […]

Read more
Back to Resources
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo