A Thing
The Green SheetGreen Sheet

Wednesday, April 5, 2023

Passwordless future within reach, experts say

FIDO Alliance held a virtual conference, March 29, 2023, to assess recent advancements in creating simpler, stronger authentication methods. Sponsored by Beyond Identity, HYPR, 1Password, Anonybit, descope and Thales, the half-day event included panel discussions and fireside chats with experts from Google, Microsoft, Amazon and leading global brands that support FIDO's (Fast IDentity Online's) mission to create secure, scalable alternatives to passwords.

In opening remarks, Andrew Shikiar, executive director of FIDO Alliance, stated that FIDO deployments have helped companies reduce fraud, lower operational costs and boost employee productivity. He additionally noted that companies are looking at top-line benefits of getting users online faster with greater satisfaction and reduced shopping cart abandonment.

"If you are a consumer service provider, imagine increasing your signup rate by 5 percent or even 1 percent," he said. "If you're an ecommerce vendor, imagine reducing shopping cart abandonment rate by even 10 percent. Our data shows that 50 percent of consumers have abandoned purchases in the past six months because they forgot their passwords. That's a huge opportunity to bolster the bottom line and improve top line results from online services."

Passkey takes center stage

Shikiar also mentioned that FIDO Alliance working groups are researching the user experience and will soon issue guidance on deploying passkey, a multidevice credential now available at PayPal, Apple, Microsoft, Google and other leading enterprises.

Describing passkey as a recognizable word and symbol, Shikiar said he expects its common terminology and iconography to help the solution scale. He believes consumers will start recognizing passkey's common signage and start seeking out passkey in big tech applications as well as third-party service offerings.

"We've always had a vision for a third party ecosystem and third-party passkey providers are essential to our vision," he said. "They're essential to creating choice and creating competition, which will really sharpen the edge for everyone's implementation of FIDO authentication."

Achieving ubiquity, scale

Tim Cappalli, identity standards architect for Microsoft, stated that passkey meets the necessary criteria to achieve global adoption, which he summarized as ease of use, recognizability, leverageability of existing infrastructure, durability across devices, and scalability across regions.

"Passkeys are replacements for passwords and all the baggage that comes with them," he said, adding that it eliminates friction points such as one-time passwords and magic links that users rely on when they forget usernames or passwords. "At the end of the day, passwords are phishable and all of those other options are phishable as well."

By contrast, passkeys are phishing resistant, Cappalli noted, and are less expensive to deploy than sending password recovery messages via SMS and email. Users end up with better account security, he added, which benefits users and the organization.

Christiaan Brand, product manager at Google, demonstrated passkey ease-of-use by creating a passkey on a smartphone and using the credential to log into a website on another device. "The next time I come back to this website, I don't have to enter my username or password," he said.

No more wait-and-see

Marcio Mello, a longtime FIDO champion who has deployed FIDO identity and authentication solutions at eBay, Intuit and PayPal, shared lessons learned from wide-scale consumer deployments in a fireside chat with Dale Laszig, senior staff writer at The Green Sheet. During the chat, he urged FIDO stakeholders to seize the moment and implement passkey, a solution that reflects a decade of collaborative efforts by FIDO Alliance members, partners and advocates.

"It is time to go from wait and see to making it happen with FIDO passkeys," he said, predicting that passwords may soon follow cassette tapes and CD players into oblivion.

While acknowledging it will take time to replace passwords with simple, secure and scalable authentication, Mello insisted we're on the right path with the right technology. Let's be the group to make it happen, he stated, by educating users about passkey and creating a consistent experience across all ecosystems, as passwords become optional and are eventually replaced.

"I hope to see that state of passwordless Nirvana in my lifetime," he said. "Where future generations will not even understand why passwords existed in the first place or why people could access their accounts using a random character sequence."

For additional information about FIDO Alliance, visit fidoalliance.org/

end of article

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Facebook
Twitter
LinkedIn
2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing