Auth0 has released a new WebAuthn Passwordless security solution that will allow people to use device biometrics to log into web applications. As the name would suggest, the solution is based on the WebAuthn standard, and encourages people to move away from passwords as their primary authentication option.
To that end, WebAuthn Passwordless allows end users to take advantage of the biometric authentication features that they use to unlock a device, and lets them apply that technology in other situations. For example, someone could use their phone’s fingerprint scanner instead of a password when accessing an online account.
WebAuthn Passwordless offers support for multiple biometric modalities, including face and fingerprint recognition. All biometric data is stored locally on the device to ensure the user’s privacy regardless of the biometric modality being used. The platform itself allows people to use different modalities on different devices, which gives customers more flexibility because they are not bound to one device or one form of authentication. People can register new devices as they start to use them, and do not need to go through a centralized portal to do so.
For its part, Auth0 is hoping that WebAuthn Passwordless (and the simpler authentication experience it provides) will make it easier for people to make the switch to passwordless technology. The company noted that compromised passwords are responsible for 84 percent of all data breaches, and that biometric alternatives can eliminate that threat while streamlining access and minimizing the administrative burden on IT departments.
“Despite ongoing guidance around proper password creation and repeated warnings against password reuse, consumers crave convenience and continue to use the easiest path for application access,” said Auth0 Chief Product Officer Shiv Ramji. “Auth0 WebAuthn Passwordless is a modern option for organizations looking to attract and retain users.”
WebAuthn Passwordless arrives just over a month after Auth0 was acquired by Okta. The company also listed Incognia’s anti-fraud SDK on the Auth0 Marketplace in March.
(Originally posted on FindBiometrics)