In the last few years, the FIDO Alliance has been working relentlessly towards the vision of helping users authenticate with maximum security and minimum friction. The resulting WebAuthn standard provides the foundation for that to happen. Now it is up to the industry to make that technology available to end users.
WebAuthn is the only standard-based authentication method that makes phishing impossible, as it binds the public/private key to a specific web domain. You cannot mistakenly authenticate into a phishing website.
A few weeks ago, we announced the support for FIDO Security Keys for MFA using WebAuthn. Security Keys are a great way to secure access to your account, but their adoption is mostly limited to tech-savvy users or corporate environments with relatively high-security requirements.
We are now announcing support for FIDO Device Biometrics for MFA using WebAuthn. This makes the security and convenience of WebAuthn-powered flows available to anybody who has a device and browser who can support the biometric challenge, not just those who have security keys. Now all users can reap the benefits of this technology, regardless of how tech-savvy they are.
Enabling users to authenticate using their device biometrics has two benefits: it greatly reduces friction during the authentication challenge, which impacts user retention and revenue, and it increases security since the flow is not fishable by bad actors.
Top comments (0)