Major Use Cases and Capabilities
Major Use Cases
Enterprise/Workforce Access and Self-Service
Passwordless Authentication solutions deliver a flexible approach for organizations looking to implement a workforce IAM program to deliver better time to value and agility. In addition, a self-service user interface allows for requesting access, profile management, password reset, and synchronization.
Consumers and B2C
The use of passwords remains the top cause of breaches and friction in Business-to-Consumer (B2C) and Customer Identity Access Management (CIAM) use cases. Consumer authentication plays an important role in the digital customer experience and can either drive or impede revenue growth. As a result, large-scale consumer applications often go passwordless as part of digital transformation initiatives.
Partners and B2B
In the digital age, collaboration is becoming more dynamic and integrated than ever before. Partner networks are growing at a dramatic pace, making antiquated approaches to managing partner identities and access no longer viable. External partners often require specific information, and therefore need authentication and access to internal systems. Providing efficient processes to manage partners is key to building a strong partner network.
Better User Experience
Solutions which have better internal security and support higher assurance authentication while protecting privacy rate higher for user experience metrics. By choosing the right passwordless solution, your organization will significantly improve user experience, reduce login time, and boost conversions while simultaneously providing employees and consumers with the highest level of security.
Auditing & Compliance
Governments have enacted various regulatory regimes mandating privacy, security of health and financial records, “Know Your Customer”, and payment processing security. Examples include EU General Data Protection Regulation (GDPR) and EU Revised Payment Service Directive (PSD2). Additionally, security certifications and standards such as FIDO2, ISO/IEC 27001, and SOC 2 Type II will appeal to customers in certain regulated industries and others that have strict security requirements.
Capabilities
Account Recovery
This rating is based on how solutions handle account recovery procedures. The solution must make it easy for end users to securely recover access without contacting a call center or visiting a store when they need it.
Architecture and Deployment
This category represents the combination of the architecture and the deployment options. In architecture, we look at the type of architecture and focus on modern, modular architectures based on microservices. This also affects deployment, given that container-based deployments provide good flexibility.
Authenticator support
This section looks at the breadth of authentication support, as well as the depth of contextual and risk-adaptive authentication. Advanced support for authentication mechanisms, especially FIDO, mobile, and behavioral biometrics and mobile SDKs are also preferred.
APIs
This category is related to the architecture but focuses more on the comprehensiveness of APIs and the simplicity of customization. This also evaluates the level of API security and the need for stable APIs. APIs furthermore build the foundation for providing an Identity API Layer to digital services and for orchestration with other services.
Device Trust
In a passwordless solution, this is an essential component. Device trust is the process of verifying whether a device (or multiple devices) should be trusted and authorized to perform certain tasks. This rating is influenced by factors including support for multiple devices, device health checks, and support for BYOD.
IAM Support
This section evaluates the number of IAM capabilities and features. Furthermore, supporting existing applications and integrating the legacy IAM platforms is essential for a migration towards a modern Passwordless Authentication at the pace of the customer. Thus, supporting legacy IAM and legacy applications is an important element in our rating of solutions that deliver a passwordless approach.
Scalability
This rating is influenced by many factors including the architecture of the vendor solution, the number of customers supported, size of B2E implementations, and deployment models available. For SaaS-delivered solutions, multi-cloud utilization, geographic distribution, SLAs, and maximum supported number of transactions per second are considered.