Join this session if you want to learn how a globally operating science and technology company introduced a faster and phishing-resistant sign-in – driven by the open-industry standard FIDO.
Employees use Biometrics or Pin, instead of Password & SMS, Call or App.
A “Detached Authentication” feature enables apps without FIDO/WebAuthn support and allow us to globally enforce the phishing-resistant sign-in – without fallback to other MFA methods.
Identity Verification is required for the registration and recovery of Biometrics or Pin. SaaS or self-developed identity verification methods can be used and combined.
The infrastructure for authentication and registration of Biometrics and Pin runs in a self-hosted environment. It allows us to stay true to our principles: Own Identities, Credentials and Authentication.
# What makes it unique
Passwordless Sign-in
– Biometrics of device-in-use
Biometrics sign-in available for all apps
– Detached Authentication for apps without WebAuthn
Biometrics sign-in enforced for all users
– No SMS, Call or Authentication Apps
Onboarding, Registration, Recovery, Password Reset
– Self-services secured with identity verification
Centrally stored FIDO-Credentials for multiple IdPs
– Self-hosted infrastructure with IdP plugins