KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
As digital identity continues to evolve, so do the methods used to authenticate users. From passwordless approaches to cutting-edge biometrics, the authentication landscape is constantly changing. This panel brings together experts from various industries to explore the latest trends in authentication methods, discussing their strengths, weaknesses, and potential impact on security, user experience, and privacy. Gain insights into the future of authentication and discover strategies for staying ahead in an increasingly complex digital world.
As digital identity continues to evolve, so do the methods used to authenticate users. From passwordless approaches to cutting-edge biometrics, the authentication landscape is constantly changing. This panel brings together experts from various industries to explore the latest trends in authentication methods, discussing their strengths, weaknesses, and potential impact on security, user experience, and privacy. Gain insights into the future of authentication and discover strategies for staying ahead in an increasingly complex digital world.
So if I could just start by asking each of the panelists from here to introduce themselves a little bit and what they do, why they're here, what they like, favorite hobbies, that sort of thing. So please, after you from, sorry, I've already forgotten people's names.
So Lana, Is this mic on? That should work. Just speak. Okay. Test. Yeah. All right. So just quickly introduce myself. I'm Lana. I'm based in San Francisco, California, work at Okta for the last five and a half years.
I'm a senior principal technical program manager and I've been responsible for leading a diverse portfolio, federal security, making sure our products parity was the federal security standards as well as endpoint security enhancements, partnering with our I Am team, Okta and Okta to launch some innovative products such as like Okta Identity Engine and FastPass Passwordless authentication. My hobbies, I spend a lot of time playing tennis and pickleball. This is kind of going viral right now in San Francisco, so I enjoy doing that.
And yeah, hanging out with my friends, enjoying Bay Area. So that's a little bit about me. We'll pass it over to, Thank you. Did anyone else play the pickleball? Oh Good.
Okay, great. I don't know if you play paddle here or pickle ball, but yeah. So my name is Jos Deck. I work for UBI O, the creator of the YubiKey. My role is a developer advocate, so I help customers integrate their software with ours and that software is concerning authentication. So different kinds of authentication, but I'm focusing primarily on, on Fido. We're also involved in wallets. So lots of interesting conversations here at this conference.
Well, if we're doing the hobby thing, I'm a sailor and for the rest, my hobby change every year, so, Okay, fantastic. I was joking about the hobby thing. I'm Glad you Actually I, All right. Good morning. I'm Marco uti. I'm Italian, but I work for, I've worked for different corporations and startup in the identity space for the last 20 years, including novel. For those of you who didn't have to remember their name, IBM and now Alis Attali.
I am a business acceleration director, which is a fluffy title for somebody, which is really looking at building our system integrator ecosystems of capability in the market in the various geos. And again, at Talis we do a lot of things around the subject we cover today.
And, but again, that's what we talk later. Obvi wise, I'm a runner. Okay. Like a long distance running. That's what I do whenever I can, including here in Berlin, which is a very nice place to do that. Thank you. Mark. Dominic Forest, I'm the CTO of ipro. I joined ipro when it was founded some 11 years ago now, which feels like a lifetime probably. 'cause it is ipro for those don't know. It's the world's leading liveness company. We work with banks, governments, regulated entities and corporates globally to strongly authenticate people where you really, really can't afford to get it wrong.
So that can be about crossing borders, issuing visas, opening bank accounts, or if you're MGM may be trying to reset passwords for the right person rather than the wrong person. I'm gonna do the hobbies. 10 years ago I'd have said I skydive all the time. Now my wife would say, I spend far too long playing chess. So a bit more sedate. That sounds a lot less dangerous.
Yeah, it's a big, My name is, I'm a distinguished architect at eBay. I spent most of my career in the Bay Area and just last year moved back for family reasons, but also career reasons. Why am I here?
I, first of all, I want to learn more about wallets. That's certainly a topic that interests us a lot. E does all that. The other reason is that we, I'm building up a, a new engineering hub in Berlin and I'm on a recruiting spree. So if you are a software architect in identity and wanna work for me, please reach out to me at eBay. One of the things that I've worked on in the last couple years is on our advising, our identity teams on implementing strong customer authentication, PD two, guiding us in moving to a passwordless future.
I will also have a talk where I outline our journey later today. So if you're interested, come by and on hobbies, I like to bike and I like to ski. My wife is not a big fan of that. I broke my left leg on biking seven years ago. My right leg when skiing right year, one year ago. So maybe I should pick some less dangerous hobbies. Try chess. Chess.
So, so yeah, I've, I've heard vendors give pitches before sitting on a panel, but I've never heard anybody recruit sitting on a panel. So this is a first for me.
Hey, I'm Matt Brzezinski. I am a senior director of product management at Ping Identity. I've been at identity management long enough to know Novell long enough to know, oh, CI proof, get founded, you know, all these things. I have all the gray hair to prove it.
I, I manage our product portfolio for the EMEA region for the ping ping identity stack. I, I really excited to be here. My history goes back to biometrics.
So, you know, the presentation beforehand was, we think passwords are still gonna be here. I'm actually at the point where I think we can get rid of passwords, but I was there in 2001 running around a trade show with a T-shirt that said, forget your password. So it's been a long, long battle with a lot of scars.
So that's, that's where I'm coming from. As for hobbies, I have a 4-year-old and a 2-year-old, so my hobbies are running after them. The thing I do to relax is I'm a, I'm from Manchester, England, but I lived in the States for a long time, so now I'm getting used to dealing with the rain. And so when it doesn't rain, my hobby is to go walk outside because it's like the short period of time you get to do it where I live is, is amazing. So walking and chasing after my kids, those are my hobbies. Great to be here.
Awesome, thank You. Thanks everyone. So I'm going to go in reverse order now with the first question, which is, you know, reasonably easy or not, but it's one of those questions that says, you know, one of those high level ones, but what are the most significant trends in authentication methods that are, are emerging right now? So I guess you, you know, based some of this on the last two days, this conference if you like, I'm sure we're gonna mention wallets, but back back to you.
Yeah, yeah. You just, you just stole my thunder because I was gonna say, has anybody heard about wallets and a digital identity?
Because I, I think we have to take that into account that that is, you know, going to be the biggest newest trend in, in identity and authentication. And I also think, you know, I made the joke in my introduction that I've been trying to beat the password for 25 years. I don't think it's gonna take that long for us to adopt wallets. And with technology partners like ipro and other people who can do verification, we're gonna have verified identities, which is really gonna help that authentication problem.
But beyond that, though, the last last person talked about Fido, but, and, and it's, we'll talk about this in a, in later on in this panel, but I think one of the big trends that we're gonna see is how do we bring to bear all the new authentication capabilities? How do we make it possible to go passwordless for people who aren't as tech savvy as everybody sitting in this room who has a mobile phone and a laptop? And being able to have those types of orchestration types of capabilities is gonna be really paramount to moving into the next step of authentication Doctor.
So yeah, I agree with you all. It's certainly a hot topic. I'm also very interested in PAs keys.
It's, we, we've seen it in the previous presentation. I hope they will get rid of passwords hopefully sooner than, than I I think we've introduced PAs keys at eBay as one of the earlier adopters. I would say at least of the bigger tech companies we've seen a decent growth. But it's still in, I don't know the current numbers. I would say about 10% of our users use use PAs keys. It's not where I would like to, to be. There is a lot of education I think that still need to be done. A lot of people don't know what a PAs key is, how to use it, what the ben, the benefits are.
We, we were a little hesitant of enforcing two-factor authentication on all of our users as much as I'd like to besides the European sellers where we, we are required to other, apart from PAs keys, there are certain other authentication factors that I see growing biometrics, both local, you know, to unlock on your phone to unlock the pass key or other types of keys as well as end-to-end, they have their own issues with end-to-end with privacy. Then we have behavioral authentication factors.
We use those as well at, at eBay at least as an addition to authentication factors as an additional signal. How do you, what is the, how is the user using the page? How do they navigate, how do do they move the mouse, the enter the keyboard as well as a device binding? What do we know about is, is this a device that the user has previously logged on? That's a good signal that it's maybe more secure together with challenge response maybe to make sure it's the same device.
So, so sorry just to go, 'cause you obviously eBay, you know, you must be one of the largest holders of passwords in in, in the world and I've noticed that you as a user, it's now actually a lot easier just to log on and forget your password because like you say, you can use another factor. So is that something, do you have any, just quickly, do you have any like usage on how if people are starting to think, oh I can't be bothered to keep loading my password, I'll just forget and then use my phone. So the forget your password flow is still unfortunately people use it a lot.
Yeah, so our success rate of password sign in is about 70%. That's not great. It means a lot of people, it could be just typos, people type it in wrong. Of course we have attackers too that try to brute force those, but those aren't even very dominant. So it's still a major issue for us. And what else do you use to research your password? I think that's the one of the crux with all PA keys. I mean as secure as the R the forget your password flows is often the weakest link. It doesn't help if you have the most secure paske if someone just enters the birthplace or the mother's maiden name.
Things that can easily be found out. Sure we don't use those at EB but a lot of companies do. Thanks Dominic.
Yes, you wanted to come in. Wow, 70%. I was going to say something completely different but that numbers just blow my mind. 30% of password attempts are wrong. That is just a crazy number.
Anyway, the great thing about this question is there's no one answer so you can't get the answer wrong. 'cause you know, my view very strongly is there's an awful lot of authentication technologies out there and I'm gonna be controversial. I think all of them have their place to go to a lesser degree, even passwords. So I don't think we'll ever get rid of passwords and I don't think they ever should get completely get rid of passwords. But what's important is choosing the right technology for the right use case.
You know, if I put in a password and what I'm gonna do is somebody's gonna see my bank account balance to being honest, they're welcome. If they're gonna transfer my bank account balance, then I want something very, very strong. And I guess really one of the questions I always ask around these technologies is what are you actually authenticating? Are you authenticating the user or are you authenticating the device? 'cause so many of the technologies are just really very strong, great widely used and growing and I think that's a good thing.
But if it is a private key sitting on a phone, then what you're really doing is authenticating the phone. Not we user. And I think sometimes we forget that we talk about authenticating users, but more often than not we're authenticating devices and it's sometimes you have to be at the stage where you really want to know who it is. You're not authenticating not what it is 'cause it's not the laptop or the phone that's gonna end up in court if something goes wrong. That's an excellent point about, you know, it's you, you're authenticating a device as much as anything. So yes.
Sorry I've lost my Marco. Yes, I've got, I've got like in my head, I've got numbers above your head you see a, a little red numbers. So Marco please number three.
Right, So the question was around trends. So maybe I will repurpose the trend into what's coming after what we're already assisting in terms of transition. So maybe more about innovation again because of course parcel is there to stay for a long while and very much like your analogy 2001 and you were already there. So the transition out of password is very, very slow. I mean low like continental drift, slow really slow. Okay. So it's taking forever. So password is the new mainframe. It's gonna stay with us for a long while.
Meanwhile though, the form of authentication beyond what we currently look at is something that very passionate as we, we tell we do identity but we do also data application security. And we do a lot in aerospace and in other industries which is bringing us into new forms such as brain computer interfaces, which is pretty interesting because it's a biometric but maybe also a behavioral form at the same time.
Because to this day it is something you need an headset set and is a continuous form of authentication that is involved into now flying a plane is new with you because your brain is detected and recognized as such. To do that today is a big thing but it's becoming smaller and smaller in a few years from now we'll become as big as our AirPods are and you eventually become embedded probably or part of our our our biology Okay. Or ecosystem. So that's an interesting thing and I think that will be part of the continuous authentication transition. That will be the next thing probably.
That's just one example but it's already here. For those of you wearing a smartwatch with a heartbeat detector, you already have a form of continuous authentication with you the entire day. Which is also something probably coming. And then maybe I can stop here just not to do all the talking with an Italian accent, but there's more to say about this. And maybe another interesting thing, I don't know if any of you heard about the, so-called fuzzy extraction.
Another interesting thing, fuzzy extraction is when you use biometric not to unlock a device, which is what we use that for or to walk to the gates in the aircraft, but rather to generate your key. So you're basically shazaming your biometric feature, the face, the fingerprint to be the mean of key generation. That's pretty interesting. It's not yet there very widely distributed in terms of commercial form. I find that interesting T bias, we don't do that at Ali. I'm just bringing it up because I find it very cool. Okay.
Just for full disclosure, not yet at least, but this is probably among those emerging approaches to authentication coming up in the next few years. I I I love your accent. It's fine. Cool.
Yeah, so I can keep going another 15 minutes maybe Juiced. Yeah, so I think the, the main trends are already mentioned. I think obviously wallets and, and, and another one is I think basies, although that's not really a new technology 'cause that has been around for some time. But I do think what strikes me is that the uptake of pasky is, is really taking off now I was reading this Google blog last month it where they said that they have now 1 billion paki, 1 billion pasky authentications within a year, over 400,000 users with Paki enrolled. So those are impressive numbers I think.
And two weeks ago I was doing online groceries and I was really surprised that my, my online grocer asked me if I would replace my password with a Paki. So I, yeah, now it's, it is really getting mainstream and that is a very nice observation, I think. Then another thing that many people may not know is that if we're talking about pesky is that they're getting established, but it's not that the development has been finished.
So, so the, the the specs, the the pasky specs, like the most importantly the web author and spec and the ctap spec, they're continuously being improved. So there's different versions and there's new versions coming out.
So I, I expect some innovation taking place there. And we just released new firmware in our UBA keys, for example, to to be on par with the latest versions of those specs. And I expect that these new features will be incorporated in, in, in applications soon as well. And I won't go as far as recruiting people in this, in this panel, but I do want to do some self-promotion about wallets and Fido. 'cause I'm giving a talk tomorrow about the relation between wallets and Fido. We think they, these two technologies go great together and so this is a wishful thinking that this will be a trend soon.
Okay, well we can come back to wallets in a minute but Lana, I dunno if there's anything left to say or I could give you a different question. Well I guess I'll just mention one.
Yeah, you mentioned a lot of relevant trends. The one that I'm quite interested in right now is the zero standing privileges that we are trying to implement as well is essentially to reduce the persistent access to like sensitive systems or data. So think about it as a time box access where you enable the workflow that gives access to the user for a limited time to perform the task and then justworks that access it helps with other trails and also helps to reduce the internal threat, insider threat as well as the other exploits external exploits.
So I think that's quite an interesting concept that we're trying to introduce in addition to least privileged access. And then I guess the most interesting to me is the password list biometrics, magic links, security keys, adaptive, MFA, federated identity management as a, so that allows you to use, to access multiple resources and not to reenter your credential credentials multiple times. So that's kind of bread and butter.
So, and okay, Most interested, well I'm, I'm glad you mentioned zero Z Zs P 'cause that's kind of like what I know something about one of the few things, I know something about it, but I think that is the future for privilege access and in fact it's probably the future for all kinds of access because you won't have privileged accounts anymore. You'll just have privilege now and again. Yep.
Okay, so you're gonna start there. So you get the next question. First of all, biometrics is also talked about quite a lot and it's been seen as the sort of the solution for some time, but it doesn't yet seem to have really taken off apart from people who use it on their phones. So what are the advantages and why hasn't it really taken off in the corporate world as much as you might've expected? Or has it taken off in the corporate world?
Yeah, it really probably depends. It, it definitely took off. In our corporate world, we are almost a hundred percent passwordless and phishing resistance authentication. When I think about the traditional authentication methods like passwords, they are reusable, weak, time consuming, and frankly annoying. So I think password managers somewhat superior, but still, if you think about recent vulnerabilities and drawbacks, it's still not an optimal solution. So there are quite a few advantages and benefits from using passwordless authentication.
It reduces the IT cost for password resets, the credential related tax, as well as if you think about the business value drivers, like time savings per employee. If you think about a traditional authentication that takes on average nine seconds versus the password, this authentication, which is roughly three seconds and then think about the savings over time, it aggregates. So I think there's quite a, a lot of cost savings that could actually benefit the corporate.
And then it, the, the biggest one if you think from the security benefit and perspective is the prevention of the real time phishing. So you're taking out the password as a factor and that's, that's, that's a great benefit to call out there. I mean biometrics, some people might think that there is an opportunity to steal your biometrics and if you're worried about fingerprint lifting or things like that, I think the national state security agencies, they probably use much, much more advanced and higher issuance standards like fip, UB key or smart card pay, FC.
So I think you could add additional factors to protect yourself. Okay. Do you want to carry on with that or do you want another question?
No, no, I can, I can answer that. I think, well, maybe this is more our perspective, but we think BioRICS is, is is more usability feature and especially within Fido where biometrics are, they always have a, a fallback with.
So if, if you take a YubiKey for example, we have this Buki bio, but if, if your fingerprint is not properly recognized 'cause you're for whatever reason, there's always a fallback to to a pin. So it's, it's, it's not as much as a complementary, it's, it's, it's just a, a usability feature. And the reason I think that the uptake has been lagging behind a bit is it's also a bit education. 'cause people don't really understand what's happening with their biometrics.
So people are sometimes reluctant to, to use their biometrics, especially, especially in a corporate environment where they think some my biometric, that's, that's personal and that's, that's not for the, for the enterprise. So that's, they're more eager to use their biometrics in for consumer applications than for in a, in a corporate environment.
So, so Marco, do you think people like passwords, I'm talking about actual end users, corporate employees, et cetera, that's why they haven't gone away because they feel kind of comfortable. They don't like using a, you know, their face and Well, I don't believe anybody likes passwords though.
Back to what you just said is indeed A fallback plan or an alternative measure in case you cannot use for whatever reason biometric means, which would be way more convenient though there are many cases in many industries where you cannot rely only on biometrics maybe because you are wearing mask and because you're in healthcare and something so that form of authentication is not applicable.
Or you are in airtight manufacturing equipment and you are wearing gloves and, and we have a number of customers of that sort and that defines a, a multitude of authentication mean depending on which part of the business process, which part of the organization we're looking at low trust, I trust internal external, there are two dimensions that define the space of what kind of user you're looking at.
Each of those four quadrants might end up with a different form of authentication, but you might be yourself as an individual user belonging to more than one of those quadrants depending on what you're doing on a given day. So password is definitely belonging to one of those low, low trust. Okay. Internal users primarily, but not necessarily only because of this slow transition that is still in pro in progress. Okay. So stomach is biometrics full, like absolutely watertight. I mean I noticed on the iPhone that even if you wear sunglasses it'll still recognize you.
Does that mean it's super great because it can recognize the real face around the sunglasses or No, I Will do answer that, but I'm just gonna ask for a very quick poll from the audience first if I can. Yeah, so would you put your hand up if you've unlocked your phone in the last week with either your fingerprint or your face? Has anyone not unlocked their phone with their fingerprint or their face in the last week?
Okay, 1, 2, 3. I think that answers whether biometrics has been adopted or not. Question. So I think everybody, pretty much everybody in here is using it. Biometrics can be an exceptionally usable product and it's very important. It is. But I will come back to the key differentiator biometrics is authenticating the person, not the device.
At the end of the day, it's the method which allows you to know that the individual who you are authenticating remotely, whether it's creating an account, whether it's authorizing account, whether it's just logging on, is actually the right person as opposed to being a person who's got access to those credentials. Whether credentials or a password whether's been phished or whether it's a private key sitting in a secure enclave.
You know, I tell the story of discovering my daughter who was 12 at the time had had a fingerprint enrolled in my phone for the last year. So every time I'd unlocked my banking act, neither I nor the bank knew if it was me or her, you know, she wasn't doing anything malicious. But it's just a great example. People think about biometrics as being, as people think about phone biometrics as being the same as cloud-based biometrics, and they're not a phone biometric when you're unlock your phone is saying that somebody who's authorized to unlock that phone is doing.
So a backend biometric allows you to know who that individual is and that's a really, really crucial difference, which gets missed far too much in my opinion. Thank You. But that's an interesting point if I may even the regulators see this very differently, this aspect. So for example, as, as part of our journey to strong customer authentication, as you know there, there are two different versions of the regulation. One for the U and one for UK because of Brexit and they have different added on different opinions and guidelines after, after the fact.
So the European regulator, the CSSF, they for, for biometrics, they don't allow the the local biometrics Exactly for that reason. I also, my wife has a, I added her so in in emergencies she can unlock it. So who's to say that if there's a financial transaction and I say it wasn't me, it was my wife, give me back my money. And so the CSSF exactly for that reason sees this critically Is this real life experience you're talking about Hasn't happened so far. Whereas the British regulator, the FCA allows the local one because of practical reasons.
It's just, it's it's happening. Yeah, Yeah.
You know, I've, I've fought the biometric fight at least three times in my career. I always give up on it and I always come back to it.
And, and I think you guys have brought up a lot of great things about biometrics. The one thing that still sticks out to me is you'll go to your employer, they'll take a picture of you, put you on an employee badge store that in their database, no one cares. As soon as you take a picture of your face or your fingerprint store that in their database, you can't have my PII. And this is the problem that we see.
It's, it's the education. I think someone else said education about biometrics and about what we're doing and there's the fear that we have and then everybody's like, yeah, I used my phone and that's great, but if I know your pin code, I can enroll myself on your phone so now I can be you. And I've just really only authenticated the device again, even though I did it myself.
I, I think, you know, the, the panacea for biometrics and as much as I really want biometrics to actually make it is when we get to a really sophisticated digital wallet. So when you can enroll a biometric that is verified that it is you by the people that are enrolling it and store it on your phone in a signed way that can't be tampered with, that has nothing to do with how you unlock the phone, but how you unlock the digital wallet.
Now I have server side biometrics on my phone and you know, everybody, I think people, they might not even understand how much different it is, but hey, it's on my phone. And that's, that to me is how we're going to see mass adoption of biometrics is through the use of wallets and doing it on your phone in that way. If I can just add to that, I mean, what you've just described exists today.
I'm going to identity week next week in Amsterdam from London traveling on Eurostar, sitting on my phone right now is my biometric and on a day of travel, I'll click a button and that will upload into Eurostar and I will walk through UK border control and exit UK border control without talking to anybody, without stopping just walking down the corridor. That's today's capability and reality.
Yeah, it's getting there. Yeah, absolutely. I mean I've worked on a lot of projects to do biometric airports, right?
So you, you enroll the day before your travel and you just go straight to your plane. So I've seen all that. And then the other thing I wanted to point out on, you talked about the security of biometrics and how you can always fail back to a pen, especially on Fido.
And so at, at Ping Identity we have great Fido two support, we have all this stuff and we're gonna go passwordless and then we have banks and retailers and certain geos in the world that say, can't use that I need to do digital signing. And the reason they can't use Fido is because Fido, you can't turn off the fallback. So at the end of the day it's a pin. So with our digital signing capability now they can enforce biometrics.
Now it's still the biometrics on the phone, but they feel more secure that way, even though it could be your wife, you know, I mean I'm, my wife just has my credit card, it's a whole different thing, but, you know, but, but that's what they're doing and that's what they see as a difference. But it's still not server side, but they just are like, okay, I can't fall back to a pin. So it has to be more secure. Okay.
Can I, let's go back do another quick poll. How many people have logged onto their corporate account using biometrics in the last week or so? So it's a little bit less. Yeah. Okay. Is there another microphone available or they're all used up? No. Okay. I was just gonna open it up to the, the audience. If anyone wants to ask this excellent panel a question you'll have to shout. No. Yes. If you could be really loud, that'd be great. Being loud.
I mean, I, I I have questions specifically around talking about sca. I mean, is it, do you, I mean every time you look at making a decision like this, right, there's a trade off between, you know, the risk of what usability. My view is that the risk associated with the wrong person who locking a device while obviously present, is probably not high enough to warrant a blanket ban on device by matrix, which is so ubiquitous and so much cheaper for any organization to deploy. They're trying to do something, they're trying to do something.
I'm just wondering, I mean, do you think that that's Yeah, I, I think the European regulators have, My personal opinion is, I agree with you, the regulations, in my opinion, they go, they have the right intent. It is to protect the assets, my financial assets that for example, you can keep on eBay or your banks. However they are very prescriptive. The regulations are, go into the technical details such as this one, which goes beyond the intent and also it doesn't age well.
We've, I mean when the regulation came up PSD two sies didn't even exist or at least they were not widespread. So we always feel at eBay and it is also my personal opinion that the regulators, and I hope that with PSD three, they PS D three, they will go more in the intent and not so much the means.
And, and this kind of question about end-to-end versus local biometrics is a, is a very good example of this. Thanks for your question. There's one question down here, Speaker 10 00:34:04 I'll try to be, be loud.
We, we see an increasing number of use cases where employees are not allowed to bring their personal device to in fact any device into the workplace area thinking trading floors or call centers or clean rooms or secure manufacturing facilities. Do you see any alternative to server-based biometrics for authentication in those sorts of environments? Or are we still stuck, gonna be stuck with passwords for device less passwordless authentication?
Okay, great question. Any of you willing to answer that? I think people will assume what my answer is. So does anyone else want to answer it first? Well in my case we assisted that indeed and then going back to cases that we assisted over the last year where the wearable was part of the solution. Okay. Although not biometric in this case of course. And the reason why I brought up before the Shazam example, the biometric meaning key generation out of biometric artificial, which is a server is not even a server match.
'cause we have been talking a lot around device match versus service match. What I'm talking now is key generation out of biometric features is in my opinion, and not incidentally, primarily devoted to B two E cases more than consumers. Okay. Because there is a lot of trust involved in the mechanism to extract and store the key. But this is maybe why I would assume that something inevitably going to be increasingly popular in the next 20 years. Okay. So depending on what is the pace of adoption, Please tell me we're going faster than that. Please. Hopefully it can only be faster than that.
I mean it's, passwordless has been killing me. I love your line password's, the new mainframe. They're always gonna be here.
I I, I think I, I think the other thing that, that we need to think about is there's gonna be a ton of new technology that comes out. Just the things that we're doing today, we weren't even really thinking about six years ago. The way wallets have gone so fast compared to other things is amazing. The ability to get those authentication capabilities to the right people in the right environments. 'cause there is no one authentication technology that works for everybody and everywhere.
And that's where I think we have to start thinking about how do we provide these technologies to people based on their context where they are or based on what their devices are or based on their physical capabilities. And that's, I think gonna be what enables us to move to advanced authentication techniques as they come out a lot faster. If you have that infrastructure that allows you to do that.
It's interesting actually because I think on the stand this week so far I've been asked more about device list access to areas where you can't take devices in than any other single subject from airlines, from manufacturers, from finance institutions, from governments institutions. And it is really a growing trend I think at the moment. It's been a very surprising number of conversations in that area over the last few days and in some areas where, you know, some types of organizations from sectors where I wouldn't have expected it. Thanks. So is your question quite quick?
Sorry, did you have a question? Yes. Yeah. Is it quick because Yes. Okay. Far away Speaker 11 00:37:21 Rate about your deployment of Vasquez, you shared two numbers. One was the 10% adoption on Vasque so far and the other one was 70% success on password authentication. Yep. We'd like to know if compared to complement that, if you would have a number, a success rate on authentication on paque and if you have an idea of why the take of PAs in your case is, is made.
Okay, that's quite a long question for a quick question, Speaker 11 00:37:50 Quick Answer. Yeah. So we see about, I think upper nineties, 97% or so a success rate on PA keys, which is a lot better than 70 obviously. And we also see the, the time to complete this authentication is reduced in half. So in instead of six seconds, we see that in about three seconds. Another big benefit.
Okay, well there'll be, have plenty of time if you, you all the panelists will still be here, so if you want grab 'em and have a more in depth conversation, that'd be great. But we have run out time so I wanna thank an excellent panel.