In this video, Brandon Krieger of Daily Cyber and CEO of LoginID, Simon Law talk about the future of passwords and how FIDO/FIDO2 certified strong customer authentication is a much more secure method of fraud prevention. LoginID’s free to try open SaaS passwordless authentication platform can be integrated with a website or app in just a few lines of code.
Brandon Krieger: We’ve actually taken a poll in the community and the question was, do you think we’ll ever get away from using passwords? 71% said yes, and 21% said no. So you’re leaning towards people thinking that we’re going to get away from it.
Simon Law: So that’s kind of what LoginID is about, we’re trying to move the needle and accelerate that process of moving people away from passwords. It does take a long time to move not only consumer behavior but also companies and websites.
But what makes us special is that we make it super easy to use the FIDO2 Webauthn protocol which is quite difficult to implement. We layer on top of standard web protocols like 0Auth 2.0 and OIDC so that you can easily put it on your website.
It gives an opportunity for developers to start adopting this solution very quickly. Eventually we think that everything will go passwordless. You really don’t want to store your passwords on the server side, you want to use what FIDO2 provides which is the private key storage on your hardware device in the secure enclave. Then on the other side, on the server, it’s just a public key. So even if that gets hacked, nothing happens because it's a public key.
BK: Ok so, next question we have here is what are some of the consumer behavior challenges you are seeing in the market? Adaptability, Usability?
SL: I think more of it is that there is a surprise that this is available. I can share my screen and show you how that user experience is. It’s just that this is such a new protocol that most people don’t anticipate when they click the login button that the fingerprint scanner comes up.I think eventually as more and more applications start adopting it, it becomes the norm.
To give you an example, eBaystarted adopting the FIDO2 Webauthn mid-year last year, so when I logged in to my eBay account I just needed to swipe my fingerprint. Which was very convenient.
So once you start to have big platforms adopt this, you’ll find people will start to get used to it. Just like with mobile phones. When people unlock their phone, they have gotten used to using their face instead of typing a PIN.