Why use Web Authentication?
- Web Authentication is an open, standards-based technology - meaning it is not owned or controlled by any one company. It is instead implemented by many different parties, based on the core open specification. This includes implementation by companies and organisations such as Apple (iOS and Safari), Google (Android and Chrome) and Mozilla (Firefox).
- The user's device acts as an authenticator that generates a public key from a range of supported encryption algorithms. This is much more secure than a traditional password. Additionally, unlike a password, the private key never leaves the user's device, meaning the website does not store the credential required to authenticate an account. This means if a database was exposed, attackers would not be able to use the credentials in the database to gain unauthorised access. This means the technology is phishing-resistant.
Speed & simplicity
- Users can authenticate in a fraction of the time compared with current password login.
- Users are saved the hassle of constantly having to remember and type complex passwords.
- Web Authentication has been tested and confirmed working in consumer devices including biometrics in Android devices, Touch ID and Face ID on iOS. This means the vast majority of your users now have access to this technology.
- Mobile use is growing every day meaning the use of this will grow over time.