Biometric Authentication Platform Eliminates Need for Passwords

DZone 's Guide to

Biometric Authentication Platform Eliminates Need for Passwords

New platform is awarded the FIDO Alliance certification for its authentication server and mobile SDKs, that helps developers put biometric authentication in their apps.

· Security Zone ·
Free Resource

Great speaking with Vijay Pullur, Co-founder and President of Pramati Technologies and Aman Khanna, Co-founder and VP Products at ThumbSignIn announcing the availability of ThumbSignIn™ biometric authentication SaaS platform for mobile and web applications, and certification of by the FIDO Alliance. The platform enables enterprises and service providers to deploy authentication solutions that reduce reliance on passwords and protect against phishing, man-in-the-middle and replay attacks using stolen passwords. ThumbSignIn benefits organizations by enabling users to sign in to websites, web applications from desktop web browsers, and mobile apps biometrically, without a password.

Biometric authentication is much simpler to use than password-based authentication and is an order of magnitude more secure. By design, ThumbSignIn uses public key cryptography to securely transfer authentication information over the internet. Also, unlike password-based systems, the authentication takes place entirely on users’ mobile devices, and the biometric information is never transmitted to, or stored on, the server. This approach puts users in control of their credentials and greatly reduces the liability of enterprises because hackers have little incentive to hack into servers to steal username/password information. 

ThumbSignIn’s FIDO certification attests to a high degree of technical robustness, conformance to the FIDO industry standards, and interoperability with other FIDO Certified products in the market. FIDO certification for ThumbSignIn extends across the company’s server and client products, ensures customers are deploying a highly secure solution, and provides assurance of seamless interoperability with other FIDO Certified products across industries. 

ThumbSignIn is also available as a cloud-based service that enables developers to integrate the capabilities of ThumbSignIn into their websites in a matter of minutes. The server was built in GoLang, a systems development language created by Google that enables software developers to efficiently harness the full power of modern multi-core machines and construct high-performance system software.

Pramati has also created SDKs for the IoS and Android platforms, allowing developers to integrate strong biometrics-based authentication capabilities into their mobile applications or take advantage of the free ThumbSignIn app available at the Android and Apple app stores. 

“FIDO certification is rapidly becoming a linchpin to the adoption of mobile products and devices,” said Vijay. “The number of FIDO Certified products grew by 200 percent in 2016 alone, and that growth rate is expected to accelerate as alliance members pursue certification for laptops, payment cards, and other devices. For customers, that’s good news as they are assured of an unprecedented level of mobile security and interoperability. We believe that FIDO certification will be an overwhelming incentive for customers in their product adoption.”

The FIDO Alliance, which counts Google, Microsoft, Verizon, RSA, Bank of America, American Express, Visa, MasterCard, and others as members, created the certification program for organizations to measure compliance and ensure interoperability among products and services that support FIDO specifications. The alliance aims to enable an interoperable ecosystem of hardware-, mobile- and biometrics-based authenticators that can be used with many apps and websites. 

In keeping with Pramati’s commitment to democratizing access to password-less mobile authentication technologies, the ThumbSignIn SaaS platform and mobile SDKs are offered as a free service for all developers. For enterprises that require on-premises or private cloud deployment of the product suite, custom integration services and dedicated support, a paid version of ThumbSignIn is also available.

biometric authentication, security, sso

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}