What are FIDO2 passkeys?
FIDO2 passkeys are cryptographic key pairs typically stored on a device that authenticate the user for various applications and services. A public key is stored on the application server and a private key is stored on the user’s device. When a user tries to log in to an application, Passkeys use Bluetooth® to communicate between the user’s phone (FIDO authenticator) and the device from which the user is trying to authenticate.
Enable Secure Passwordless Access
Generate unique key pairs for each application and eliminate the reuse of credentials that can cause password fatigue-based attacks.
Communicate with your users’ smartphones over Bluetooth when signing challenges with private keys.
Use Entrust Identity as a Service to simplify the support of passkeys within your application.
How do FIDO2 passkeys work?
When a user tries to log in to an application, passkeys use Bluetooth to communicate between the user’s registered device (FIDO authenticator) and the device upon which the user is logging into the application. The application issues a security challenge to the user’s registered device via Bluetooth. The user is then prompted to authenticate themselves using biometrics to accept the sign-in request challenge, which is signed with the private key on the user’s registered device and sent back to the application to be verified with the corresponding public key, after which the user is signed in if successful.
Enhance Security and the User Experience
With FIDO2 passkeys (which are based on FIDO authentication), proximity to the device upon which the application or service is being accessed is always necessary. This helps reduce risk against the most common attacks and enables a familiar user experience that is consistent across all platforms and devices.
What the experts are saying...
Entrust Identity Tops the 2022 SPARK Matrix™
Quadrant Knowledge Solutions has placed Entrust in the top-right corner of their 2022 SPARK Matrix™ for user authentication. This extensive research study of 31 vendors rated criteria for technology excellence and customer impact and provides a visual representation of strategic performance of their performance. Find out why Entrust was placed in the top-right quadrant of the 2022 SPARK Matrix™, and where other vendors are placed in comparison.
KuppingerCole Overall Leader
KuppingerCole has selected Entrust as an Overall Leader for Enterprise Authentication, as well as a leader in Product, Innovation, and Market Vision. Some of the reasons cited include remote identity proofing and employee onboarding with biometrics and liveness detection, high assurance credential issuance, and an excellent admin interface. See why Entrust received perfect marks in security, usability, and deployment. We also won an award in 2019.
Forrester Opportunity Snap Shot
In March 2018, Entrust commissioned Forrester to conduct a study exploring approaches and challenges of user authentication and access management. The study surveyed 100 IT and IT security executives in North America who are responsible for authentication andidentity access strategy and technology and/or security at their organization.
Frost & Sullivan Technology Leadership Award
The company’s successful implementation of adaptive authentication procedures and appeal to the Zero Trust Security model impresses Frost & Sullivan’s analyst team and demonstrates its commitment to technological innovation in the identity industry.