As cyberattacks become more sophisticated and demand for seamless user experiences grows, developers and technology leaders must evaluate whether the traditional password approach is going to fit in a modern digital era.
Offering your customers single-step passwordless multi-factor authentication (MFA) can reduce the risk of credential theft.
Haventec Authenticate, a winner of cybersecurity awards at the Australian Technologies Competition and InnovationAus, enables you to:
- Decentralize identity
- Remove passwords from your environment
- Leverage advanced cryptography to validate users
- Seamlessly onboard existing users to single-step passwordless MFA
For application owners and developers, this eliminates unsecured usernames and passwords and the need to store them. The platform makes it easy to transition existing users to an improved authentication experience without disruption while empowering them with a seamless and consistent digital experience across all devices.
How Haventec Authenticate Works
Haventec Authenticate provides a genuinely passwordless technology that eliminates passwords and shared secrets. This significantly reduces risk while providing customers with a seamless and secure passwordless MFA experience. All they need is a simple PIN or Biometric factor to authenticate.
A PIN is a secret between a user and their device, so an application does not need to hold or protect it. In fact, the PIN is not stored anywhere and is known only to the user.
Haventec Authenticate breaks access to the user's identity into multiple parts, separated into multiple locations. Two sets of keys (public and private) are changed and re-encrypted for every Haventec Authenticate transaction, and the architecture is quantum computer resistant.
The best part is that the user never sees any of this – all they know is that they were able to access the application securely in a split second.
Customers with an application registered with Auth0 can utilize Haventec as their identity provider by leveraging the OpenID Connect standard. Start by setting up your application in Haventec to receive a unique identifier that allows you to create, enable and test your enterprise connection in Auth0 with Haventec Authenticate as the IDP. Please see the installation documentation for step by step guidance.
See a demo video for an overview of Haventec's technology.
A Phased Approach to Achieving Passwordless Authentication
Your journey towards passwordless authentication will largely depend on your product's maturity and development lifecycle.
Developers of a greenfield application can easily forgo the decades-long paradigm of UserIDs and passwords. Considerations at this stage will revolve around the features, benefits, and scalability of a passwordless solution. In particular, how it can improve customer experience and lifetime value.
For mature applications, developers looking to leverage the security and experience benefits of passwordless authentication should consider a phased approach that minimizes customer disruption. After all, your customers may have been conditioned to authenticate with UserIDs and passwords and see this method as familiar and secure.
Haventec Authenticate supports a phased approach to passwordless authentication by enabling you to offer your customers:
Traditional username and password authentication but with MFA silently enabled to reduce risk.
MFA is now a common practice to mitigate against identity theft, phishing attacks, account takeovers, and other digital threats. However, the effort and support required to educate and onboard users are one of the reasons MFA remains optional in many consumer applications. Haventec is solving this challenge through the introduction of Silent MFA.
Product leaders can activate 'silent' (invisible to the end-user) MFA for their customers without disruption. Customers do not need to install authentication apps, switch devices or apps for another authentication factor, or worry about physical tokens. MFA becomes a single-step experience offering strong customer authentication and peace of mind.
Elimination of UserIDs and passwords
Organizations looking to further reduce risk, simplify the user experience, and differentiate their product, can leverage Haventec Authenticate's passwordless technology by integrating it with their Auth0 subscription.
Customers will have the option to use a PIN or Biometric to replace username/password combinations and enjoy a genuinely passwordless MFA experience that is consistent across devices.
There's Never Been a Better Time to Go Passwordless
With its optimized user experience and easy integration with your existing Auth0 infrastructure, Haventec Authenticate enables you to make an effortless and customer-centric shift to passwordless for a consistent and secure access experience every time.
To learn more, check out our integration at marketplace.auth0.com