Vlog: FIDO and the Future of Passwordless

In this vlog, our Chief Strategy Officer and Co-Founder, Mike Engle, joins our Chief Marketing Officer, Michael Cichon, to discuss FIDO’s May 5th announcement and what it means for the future of passwordless authentication.

All right. Hello, everybody, again. This is Michael Cichon, the Chief Marking Officer here at 1Kosmos. I’m here again with Mike Engel, our co-founder and Chief Strategy Officer. Mike, welcome to the vlog.

Thanks for having me again.

Awesome. Well, today we’re going to talk about FIDO. FIDO has been in the news. The Fast Identity Online Alliance has released some new capabilities or a new spec, if you will. Can you talk a little bit about what that news consisted of?

Yeah. I think taking just a 10 second step backwards, FIDO, Fast Identity Online was formed in 2013 by a bunch of tech companies that came together with the goal of setting up standards on how you could get rid of passwords over time. So today, there’s over 200 tech and other service providers that are members. The big announcement that came back on May 5th, I think it’s International Passwordless Day or Password Day or something, was that it’s going to be much easier for you to use your passwordless authenticator across different devices. Because one of the challenges with FIDO has been you can enroll and register it right here on this device or whatever device, but then when you go to a new device, you have to do that again. So this is big news because it’s going to open up the door a bit for this to be used in a big way.

Yeah. Can you get that? Okay. So I guess, support across devices. So what does this mean for passwordless access? Is passwordless going to follow this? Or what are the implications for passwordless access?

Well, FIDO is the passwordless standard. So what this means is the major tech providers, Google, Microsoft, and Apple are the ones that made the announcement, are going to build it into their systems to let your FIDO process be a little more open and transferable across your devices. And so the example they give is you could log in to a Chrome browser on a Mac machine and log in to an Apple website, or all these different interoperability examples they give now. And so the experience will be soon, hopefully, you come to a website, it says, “Would you like to go passwordless?” You say yes. And then you get to do that over and over again. And I’m seeing more and more websites that are doing this in practice. So it’s starting to get real.

Okay. All right. Well, I know 1Kosmos is certified to the FIDO2 standard. What does this mean? Does 1Kosmos then support this new capability?

We do, yeah. So out of the box, you can basically drop our technology in there and have any website or service or operating system go passwordless in minutes, really.

Nice.

So that’s one of the big challenges is people don’t know how to embrace it. So they hear about it, but they don’t know how to go about getting started.

Right, right. So I would imagine one day, we’re going to look back and wonder how we ever got by without this type of capability. But I just mentioned that 1Kosmos is certified, what does that mean? What are the benefits of being certified to the FIDO2 standard? Not just compliant, but certified.

That’s right. Yeah. So the FIDO Alliance will certify products to make sure that they adhere to the FIDO specifications. So anybody can go to the fidoalliance.org and read all this and see who’s certified and who’s not. So by being certified, it enables organizations to ensure that they have something that’s interoperable because you don’t want to pick some siloed technology that is only you get beholden to the vendor at that point. So interoperability is key. So you want to pick somebody who has a FIDO2 certified server is the main standard that you want to follow these days.

Gotcha. Okay. So what, if anything, does 1Kosmos then provide over and above what FIDO2 dictates or enables?

Yeah. Well, the problem of your authentication being able to be used anywhere, even on the first touch, right? So as I mentioned, one of the challenges in years past has been I can enroll it here, but if I go to my second computer somewhere, it’s not set up there. I have to go set it up there. That usually needs a username and password again, right? So you fall back to that lowest common denominator. Since day one, we’ve allowed you to have your authenticator be used anywhere. And we call it FIDO Plus. That’s not an official standard. I don’t want to get in trouble. But we make it really easy to use it on 150 different target systems. And the user experience then is the same across all of them. So if I walk up to a new Windows workstation, or Mac, or come to a different website, I can use it out of the box on day one and I’ll know exactly how to do that every time.

Okay. All right. So then, I guess, what’s the secret ingredient in getting passwordless activated on more websites?

Well, there’s two different types of deployments typically. There’s when you do it for your employees within an organization, you can tell them what to do. You give them something that’s awesome, they’ll use it and make it part of the standard operating procedure. But with consumer or citizen-facing services, you have to lead them to water. You have to show them that it’s awesome, prompt them to engage with it until everybody thinks it’s as easy to do and knows it’s as easy to do as looking at your phone and unlocking it. What we have is something we call the developer experience, developer.1kosmos.com. With the press of a button, you can see exactly how to do it, how your developers would download and install the code. And within minutes, they can actually try it right on the website. So making it easy for the developers to solve their problems is what we’ve been focusing on and we’ve had great success with that.

Got it. Got it. So once again, I mean, it sounds to me as if 1Kosmos got on the FIDO track early, has stayed on the FIDO track, and now we’re, I guess, somewhat reaping the benefits of that as these new capabilities to that standard evolve.

That’s right. Exactly. And one of the exciting developments will be the marrying of strong identity with that strong passwordless authentication. So the FIDO is working in that direction. Of course, we’ve been doing that since day one as well, where your real identity is linked to that passwordless experience. So you get a two for the price of one there, right?

That’s great. All right. Well, me not being a FIDO expert, I feel like I’ve covered all the points. Have we left anything critical out?

No, no. I think we’ve done it. So I encourage everybody to come over to developer.1kosmos.com and check it out and see how easy it can really be.

That’s great. Yeah. We put it right in the menu, right at the top for developers. All right, Michael. Thank you very much. I appreciate your time today. You have a good rest of your day.

Thank you. Take care.

FIDO2 Authentication with 1Kosmos

Read More