Passwordless multi-factor authentication (MFA) provider Beyond Identity announced the general availability of Secure Customers, a new solution that enables any company to eliminate the threat of customer account takeovers and accelerate new account conversions with the fastest cross-platform passwordless MFA available.
Since Beyond Identity’s founding, the company has expanded from securing workforces to enabling DevOps teams to eliminate supply chain risks.
Secure Customers also provides software development kits (SDKs) that enable companies to embed Beyond Identity’s zero-friction passwordless authentication capabilities across both native and web applications leveraging the same proven technology and cloud-native platform as Beyond Identity’s other products.
Need for authentication
Today, more than 60% of data breaches are caused by stolen credentials, and 2020 saw an incredible 292% jump in account takeover fraud. While businesses can mandate additional security controls for employees such as unified endpoint management (UEM) and MFA, mandates for customers are problematic since UEM is impractical and customers are highly sensitive to friction.
Authentication is the front door to the products and services impacting 100% of acquired customers
Authentication is the front door to the products and services impacting 100% of acquired customers, but research found that 86% of visitors fail to complete registration because it's too taxing, and 50% will drop off after a single bad experience.
Against the current competitive environment where 86% of companies are relying on customer experience as their main differentiator, the stakes for getting authentication right are higher than ever. Making matters worse, criminals have found multiple ways to circumvent technologies like MFA.
Getting rid of passwords
“As long as passwords continue to exist -- no matter how they are hidden or secured -- criminals have an open door into applications, customer accounts, and databases,” said TJ Jermoluk, Co-Founder and CEO of Beyond Identity.
“The only way to fully protect customers from account takeover attacks is to eradicate the password from both the user experience and application database. Customer relationships are built on trust, so being able to offer customers this unprecedented level of security and ease of use will drive long-term loyalty.”
Cross-platform passwordless authentication
Businesses offer consumers a frictionless authentication experience without passwords
Continuing the momentum of Beyond Identity’s successful passwordless MFA for securing the workforce, Secure Customers is about protecting the lifeblood of business customers.
The solution is a cross-platform passwordless authentication product that allows a business to offer consumers a frictionless authentication experience without passwords, second devices, or separate application downloads for native mobile and web applications.
Frictionless authentication solution
The solution leverages the same secure approach that powers all of Beyond Identity’s solutions -- public/private key cryptography and X.509 certificates with no certificate management. Private keys are securely stored in the TPM or secure enclave on the customer’s mobile device or PC. This creates a unique, tamper-proof credential and a cryptographically verifiable identity that is bound to a device and cannot be moved or copied.
For a business, it eliminates the need for passwords, assuring consumers the highest level of security and privacy. The unique benefits of Secure Customers include:
- Zero-friction passwordless MFA compliant with PSD2 Strong Customer Authentication (SCA) standards using two strong factors -- something one is and something one owns -- without requiring one-time passcodes, push notifications, magic links, or second devices on any application.
- Eliminates account takeover fraud as passwords are completely deprecated from use and storage.
- The ability to capture real-time user and device risk signals from the exact authenticating device to enable adaptive, risk-based authentication.
- Tamper-proof credentials that customers own and control are backed by private keys that can never leave the local devices TPM.
- A collection of SDKs in popular development languages, SSO integrations, robust documentation, and code samples to simplify integration and accelerate time-to-market.
- Cross-platform support with native and web applications, and credential migration support between applications.
Standards-based passwordless authentication powered by a cloud-native platform to support elastic scalability and flexible extensibility with existing application tooling.