Web Authentication

Consumers are demanding seamless interaction with businesses online, whether they're using a mobile, tablet or desktop computer. They don’t want to use different credentials or login processes depending on the device they're using, but many computers lack the sensors for biometric authentication. Daon's pioneering work in the mobile channel offers an elegant solution for web authentication via a browser, enabling robust authentication in out-of-band (OOB) scenarios.

Daon and out-of-band authentication

An OOB scenario occurs where a user initiates a web-based transaction on one device, like a laptop or desktop, but authenticates via mobile. This method leverages the on-board biometrics of the mobile device and adds a further layer of security: users don't need to enter any personally identifiable information, and would-be attackers would need to gain simultaneous control of mobile and web traffic.

Daon's work in this area is helping fuel rapid growth of OOB authentication, which Gartner says will see significant adoption at enterprise level by 2020. Learn more about Daon and out-of-band authentication.


“Out-of-Band" Transactions Use Website and Mobile Apps Together

“50% of enterprises using mobile authentication will by 2020 adopt OOB [Out-of-Band] mobile push as a mainstay of authentication.” - Gartner

FIDO 2 and W3C Web Authentication

FIDO 2 is the set of specifications for next generation authentication from the FIDO Alliance.

Beyond mobile authentication, Daon offers authentication capabilities for the web channel to support PC based authentication or authentication on mobile devices without the requirement for installing native applications.

The Web Authentication APIs developed by the FIDO Alliance in conjunction with the World Wide Web Consortium (W3C) are fully supported by IdentityX. This brings secure authentication to internet browsers and has been implemented by Google, Microsoft and Mozilla. IdentityX implements the W3C Web Authentication specification to support FIDO2 authenticators, security keys and FIDO U2F tokens.

Daon also offers JavaScript libraries that can be leveraged by our customers to perform an additional passive authentication of an end-user based on the way that he or she types a phrase in a web browser. Daon’s Keystroke Dynamics algorithm is used in conjunction with existing authentication methods (such as username and password) and provides a probabilistic score that can be used as an additional factor of authentication or can be used to determine if an additional step-up authentication is required.

What’s Next in Web Authentication

In addition to our work on out-of-band authentication, Daon researchers are also leading efforts to deliver multi-factor, standards-based, in-band authentication. Users will be able to securely authenticate from a browser using certified factors (called authenticators), using key fobs and, eventually, biometrics. Would you like to know more about how your organization can benefit from Daon's work in these cutting-edge authentication disciplines? Get in touch with us today.