FIDO2 (Passkey) Authentication
Towards a Password-Free World
Passwordless Authentication with
Provides end-to-end, convenient and secure passwordless authentication, from logging in to PC devices and smartphones to accessing cloud services.
No more passwords!
Passwordless Authentication with FIDO2 (Passkey) for a new era of security and convenience
When remote work increases employee access from home or outside the office, the risk of information leakage is extremely high if security measures rely solely on traditional password authentication.
By introducing FIDO2 (passkey) passwordless authentication with CloudGate UNO, you don't have to worry about passwords being stolen or remembering complicated passwords. Authentication can be completed simply by "just looking" or "touching" the biometric device installed in PCs (Windows, Mac) and smart devices (Android, iOS).
What is Passkey Authentication?
Refers to FIDO authentication credentials as an alternative to passwords. It uses an encrypted key pair generated by the device and, unlike passwords, is phishing-resistant, making authentication more convenient and secure.
What is “Passwordless” Authentication?
Passwordless authentication is a type of multi-factor authentication (MFA) that uses biometrics or PINs to log in to cloud services and web services without the use of weak passwords. Today, there are numerous mechanisms that can verify a person’s identity without using a password, but passwordless authentication with FIDO2 provides a more secure and stronger authentication.
FIDO2 (Web Authentication) consists of the W3C Web Authentication Specification (WebAuthn) and the FIDO Alliance’s Cross-Device Association Specification (CTAP), and enables secure login to online services via a web browser using biometric authentication devices. Authentication using FIDO2 enables password-free authentication by using a FIDO2-compliant authentication device in place of a password.
The FIDO2 public key cryptography system does not share credential information (fingerprints and facial recognition) with servers, and identity verification is completed on the device, reducing the risk of phishing, keyloggers, replay attacks, and man-in-the-middle attacks.
No more need to remember complex passwords or manage multiple passwords. or managing multiple passwords, and managing multiple passwords.
Resetting and periodic updates due to forgotten passwords, etc., operational costs associated with the use of passwords and periodic password updates.
End-to-end passwordless authentication in 3 easy steps
Passwordless authentication enables secure and easy sign-on, from logging in to PC terminals and smartphones to accessing cloud services. Even cloud services and in-house systems that do not support passwordless authentication can be signed on with passwordless authentication using CloudGate UNO’s single sign-on function if they support SAML2.0 or form-based authentication. Is possible.
Introduction of FIDO2-compliant authentication devices
FIDO2-compliant authentication is available for Windows, Mac, Android, and other devices we use on a daily basis.
You can choose a built-in or external authenticator according to your application and corporate security policy.
Touch ID・Face ID
Touch ID and Face ID on macOS Big Sur/iOS 14/iPadOS 14 or later MacBooks, iPhones, iPads, etc. can be used as FIDO2-enabled authenticators.
Windows Hello is a FIDO2 authenticator for Windows 10 Version 1903 or later, and FIDO2 authentication can be used with biometrics, PIN, etc.
FIDO2 authentication is available for Android devices running Android 7.0 or later by using the on-board biometric and other authentication functions.
There are various types of security tokens, such as those that connect to USB ports and card types. If these security tokens are connected to a terminal that is not equipped with an authenticator, FIDO2 passwordless authentication using fingerprints, PINs, etc. can be used.
Other Features of CloudGate UNO
Enhanced and versatile authentication methods for system administrator to choose from.
You can manage the conditions (location/device/time) under which login to the service is allowed.
ID federation and authentication federation by Active Directory federation are possible.
Identity and Access Management (IAM)
It allows centralized management of everything from ID management to lifecycle management such as provisioning.