![]() ![]() These biometric methods are nothing more than digital facades on top of a password, so the underlying password is still there. ![]() If we're implementing more and more passwordless authentication, why is the burden on the help desk actually going up? The reality is, most of these passwordless authentication methods are actually not passwordless at all. The help desk is still dealing with password resets, and the support costs associated with passwords are actually going up instead of down. Despite these new passwordless authenticators, we still haven't managed to get rid of the password. Our focus is an identity ecosystem that surrounds the end user and their authenticator where passwords still exist. But there are plenty of passwordless authenticators out there right now - most people have them in their hands now with Face ID and Touch ID, but that's only part of the solution. How does this partnership with Yubico fit into RSA's overall strategy ?ĭucharme: Obviously things like a Yubico device is just another form of a passwordless authenticator. We wanted to make sure we were providing a platform that can allow users that flexibility of choice, but as the same time, allow our customers and the identity teams to have a single structure to support those different use cases and allow that transformation to happen over time, whether it be from hardware devices, hardware tokens, to mobile authenticators to desktop authenticators to new biometrics, et cetera. A lot of users don't want to use their mobile phone for corporate authentication, but that's slowly increasing. Now what we offer is more choice in how users authenticate themselves, allowing them to transform as maybe they get more comfortable with adopting mobile authentication. ![]() It's only natural for us to bring these two strong brands together to give customers what they need sort of all-in-one box, virtually if you will. This customer sent me on this sort of tour of asking my customers what they thought about these use cases and I was amazed at how many customers were already looking at this solution yet finding themselves having to purchase Yubico keys from Yubico and purchase RSA from us for the FIDO backend. We wanted to figure out how we can help the enterprise with their employee use cases, leveraging FIDO and these standards, coupled with these other use cases like call centers or areas where there is a particular device that a user needs to use and they need to prove they are who they say they are. And RSA was the founding member of the FIDO subcommittee on enterprise application, but largely the uptick has been on the consumer identity side of it. Particularly hardware-based ones like a Yubico security key. FIDO-compliant devices were looked at as something that customers wanted to deploy. Mobile authentication is certainly a new modern method that is convenient, given that everybody is walking around with a mobile phone, but there are a number of use cases, like call centers, remote workers and even folks who, believe it or not, don't have a smartphone, that they still need to care for and make sure that they are who they say they are.Īt RSA, we've had our SecurID tokens for quite a while now, but there are other use cases that we've found. But they're quickly realizing that they need multiple options to support the various use cases. A few years ago, I think that everybody thought that the world was just going to be taken over by mobile phone authentication and that's all they'd ever need and they'd never need anything else. Jim Ducharme: I was talking to a customer and they mentioned how customers are struggling with the various use cases out there for people to prove to be who they say they are. Tell me how the Yubico partnership came to be. In this Q&A, Jim Ducharme, vice president of identity and fraud and risk intelligence products at RSA, discusses the new Yubico partnership, FIDO as a standard and how close we are to the so-called "death of passwords."Įditor's note: This interview has been edited for length and clarity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |