WebAuthn
- Date:June 21, 2018
- Author(s):
- Kyle Marchini
- Test
- Report Details: 4 pages, 0 graphics
- Research Topic(s):
- Fraud Management
- Fraud & Security
- PAID CONTENT
Overview
In April 2018, the World Wide Web Consortium (W3C) advanced the Web Authentication (WebAuthn) standard to the Candidate Recommendation stage.
This standard defines an application programming interface (API) that can be incorporated into browsers to facilitate public key cryptography-based authentication on laptop and desktop devices. Developed in conjunction with the FIDO Alliance, WebAuthn is a core component of the FIDO2 Project.
Notably, this API offers organizations a framework that can completely obviate passwords in customer authentication, although a number of factors, including customer expectations and hardware limitations, render it unlikely that any organization will eliminate passwords in the near future. Under WebAuthn, the site authenticating the user is able to directly interface with the authenticator, with passwords never making an appearance in the process.
Learn More About This Report & Javelin
Related content
Identity Verification Demystified: Share More, Secure More
Going too far to protect identity has put the financial services industry at increased risk. Reluctance to share critical signals across disparate platforms and sectors has pigeon-...
TikTok Users Encourage Check Fraud: Banks Must Address The ‘Glitch’
Users of TikTok and other social media platforms have accelerated check fraud by exploiting known gaps in check fraud detection processes. The viral TikTok Chase Bank “glitch” post...
The Pervasiveness of Check Fraud: Banks Are Paying the Price
Among fraud losses, check fraud ranks the highest within several financial institutions. Paper checks—containing an abundance of valuable sensitive information—are prime targets fo...
Make informed decisions in a digital financial world