October 20, 2017
October 16, 2017
Biometrics provide an alternative to static passwords and provide a more secure way of authenticating users.
ThreatMetrix FIDO authentication uses different biometric modalities to enable authentication without passwords. This gives users the freedom to choose their preferred method of biometric authentication (iris, voice, facial recognition, fingerprint, etc.)
ThreatMetrix FIDO authentication occurs in two steps. During registration, the user’s mobile device creates a new public/private key pair with the user’s biometric choice. The user’s mobile device retains the private key for authentication while the public key is sent to the corresponding server for the online service.
During authentication, the server replies with a challenge string to the user’s device. The device prompts the user for their biometric to find the matching corresponding key. The user’s device provides the challenge string to the server as an authentication response. The server validates the string using the user’s public key to authenticate the user.