Speaking at WebSummit Rio, Matias Woloski and Damian Schenkelman of AuthO / Okta, explain how important Digital Identity innovations, Passkeys and Verifiable Credentials, will usher in the next generation of online applications.
These innovations provide one of the keystone foundations for Digital Transformation, meeting the need of streamlining and speeding customer experiences.
Using e-commerce and other digital business systems can often prove a cumbersome and frustrating process, with identity registration and authentication workflows requiring multiple, repetitive steps that can lead to abandonment of purchases and forever lost customers.
Matias and Damian explain and demonstrate how these frustrations can be tackled through state of the art identity technologies, and how to build customer engagement steps that are minimalist, fast and ultimately pleasurable for customers.
Frictionless Digital Business
To set the scene Damian walks through a hypothetical demo, a use case of purchasing airline tickets, to highlight how the future of Identity will transform digital business processes.
Primarily this demonstrates the use of Passkeys, and how it can streamline the account creation / e-commerce workflows. Critically he explains this is not part of the application functionality but instead exists on the Android phone, as part of the Google Password Manager app, where the user provides a fingerprint authentication.
He then shows how the airline achieves a ‘KYC’ (Know Your Customer) requirement through the phone sharing Verified Credentials, that have been issued by an official government authority. Damian envisages a future of a single digital wallet that stores all of a user’s Passkeys and Verified Credentials.
Passkeys
From 3m:05s Matias moves on to exploring the technology evolution that is making this scenario possible.
He describes the history of passwords and how they have provided an Internet building block but fundamentally aren’t scalable for the modern era. In 2016 a first standard was developed to address this: WebAuthN. However this proved effective only for enterprise environments where a physical key mechanism was required and available, such as a USB key, and wasn’t really suitable for consumers.
So a new iteration was developed by the FIDO Alliance call ‘Passkeys‘, which has been adopted by major vendors such as Google, Apple and Microsoft.
The key feature of this approach, as Damian demonstrated, was that your phone becomes the physical holder of the key. It is stored in online services like iCloud or Google Drive, so that it can be synchronized across all of your devices, such as laptop or iPad.
Passkeys offer a new paradigm for identity security, where they are:
- Phishing resistant.
- Not breachable.
- Segregated per website.
- Privacy-preserving.
Verified Credentials
At 6m:35s Matias then explains the second key technology innovation: Verifiable Credentials.
VCs are cryptographically verifiable user attributes (JSON) that signed with a private key. For example a university can provide an assured record of employment, which they generate and issue and the user then stores in their digital wallet. When it is supplied to an online process, such as the ticketing example, it can be verified.
Again this technology provides foundations for a new level of Internet trust:
- Interoperable.
- Privacy-preserving.
- Secure.
Challenges
From 8m:50s they switch back to Damian who explores the challenges this new paradigm faces going forward.
Fundamentally the core of this is that this is a new innovation, meaning it will take time and effort to work out the wrinkles and encourage large-scale adoption.
Currently Passkeys are ecosystem-specific: Your iPhone passkeys will synch across iCloud services meaning they will be available to relevant devices but not your Microsoft or Google Chrome laptop for example. It’s likely there will be developments that address this and make them universally accessible. The standards for Verifiable Credentials are currently very fast moving and not yet stable.
Similarly as a new technology user apprehension will be another adoption friction, as they are initially intimidated by and reluctant to use new, alien methods. Likewise it is also a new world for developers, who will have to create and modify their digital business systems to integrate into these new ecosystems.
In conclusion the principle of eliminating passwords is an utterly simple one, but the impact it will have across enterprise and e-commerce systems will be profound, ushering in a new era of digital experiences for users as significant as the advent of the Internet itself.
You actually make it seem so easy along with
your presentation but I in finding this topic to be really something that I believe I would by no means understand.
It seems too complex and very broad for me. I am having a look ahead to your
subsequent submit, I will try to get the hold of it! Escape roomy lista
I like this web blog it’s a master piece! Glad I observed this on google..
Oh my goodness! Amazing article dude! Thank you so much, However I am experiencing troubles with your RSS. I don’t know the reason why I cannot join it. Is there anybody getting similar RSS problems? Anyone that knows the solution will you kindly respond? Thanks.
I was able to find good information from your content.
Hi! I just would like to offer you a huge thumbs up for the great information you have got right here on this post. I am coming back to your web site for more soon.
Hello! I could have sworn I’ve visited this website before but after looking at many of the articles I realized it’s new to me. Nonetheless, I’m certainly pleased I came across it and I’ll be book-marking it and checking back often!