Microsoft and Transmit Security are partnering to elevate Azure Active Directory B2C platform with passwordless customer authentication. The Transmit Security passwordless authentication service is now available on Microsoft’s Azure Active Directory (AD) B2C Gallery. With a cloud-native passwordless service, companies using Azure can now strengthen security to meet stringent compliance mandates for strong multi-factor authentication (MFA).
“Instead of relying on risky passwords and friction-filled MFA, you can fortify Azure AD B2C by authenticating customers based on their true identities,” says Transmit Security’s Business Development Director Ravit Aviv. “Microsoft recognizes there’s a growing demand for passwordless customer authentication, and companies need stronger MFA to meet today’s compliance standards, like PSD2.”
Given that account takeover fraud has jumped 300% during the pandemic, companies need to take more proactive security measures. When you authenticate customers based on who they are, not what they know, it’s vastly more secure and easier to use.
Discussing the significance of Microsoft’s recent passwordless initiatives in collaboration with Apple and Google, Microsoft’s Corporate Vice President of Identity Program Management Alex Simons stated, “The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier and faster than the passwords and legacy multi-factor authentication methods used today.” This mindset is driving Microsoft to partner with vendors who can extend passwordless authentication across all platforms, devices and applications.
Why replace passwords and basic MFA?
Passwords and standard MFA add unwanted friction to the customer experience, and those layers of security are still vulnerable to threats, like smishing and man-in-the-middle attacks. So let’s consider how this not-so-secure login experience is impacting your customers and ultimately, your revenue.
Throughout a typical day, your customers log into dozens of websites and applications, many of which require MFA. Imagine you are the customer. When you log into an Azure-supported application, the first step includes entering your username and password, provided that you remember them. If you do, you may be presented with options: to receive a text message, phone call or email or use an authenticator app to verify that it’s truly you logging in. When you receive the OTP, which may take a minute to arrive, you type in the sent code, and finally, you’re in. That is, if you entered it correctly; a single typo could force you to start over. After three failed tries, you could be locked out. We’ve all experienced this. As an app owner, you feel the pain of lost business.
PSD2 compliance requires financial services to implement strong MFA
To meet PSD2’s Strong Customer Authentication (SCA), most financial services organizations have opted to use SMS one-time passcodes (OTPs). But they end up with the customer experience we just described. The combination of an OTP (a possession factor) and a password (a knowledge factor) technically meets the need to have two factors. But we cannot assume the customer is in possession of the device receiving the OTP. We also don’t know if that device is secure or if the OTP is intercepted. Hackers are now using OTP interception bots that make it easier than ever to snag passcodes in transit.
How passwordless MFA works differently
Imagine the same login scenario but paired with the Transmit Security passwordless authentication service. Your customers can use a fingerprint or facial biometric to achieve strong MFA in a single step. Voila, they’re in! A biometric plus a matching private-public key pair prove who they are with multiple factors. Most importantly, passwords, your greatest security risk and cause of lost revenue, are gone.
No need for an alternative device, OTP or authenticator app with long waits and stealable, guessable passwords. Since the biometric information remains stored on the user’s device, and the FIDO2-certified solutions use cryptographic key pair, outsiders are unable to penetrate and retrieve any of their information, eliminating fraud, phishing, and credential reuse.
Transmit Security’s partnership with Microsoft gives companies using Azure AD B2C the gold standard customer authentication experience across all devices and channels. With passwordless authentication seamlessly integrated with Azure AD B2C, you’ll minimize friction and maximize security.
For a simple step-by-step guide on how to configure passwordless authentication with Azure Active Directory B2C (Azure AD B2C) visit Microsoft’s Gallery. The Transmit Security passwordless authentication service ensures a smooth sign-in experience for all customers across every device and channel. You’ll prevent fraud and all types of credential theft — from phishing, smishing and credential stuffing to man-in-the-middle attacks. By removing passwords completely, your greatest security risk is gone.