Okta, Inc. announced support for passkeys in early access as a passwordless
authentication method for Okta Customer Identity Cloud, powered by Auth0. With
the flip of a switch, developers and digital teams can quickly add
sophisticated passkey support to their apps, and increase adoption of
phishing-resistant, passwordless authentication. Passkeys are one of several
new capabilities that expand Okta's comprehensive solution for Customer
Identity and Access Management (CIAM), delivering convenience, security, and
privacy for consumer and SaaS applications.
The
ability to authenticate customers online seamlessly and securely is now a
business imperative, not just a technical concern. According to Accenture's 2023 Tech Vision survey, 85% of global executives
view digital Identity as critical, with three in four noting that
authentication issues have negatively impacted their bottom line due to
abandoned transactions, customer frustration, and fraud. While passwords remain
the most common authentication method, passkeys offer a more convenient and
secure alternative. Based on FIDO Alliance and W3C open standards, passkeys provide faster, easier, and more
secure sign-ins to apps and websites, across a user's devices.
"In
the age of AI where we are seeing threats escalate, passwords and legacy forms
of 2FA are as inconvenient as they are defenseless. By switching to
phishing-resistant passkeys, organizations can protect both their customers and
their bottom line," said Andrew Shikiar, executive director and CMO of FIDO
Alliance. "Identity platforms like Okta will play a major role in driving
widespread adoption as they provide a streamlined solution that developers and
product teams can leverage to quickly upgrade consumers' security and user
experience; we applaud Okta's support for passkeys in its Customer Identity
Cloud and encourage its customers to take advantage of this important
capability."
Supported
by major tech platforms, passkeys are both phishing-resistant and easy to use.
But adoption relies on making it easy for developers and digital teams to
integrate passkeys into their consumer apps and websites. By supporting
passkeys with a simple, no-code configuration in Customer Identity Cloud, Okta
empowers any organization to embrace a passwordless future today.
"For
the broader end-user population to fully embrace passkeys, they must truly
become a ubiquitous feature. Achieving this ubiquity hinges on ensuring that
it's seamless for all developers to incorporate passkeys into their
applications," said Vittorio Bertocci, Principal Architect at Okta. "We're
doing our part to achieve widespread adoption by making it easy for developers
to add sophisticated passkey support whether they're updating an existing app,
or building something new."
No Trade-Offs Between Security, Privacy, and User Experience
Okta
today announced several enhancements to its CIAM offering, Customer Identity
Cloud. SlashData's Developer Nation Q1 2023 survey revealed that Auth0 by
Okta, the technology that powers Customer Identity Cloud, is the most used
authentication provider among developers.
"Passkeys
are powerful, but they're also just the tip of the spear. Okta Customer
Identity Cloud supports a variety of use cases across consumer and SaaS applications,
wherever organizations need both better security and user experience," said
Shiven Ramji, President of Customer Identity Cloud at Okta. "Paired with our
powerful extensibility, Okta gives application builders the most complete set
of authentication, authorization, lifecycle and user management, and Identity
security tools, so they can focus more on innovation, and less on Identity."
New
CIAM capabilities include:
- Support for passkeyssimplifies
implementation of passkeys to reduce login friction, while protecting
organizations from credential-based threats. Okta's support for passkeys covers
critical user flows such as sign-up, sign-in, and account recovery, with
seamless passkey management for admins.
- Workflows No-Code Automation
for Customer Identityenables developers and digital teams to improve security posture,
and drive stronger customer experience and retention by personalizing Customer
Identity flows without writing code.
- Phone number as sole
identifiermakes it easier to support more users, in more countries where
phone is an expected form of authentication, such as in Asia-Pacific or Latin
America. An available passwordless option allows users to sign-up with just
their phone number.
- Password recovery
enhancementsallow developers to enhance security and lessen support burdens by
integrating multi-factor authentication (MFA) into their password reset flow,
or give customers the ability to reset using any enrolled factor.
- Custom sign-up promptsenable developers to create
personalized registration journeys directly within the new Universal Login.
Sign-up prompts can be tailored to customer preferences, localization needs,
privacy, consent, and beyond.
Availability
Support
for passkeys is available today in early access, and will be generally
available in Q4 2023. Okta Workflows is generally available for joint customers
of Okta Workforce Identity Cloud and Okta Customer Identity Cloud. Password
recovery options, and custom sign-up prompts will be available in early access
later this month and generally available in early 2024. Phone number as a sole
identifier will be available in early access in November and generally
available in early 2024.