Thales has announced the launch of its first Fast IDentity Online 2.0 (FIDO2) and Microsoft Azure AD tested authentication devices, offering passwordless access for cloud apps, network domains and all Azure AD-connected apps and services. This integration will enable organizations to move to the cloud securely and apply secure access across hybrid environments via an integrated access management and authentication offering.

Set up in 2013, the FIDO Alliance is an open industry association aimed at developing authentication standards to help reduce the world’s over-reliance on passwords. Passwordless authentication replaces passwords with other methods of identity improving the levels of assurance and convenience. This type of authentication has gained traction because of its considerable benefits in easing the login experience for users and surmounting the inherent vulnerabilities of text-based passwords. These advantages include less friction, a higher level of security that’s offered for each app and the elimination of the legacy password.

“FIDO is increasingly being perceived as a viable passwordless authentication method in the enterprise, especially as Windows 10 and Azure AD adoption rises,” said Francois Lasnier, Vice President for Access Management solutions at Thales. “However, many organizations are heavily invested in PKI, and other authentication schemes which have already delivered on the passwordless value proposition for legacy on-premises apps. This collaboration with Microsoft offers organizations a simple and smooth way to support secure cloud access with a broad range of access management solutions including passwordless FIDO-based authentication.”

No need to rip and replace

Thales’s new offering allows security conscious customers to deploy combined FIDO/PKI devices, and maintain compliance with the most stringent security certifications. Organizations who currently use PKI smart cards for Windows Logon and remote access can now use Thales’s combined PKI – FIDO security keys to support this and all their enterprise use cases, including:

  • Converged Badge solution with FIDO: Enterprises using access badges will be able to use FIDO2 and integrate a converged badge solution for physical and logical access
  • Tokens can be used in any environment: They support contactless communication allowing strong authentication on mobile devices across any operating system

One of the biggest benefits of the offering is organizations who use PKI and OTP tokens can expand their authentication schemes without having to rip and replace their existing infrastructure. This means that organizations that rely on PKI authentication can now use a combined PKI-FIDO smart card to facilitate their cloud and digital transformation initiatives by providing their users with a single authentication device for securing access to legacy apps, network domains and cloud services.

“Passwords alone are no longer an effective security mechanism. It’s clear we need to provide our customers with authentication options that are secure and easy to use. This is where passwordless authentication comes in,” said Sue Bohn, Partner Director of Program Management, Microsoft Identity Division, Microsoft Corp. “We are pleased to see companies like Thales support our password-less journey by integrating their solutions with Microsoft Azure Active Directory, Microsoft Account (Outlook, Hotmail), and Windows 10.”

About the Author Steve Atkins

As well as the head of the Krowne Communications GmbH, Steve Atkins is also the Program Director for the Silicon Trust and editor of the program's VAULT magazine – covering secure ICs, cyber security, contactless, NFC, mobile, blockchain and cloud-based technologies. He is currently based in Berlin, Germany.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: