Goodbye to passwords forever?

Passwords seem to be coming to an end; the cyber world is becoming more advanced every day, evolving towards simpler, more useful and, above all, more secure practices. These new practices present us with the use of “Cyberkeys” or “Passkey”.

In Business Adapter® we try to raise awareness and sensitize readers about the importance of strengthening security measures to ensure the confidentiality, integrity and availability of personal data and information in general. This post assumes that commitment and joins it to the latest information on security and data protection.

What is a passkey and how does it work?

It is a password that requires fewer requirements than a traditional password, and in turn, uses biometric data. This makes the password more secure and difficult for cybercriminals to crack or access, as it has a double authentication system, using two types of cryptographic keys:

A public one, which is hosted on the site’s server
A private one, which stays hosted on the device, and is not saved on the server.

In this way, the private key shields the password against possible cybercriminals, and therefore hinders bad practices such as phsihing, phishing, account theft, etc.

If biometric data are used, this double authentication can be carried out in several ways:

Facial recognition
Fingerprint recognition
Iris recognition
Voice recognition

Let’s remember that biometric data are considered special category data according to the European Data Protection Regulation(GDPR) and these treatments must comply with the requirements of this regulation.

Benefits of the CyberKey or Passkey

There are two main benefits of using this new password system:

Simplicity and manageability:

We will no longer have to remember thousands of passwords to use the different applications, pages, e-mails, etc., so that with the cyberkey or passkey we will only use one key to access everything we are interested in.

Safety:

The cyber key or passkey being an encrypted code that is hosted on the server we visit, as well as on the device we are using, so that only the public password, that is, the one hosted on the server we visit, could be known by cybercriminals, but not the private one, which is the one on our device, making browsing and the use of our data during the same safer. In other words, it would be difficult to track our password and steal it.

Companies promoting the Cyberkey or Passkey

In 2013, Fast Identity Online(FIDO) was created with the aim of reducing the use of passwords on computers and mobile devices, with major companies such as Microsoft, Facebook, Apple, Amazon, Mastercard, American Express, VISA, PayPal joining the cause.

Nowadays the latest FIDO Protocol is FIDO2, which consists of a more advanced protection as it has a web authentication and a protocol that allows users to log in without using any password, but with a security key or also their cell phone, through which they communicate their keys via Bluetooth or USB to a nearby device of another user, facilitating the authentication process when browsing.

The web authentication process is called WebAuthn and if the mobile device is used it is called CTAP.

Business Adapter® at your service

If you have doubts about how to use the cyber key or passkey, we will advise you on how you can improve the cybersecurity of your company. Contact us by email: info@businessadapter.es, you can also call 96 131 88 04, or leave your message in this form:

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[/su_button]