Identity and access management startup Transmit Security announced Thursday the release of what it calls the industry’s first customer authentication service that is completely password-free, BindID, requiring no customer software or dedicated hardware and can be used across any channel or device. Customers can authenticate and access their accounts using the embedded fingerprint or face scanner in their devices, or use their mobile device to securely and easily authenticate to other devices and channels that don’t have an embedded biometric reader, the Israeli company says.
“Is there anyone who hasn’t had a frustrating experience with passwords? Whether it’s trying to create and remember multiple passwords, answering security questions, continual resets or even being locked out of important accounts - passwords are impractical, burdensome and among the weakest links in security,” said Mickey Boodaei, Transmit's CEO and co-founder. “BindID marks the end of the password era. Users can authenticate through their mobile or any biometrics-enabled device without the need for an authentication app. BindID makes authentication simple, unified and much more secure.”
For the first time, organizations can now offer a completely password-free experience to their customers without asking them to download applications or rely on text or email messages. BindID empowers organizations to delete all passwords from their databases, which is a groundbreaking step forward for improving security, reducing risk and complying with global data privacy regulations. By eliminating passwords, organizations also eliminate their biggest security and compliance vulnerabilities, as more than 80% of all data breaches involve passwords, according to Transmit.
The company says that not only are passwords frustrating for users, they are costly for the businesses that rely on them, as negative experiences with identity authentication can diminish customer loyalty and prompt consumers to abandon the process of purchasing goods and services, or setting up an account.
Before BindID, a passwordless experience required customers to either download applications to their mobile device, use dedicated hardware, or apply methods such as SMS one-time pass codes (OTPs) that are no more convenient than passwords. Organizations could not really eliminate passwords even if they offered some kind of a passwordless option such as a mobile authenticator app. Customers would still need their password to register new devices and new applications, Transmit says.
According to the company, unlike those legacy solutions, BindID provides:
-Passwordless authentication - BindID eliminates the hassles of remembering or resetting password-based credentials. Users simply scan their face or fingerprint to authenticate.
-A seamless experience - Whether from the web, mobile devices or even a call center, BindID completes authentication in exactly the same way.
-Any device access - Once a user is established in the BindID network, new biometric devices can be automatically added for quick, easy account access.
-Easy deployment - Open standards and APIs let organizations quickly deploy BindID, usually within a single agile sprint.
Transmit Security, which was founded by cybersecurity entrepreneurs Mickey Boodaei and Rakesh Loonkar, says its customers include six of the seven largest financial institutions in the U.S, two of the largest merchants in the U.S., and many financial organizations, merchants and online service providers in Europe, Asia and Latin America.