Trimble Identity and Passwordless Authentication
Trimble Identity (TID) is the centralized authentication service that provides single sign-on capability and handles the responsibility of authenticating the identity of the users across multiple products and APIs. Introducing passwordless authentication in Trimble Identity, offers the following benefits:
Streamlined Field User Experience
Field users often work in environments and devices with small form factors where the traditional password-based authentication is less than ideal:
- A Truck Driver trying to get to the next delivery location
- A Construction user with gloves using a field device to login to a Trimble app
It is crucial to provide a secure yet seamless authentication process. Passwordless authentication offers the following key advantages:
Accessibility and Efficiency
Passwordless authentication using security keys or biometrics enable quick and easy authentication, allowing field users to access Trimble’s applications promptly without recalling complex passwords.
Easy Device Handoff
Passwordless authentication using a mobile phone or security key allows field workers to securely access Trimble’s applications across multiple devices, ensuring easy continuity. This becomes important where the devices are shared across multiple users in the field.
Enhanced Security
Passwordless authentication offers security benefits that reduce the risks associated with passwords, such as password reuse across multiple accounts, phishing and credential stuffing using automated tools.
No Shared Secrets
Traditional authentication relies on shared secrets (passwords) stored on servers, making them susceptible to breaches and insider threats. Passwordless authentication does not require the storage of any shared secrets, significantly reducing the risk of data exposure.
Understanding Passwordless Authentication
Passwordless authentication represents a paradigm shift in verifying user identity without relying on traditional passwords. Instead of requiring users to remember and enter passwords, passwordless methods leverage other secure factors that include:
Biometric Authentication
Biometric authentication methods, such as fingerprint or facial recognition, verify users based on unique physical attributes. These are difficult to replicate, offering a secure and user-friendly way to authenticate. Users can leverage the biometric capabilities in modern smartphones and use it as a trusted device to authenticate and access a wide range of devices and applications securely.
Security Keys
Security keys are physical devices that users can plug into their mobile devices to prove their identity. Security keys can also be enabled with Near Field Communication (NFC) and can communicate wirelessly with other devices making the authentication process even more convenient.
One of the key technologies enabling Passwordless Authentication is WebAuthn (Web Authentication) which is an open standard developed by the World Wide Web Consortium (W3C) and supported by the FIDO (Fast Identity Online) Alliance. It has garnered widespread support from major technology leaders, including Microsoft, Google, AWS and Apple. This strong support underscores the credibility and potential of this open standard.