A very warm hello!
Did you know? BioShare is now also available with FIDO2 standard for MFA.
Passwordless authentication with biometrics and maximum encryption and securing of biometric features also in the World Wide Web – this is the combination of FIDO2 and BioShare. Multifactor authentication has never been more secure!
Biometric authentication is extremely secure – no question about it. More secure than logging in with a password – and a biometric feature such as the fingerprint cannot be forgotten or misplaced. That is why: BioShare, the biometrics management suite and the digital identity management tool of TWINSOFT Biometrics, which can be configured for almost any conceivable application, also a secure and user-friendly way to take authentications in your own company and over the entire Internet to the next level.
All the advantages of biometrics and another security upgrade
However, reservations about the transfer of your own biometric features, no matter how well encrypted they are, are understandable. Moreover, more secure than simple biometric authentication is of course authentication that combines biometrics with other factors (MFA). And such multifactor authentication will be maximally secure with the FIDO2 standard – and that is exactly what is now also possible with BioShare possible.
FIDO2 is for Fast IDEntity Online 2 and is an open standard for simple, secure and Passwordless Multi-factor authentication based on public key cryptography, where the private key is bound to hardware and second factors such as biometric features, PIN or gestures are used.
Man-in-the-middle attacks are prevented.
FIDO2 protects particularly well against "man-in-the-middle" attacks, in which an attacker fakes the identity of one of the parties in the communication between two parties (i.e. between the one who wants to authenticate and the service that verifies authentication) in order to access data. With the FIDO2 standard, this is no longer possible.
In simple terms, a unique digital key pair consisting of private and public keys is generated for each registered person. The private key remains on the sensor, for example the smartphone. The public key is sent to the service where the person wants to authenticate.
No transmission of sensitive data
An application example would be: Person X confirmed on the BioShare-Sensor, for example your own smartphone, with your fingerprint your identity. The fingerprint releases the private key stored on the device and the response is thus encrypted. Fingerprint and private key always remain on the device. The identity is then confirmed via the public key – the answer can only be confirmed with the corresponding matching key stored at exactly this service. The two individual keys, each stored in different locations, which can only confirm each other, and the hardly falsifiable biometric feature, which is transmitted nowhere, ensure that no attacker can somehow seize during the communication of the data to fake a false identity.
The good news: For all these types of cyberattacks, there are effective ways to protect yourself against them. You just have to know how.
We at TWINSOFT help you and your company with this and find the right solution for your individual requirements.
Warm greetings
Your TWINSOFT
