By Jeff Scheidel, VP of Sales.
Most often when people speak of cyber-security and user experience, they are referring to consumers. The average joe who banks, buys, entertains, communicates, and educates online is the typically the center of the universe. That’s who makes commerce happen, and much of our commerce is conducted in the ether. So these users must register and be onboarded, then given the ability to securely log into whatever portal or e-tail site they’ve signed up for. They do their business, and they trust (or at least hope) that the site they’re doing that business with is protecting their identities, their data, their cash, their whatever-asset is being managed by that site.
But there’s a whole other population, which largely overlaps with consumers, that also must be locked down: the workforce. Instead of their bank or payment app, they’re logging into their company’s platform. Their email, file server, 401K, corporate messaging, and any other application they need to access in order to do their jobs. And this process needs to be just as secure as the one for consumers.
As a consumer, I want my identity and assets secured. As an employee, I’m required to secure my privileged access to company resources. My stock options are worth a lot less if a bad actor compromises my corporate login and uses my identity to steal our money or our intellectual property.
The user experience is also just as important for both sets of people. Logging in needs to be easy. As a consumer, a difficult or confusing UX means I’ll abandon ship and swipe over to the next online bank or social platform. As an employee, if things are hard to get into and I have to call the help desk, that’s valuable productivity time burning up. My boss doesn’t want to pay my salary for the hours I spend asking to get my password reset or my account unlocked.
So when employees access company systems, the gateway to those systems must be as secure and as user-friendly as those designed for consumers. In fact, functionally they have to be even more secure, and here’s why: many companies use single sign-on platforms that allow their workers to log into a single spot, and from there they are automatically allowed into all corporate apps. This means bad guys only have to breach one decision point. So that decision point better be locked down tight.
Consider yet another workforce use case, one in which onsite crews have to clock in at a particular physical location. They must assert their identities in order to start their shift. If they can’t do so, they can’t work and they can’t get paid. Conversely, the employer needs to know precisely who is clocking in, to ensure someone didn’t send a ringer to take their shift, since that can lead to very bad liability if that ringer gets hurt or does something improper. And hey, it happens.
A major authID client uses our technology for just this use case. This organization sends crews to various customer sites, where they must clock in. Instead of an old-fashioned timeclock, a standard smartphone is employed. These employees can’t be expected to provide their own phones, since some of them don’t own one, or they may have a flip phone. So the crew chief provides a shared smartphone. And here’s the elegance of this solution.
Imagine queueing at a shared device and immediately backing up because someone is having an issue with username and password entry, especially when using all thumbs. Not good, right? So now imagine a solution where each employee gets through the process of validating within seconds. This is what authID powers.
Each worker has an ID badge with a QR code. Each one takes a brief turn scanning their unique QR code with that shared phone, which takes them to the appropriate website, protected by authID’s biometric authentication platform. They are then prompted to take a selfie, which links and authenticates their facial biometric (pre-registered, of course) to their employee account. Done! This effectively clocks them in, while ensuring that they are the legit employee, and not a ringer.
So let’s review. No passwords, no usernames. No clumsy thumbing of credentials or bookmarks. No proprietary hardware. No requirement for individual devices. Just a QR code and a selfie, and nothing else. Security and clock-in. Then boom, start your day. That simple, that secure. The entire crew is validated for the shift, they all get paid, and the employer is assured they’ve got the right people in place.
This is our fantastic value proposition at authID – the greatest level of assurance with the least amount of friction. We provide this value to consumers, voters, bank customers, and a host of other individuals who want to know they can safely and easily access their most sensitive digital treasures. And yes, we do this for the workforce as well.
authID is all about using friendly faces to protect precious assets. Give us a shout, and one of our friendly faces will be happy to give you a demo. Fast, accurate, easy to use. That’s the authID biometric authentication solution.