Web Authentication

Consumers are demanding seamless interaction with businesses online, whether they're using a mobile, tablet or desktop computer. They don’t want to use different credentials or login processes depending on the device they're using, but many computers lack the sensors for biometric authentication. That’s where we can help.

Daon offers two powerful modes of web authentication for mobile device, tablets, laptops, and desktop computers. First, we’re using the FIDO 2 WebAuthn specifications to bring simple, secure passwordless authentication directly to PCs and mobile devices, without the need for installing native applications. Second, Daon's pioneering work in the mobile channel offers an elegant solution for web authentication via out-of-band (OOB) scenarios.


FIDO2 and W3c web Authentication

FIDO 2 is the set of specifications for next generation web authentication from the FIDO Alliance, of which Daon is a board-level member. Naturally, Daon’s IdentityX platform incorporates the web authentication APIs developed by the FIDO Alliance in conjunction with the World Wide Web Consortium (W3C), which bring simple, secure authentication to internet browsers from Google, Microsoft and Mozilla. IdentityX implements the W3C Web Authentication specification to support FIDO 2 authenticators, security keys and FIDO U2F tokens.

Daon also offers JavaScript libraries that you can leverage to perform an additional passive authentication based on Keystroke Dynamics, or the unique way each user types a phrase into a web browser. This behavioral biometric algorithm is used in conjunction with existing authentication methods (such as username and password). It provides a probabilistic score that can act as either an additional authentication factor or a trigger for additional step-up authentication.



An out-of-band (OOB) scenario occurs when a user initiates a web-based transaction on one device, like a laptop or desktop computer, but authenticates their identity via a separate device, typically a smartphone. This method leverages the embedded biometric sensors in a user’s mobile device and adds a further layer of security; users don't need to enter any personally identifiable information, and would-be attackers would need to gain simultaneous control of both mobile and web traffic.

Daon's work in this area is helping to fuel the growth of OOB authentication, which Gartner predicts will see continuing rapid adoption.

Web Authentication – FIDO 2, Daon“Out-of-Band" Transactions Use Website and Mobile Apps Together


“50% of enterprises using mobile authentication will by 2020 adopt OOB [Out-of-Band] mobile push as a mainstay of authentication.” - Gartner


What’s Next in Web Authentication

In addition to our work on out-of-band authentication, Daon researchers are also leading efforts to deliver multi-factor, standards-based, in-band authentication. Users will be able to securely authenticate from a browser using certified factors (called authenticators), using key fobs and, eventually, biometrics. Would you like to know more about how your organization can benefit from Daon's work in these cutting-edge authentication disciplines? Get in touch with us today.