Cross-Device Authentication
Welcome to the Nok Nok Video Learning Series. We will look into passwordless authentication, one of the cool new technologies to make authentication more convenient, and more secure. Our focus today are Cross-Device Authentication user experiences. In the previous video, we created a passkey on a smartphone. In this video, we will see how we can authenticate a session on a laptop with this passkey.
A recent development is the Multi-Device Credential. In our previous video we created such a Multi-Device Credential on a smartphone. This credential is a kind of passkey that can be backed up from one device and stored to another. In practice, this is often enabled using trusted cloud services such as Icloud Keychain. This passkey was automatically restored to my laptop. Now I can use this passkey in my laptop to securely sign in without a password. This credential sync works across devices on the same device family. For example, all my Apple devices today. Other platforms are in the process of adding this feature as well.
There is another approach that works across device families. For example, to use a passkey on your smartphone to authenticate your laptop session. This approach lets you use your smartphone as a security key with the passkey remaining on the smartphone but being used by your laptop. To securely bind your smartphone and laptop, typically you scan a QR code shown on the laptop. Then the smartphone and laptop communicate over BLE to ensure physical proximity. Some smartphones remember the QR code binding and don’t require it for subsequent authentications.
Here is a third cross-device authentication method. This is an Out-of-Band method that works across all device families even smart TVs and similar devices. While it doesn’t verify the physical proximity of the two devices, it requires no special support in the primary device. A QR code is displayed on the primary device and scanned by your smartphone. This invokes the passkey on your smartphone to authenticate the session on the primary device.
Our last cross-device authentication method in this video is Push-Out-Of-Band. This method, like the previous one, doesn’t verify device proximity. And it works across all device families without special support in the primary device. You enter your user name on the primary device and the server sends a notification to your smartphone. This triggers the use of your passkey and authenticates the session on the primary device.
We have shown the user experience of major passwordless-flows using one of our DEMO applications. Nok Nok’s next generation platform allows you to easily implement and deploy passwordless authentication to internet scale. This helps you to improve the customer experience, reduce fraud and operating costs, and enable your organization to be passwordless.