Apple @ Work: New FIDO Standards Targeting Elimination of Passkey Vendor Lock-in

0
189
Apple @ Work: New FIDO Standards Targeting Elimination of Passkey Vendor Lock-in

Apple @ Work is presented by Mosyle, the sole Apple Unified Platform. Mosyle is the only solution that consolidates all the tools necessary to smoothly and automatically deploy, manage, and safeguard Apple devices in the workplace within a single professional-grade platform. More than 45,000 organizations rely on Mosyle to make millions of Apple devices work-ready effortlessly and affordably.Request your EXTENDED TRIAL today and discover why Mosyle is your go-to for Apple solutions.

The FIDO Alliance has made a significant advancement in enhancing the usability of passkeys by unveiling two new draft specifications: the Credential Exchange Protocol (CXP) and the Credential Exchange Format (CXF). These proposals aim to resolve a critical issue hindering the uptake of passkeys in enterprises: vendor lock-in. While passkeys provide a strong alternative to conventional passwords, their implementation often ties users to specific platforms or password managers, complicating the process of switching services without completely reconfiguring the Passkey setup.

About Apple @ Work: Bradley Chambers managed an enterprise IT network from 2009 to 2021. Drawing from his experience of implementing and managing firewalls, switches, a mobile device management system, enterprise-grade Wi-Fi, thousands of Macs, and iPads, Bradley will share insights on how Apple IT managers deploy Apple devices, create supporting networks, train users, recount on-the-ground IT management stories, and highlight ways Apple can enhance its products for IT departments.


Apple @ Work: New FIDO Standards Targeting Elimination of Passkey Vendor Lock-in 1

Passkeys present a much more robust and user-friendly approach to authentication by removing the need for conventional passwords, which are frequently compromised. Instead of managing lengthy character strings, passkeys utilize cryptographic techniques like Face ID and Touch ID to confirm users’ identities across various devices and services. The advantages of passkeys are apparent—they resist phishing attempts and generally offer greater security than traditional passwords. However, the current technology presents a notable drawback: portability across platforms is quite challenging.

The new CXP and CXF specifications seek to mitigate these limitations by establishing a standardized, secure method for transferring passkeys among different password managers without needing to delete and re-add each one. Currently, switching from one password manager to another, such as from 1Password to Apple Passwords, necessitates removing the passkey from the old service and manually setting it up in the new one. While possible, it’s a cumbersome process.

Customers will be able to transfer their passkeys using these new standards without sacrificing security or enduring laborious processes. The Credential Exchange Protocol will manage the secure transfer of credentials between diverse platforms, while the Credential Exchange Format guarantees that these credentials remain accessible and usable across multiple services. This system is anticipated to deliver a smooth and secure experience for users wanting to switch platforms.

Organizations like Dashlane and 1Password have begun collaborating with the FIDO Alliance to adopt these standards. This partnership is vital for promoting the acceptance of passkeys by enhancing their user-friendliness.

Moreover, by standardizing the management and transfer of passkeys, the FIDO Alliance’s new specifications will empower businesses and consumers to select the tools that best meet their needs without being confined to a single ecosystem. This will spur wider adoption of passkeys, fostering a shift away from passwords, which often represent the weakest link in both personal and organizational security.


DMN’s Perspective

Although passkeys signify a major step forward in authentication security, they still come with the significant drawback of vendor lock-in. Transitioning between platforms such as 1Password, Dashlane, or Apple Passwords is currently not seamless. Users must manually delete and re-enter passkeys, making the process of switching password managers a tedious and inefficient task. For those managing multiple credentials, this inability to transfer easily can deter users from fully adopting the technology. Exporting a CSV file and reimporting it is far more straightforward than migrating Passkeys.

The new specifications by the FIDO Alliance are poised to rectify this scenario, promising a more user-friendly and secure method for migrating passkeys across platforms. It’s great to see Dashlane and 1Password working together on this initiative. While it facilitates user transitions away from their services, it similarly eases the process of moving to them. Retaining a customer should stem from providing a superior solution to their challenges, not from making exit difficult. I am a strong advocate for Passkeys, believing they represent the future of password authentication, and this enhancement is crucial.

Apple @ Work is brought to you by Mosyle, the sole Apple Unified Platform. Mosyle is the only solution that combines all the necessary tools into a single professional-grade platform, enabling the seamless deployment, management, and protection of Apple devices at work. More than 45,000 organizations trust Mosyle to make millions of Apple devices work-ready effortlessly and cost-effectively.Request your EXTENDED TRIAL today to discover why Mosyle is everything you need for working with Apple.