Echoworx enables organizations to leverage existing passwordless safeguards on customer devices, like fingerprint scanners and other biometric measures, to authenticate recipients. Users simply register their device as a recognized authenticator through a browser-based Web Authentication API. Once registered, built-in biometrics can be used to authenticate and grant access to secure messages – without any additional login page or password prompts.
Any user logging in with a compatible device will see an invitation (called a Toast), to register for passwordless login. When you click the “click here to open” link in an email notification on a registered device, you’ll get a prompt to authenticate on your device, and then we’ll whisk you away to your message. It’s a single secure step, and since you’re using a device that you have plus either a biometric (something you are) or a PIN (something you know), it’s multifactor.
Varying Levels of Authentication Needed
“I believe there is a huge difference between privilege levels assigned to some, and not others, so we need varying levels of authentication.”