Identity Resilience in a Changing Threat landscape

Starting from October 2024, all companies with critical infrastructure are mandated to grant access to their IT systems to customers and employees solely through secure multi-factor authentication. This requirement poses a significant challenge for businesses, especially in maintaining customer conversion rates. Implementing this regulatory obligation by adding a second factor (e.g., one-time password via SMS, email, or a separate authenticator app) incurs additional efforts for users and extra costs for companies.

Solution: PwC introduces the One-Click Login approach, a method that transitions existing authentication mechanisms, based solely on usernames and passwords, to a passwordless approach with an additional factor. Through a white-label SDK, which can be integrated into mobile customer and employee apps, the login process is simplified for the user to a single click by utilizing biometrics and device binding. The presentation will detail the necessary onboarding process and the integration with an existing IAM system, using the Ping Identity Suite (formerly Forgerock) as an example. It emphasizes simplifying the user flow and showcasing the advantages for businesses compared to other multi-factor authentication solutions.

Further Use: By linking the white-label SDK with an integrated wallet function, this use case also demonstrates how wallet-based solutions already provide value to businesses and users today (before the introduction of the EUDI Wallet). The presentation will further explore how additional attributes can be incorporated into the mobile wallet for use in single sign-on across various systems.