Technical Articles
Bye Bye Passwords!!! Biometric Authentication – SAP IAS
Dear All,
New feature got introduced on September 29, 2021 Product release – Passwordless Authentication
Documentation Link
Background
Biometric authentication methods have made a lot of headway in recent years. Fingerprint scanners come standard on many smartphones, and a number of companies are working on iris scanning, retina scanning, facial recognition, voice-printing, heartbeat, and even gait recognition, all targeted at consumer devices. It seems as though the future of authentication as foretold by decades of science-fiction is finally just around the corner. But before we as individuals begin to adopt these methods for logging in to every applications we use, and before we as organizations begin to support these methods, we should consider how they are different from the tried and true password system, and how those differences could impact our lives.
No need to remember every Passwords
Security
Biometrics are touted as secure, and to some degree, this is correct. The kinds of physical attributes which are chosen are ones which are easy to use and unique to an individual. However, there is one major downside to biometrics — if a measure has been compromised, we can’t change our body like we can change our passwords.
Fingerprint scanners are one of the most obvious biometric authentication systems where this flaw is relevant. Our hands are our primary system for interacting with our world, and we touch thousands of objects in the course of a day, leaving fingerprints everywhere.
Privacy
There are two primary ways that biometrics compromise privacy. First, they strengthen the connection between our physical body and our digital existence. This enforces a connection that removes anonymity to a degree that no password based system ever has.
Second, one of the most important parts of password based authentication is that passwords (at least so far) are private.
Identity Authentication supports the following:
| Device | OS | Browser |
|---|---|---|
| Face ID | Latest iOS |
|
| Touch ID | Latest macOS |
|
| Windows Hello | Windows 10 |
|
Let’s begin to enable Biometric Authentication for your IAS tenant
Step 1
Just follow the steps as per the order shown in below screen for the applications you would like to enable for users to give a choice for authentication.
Step 2
Configure your Biometric Authentication to your device ( Laptop or Mobile) and scan your fingerprint to get activated.
Step 3
Go to your Application to see Biometric Authentication is enabled in your login screen and click on the button.
Step 4
Now, you will be prompted with Windows Security to scan your fingerprint used in above step for activation.
Step 6
if fingerprint is matched and successful, users will be able to get inside the application without any entering password.
Access link to deactivate or to add other device Biometric Authentication
https://<IAS Tenant>/ui/protected/profilemanagement
Cool stuff. Thanks for the great blog.
Hello, tried with a notebook with Hello activated and with a cell phone but when I press "activate" (step 2) nothing happens. The "Biometric Authentication" button remains grey and not blue
Hi Yogananda Muthaiah, this is great news!
As I understand, this works for the Apple and Microsoft ecosystems.
Would you please elaborate what we can expect for Android or why there is no solution (yet) for Android? I know that the Android ecosystem is more complicated than Apple and Microsoft, but it would be great to have a few explaining words from SAP to be able to explain this to our stakeholders.
Thanks, Lutz