Security Encyclopedia

True Keyless Authentication

True Keyless Authentication is a means of enabling secure access to Internet of Things (IoT) nodes with the security and usability that IoT adoption requires. These solutions transform an end user’s mobile device into a secure digital key into residential, commercial, and industrial settings, transportation networks, autos, and the like.

True keyless authentication solutions ensure that the service provider (e.g. a smart home app provider, an enterprise, an automaker) does not possess the homeowner or driver’s credentials. The keys, then, are both physical and digital ones implying that true keyless authentication is “connected” and true passwordless.

An example of true keyless authentication is a solution built atop Fast Identity Online (FIDO) standards that decentralize user credentials by isolating and encrypting them onto smartphones.

True keyless authentication relies upon the continued expansion of a smart device ecosystem. This ecosystem of locks, especially, has lagged behind the mobile device ecosystem whose readiness is due to advances in biometrics and security features.

Example:

“With true keyless authentication, a driver can access their car as easily as they can unlock their device or login to an app with the smartphone’s native biometric sensors. Additionally, the driver’s privileged information used to access and start the vehicle are stored in the most trusted area of the their phone, not at the automaker or service provider. Security, privacy, and usability are all top concerns to make the experience what it should be.”