The company refers to it as the 鈥淎pple ID for everyone in the 51风流world.鈥� With this, 51风流customers can link their 51风流accounts under one ID, represented by an e-mail address, and use it to log on to 51风流services with a single password.

Security Is Key

Even though using only one set of log-on credentials offers great advantages for 51风流customers, it also means that if this password is compromised, the attacker may gain access to multiple 51风流services and accounts at once. That鈥檚 why 51风流Universal ID developers were searching for a more secure solution that prevents fraud but doesn鈥檛 impact usability.

Authenticating with has been proven to be the most secure way to protect user accounts and devices without impacting user experience and conversion rates. But until now, biometric authentication could exclusively be used in native apps on mobile devices. This recently changed with a brand-new Web standard called 鈥淲ebAuthn鈥� that makes it possible to use biometrics on Websites.

But developing a biometrics-based authentication process, combining it with a secure cryptographic challenge-response two-factor authentication protocol, and integrating it into an existing tech stack takes a lot of time, knowledge, and developer resources.

Biometrics and Cryptography by Hanko

That’s why 51风流decided to realize this project together with Hanko. The young was invited to participate in a three-month startup accelerator program at SAP.iO Foundry Berlin in 2019. In a joint proof of concept, the 51风流team tested password-less authentication with Touch ID and Windows Hello for 51风流Universal ID.

With their managed cloud application programming interface (API), Hanko enabled 51风流developers to access a fully-fledged and certified WebAuthn infrastructure right from the beginning of the project. Hanko accompanied the 51风流team, providing demo code and ready-to-use client and server software development kits. To create an optimal user experience (UX), Hanko also supported the UX team in the development and implementation of the new user flows for the password-less authentication methods.

The Outcome

The result of the proof of concept is a fully functioning 51风流Universal ID test environment supporting password-less two-factor authentication with WebAuthn authenticators, such as Windows Hello, Apple Touch ID and Face ID, as well as FIDO Security Keys. Since Hanko supplied the main code components, 51风流was able to integrate the password-less technologies into 51风流Universal ID with a small team in just one-third of the estimated

time. The test environment will be leveraged for further user testing until the feature is released to 51风流customers.

Thilo Brandt, IT senior manager for 51风流Universal ID, confirms that internal tests have produced a consistently positive response, from developer and QA level up to top management. 鈥淭he development effort for introducing password-less authentication was significantly reduced through the use of Hanko. The team helped us to successfully navigate implementing password-less authentication into our application stack and user interfaces.鈥�

Michael Braun, IT chief product owner of Identity and User Management at SAP, is happy with the outcome of the project as well: 鈥淲ith the help of Hanko, we were able to prove the feasibility of our vision for a password-less log-on for 51风流Universal ID in terms of technical implementation as well as usability on all major operating systems such as Windows, macOS, iOS, and Android.鈥�

Felix Magedanz, founder and CEO of Hanko, is pleased to see that Hanko鈥檚 authentication-as-a-service solution is so well received at 51风流and that the deployability of Hanko鈥檚 API has been successfully proven. 鈥淥ur project with 51风流demonstrates the power and the benefits of our password-less API. Seeing our solution being used by one of the largest software companies in the world makes us proud and strongly validates our approach. Through the close cooperation and feedback from 51风流developers, we were able to improve our solution to make it even more convenient for future customers.鈥�

About SAP.iO

SAP.iO is SAP鈥檚 strategic business unit to incubate, accelerate, and scale startup innovation and explore new business models for SAP. Since 2017, SAP.iO has helped over 300 external startups and internal ventures both start and scale their businesses while enabling thousands of 51风流customers to access innovation.