Gluu Blog

Follow us:
Back to Blog

ThumbSignIn brings FIDO Biometric Authentication to Gluu Community

Michael Schwartz July 24, 2018


There is no one-size-fits-all solution for two-factor authentication (“2FA”). At Gluu we recognize 2FA is about mitigating risks, and options like one-time passcodes (OTP), social login, and smart cards can all be useful forms of strong authentication.

The best 2FA technology depends on the person, the device they have in their hands, and the resource(s) they are trying to access. With that said, if we had to pick just one strategy for 2FA, it would be FIDO–it’s secure, privacy protecting, and can be used in a variety of ways including tokens, biometric, and mobile.

A popular topic in the Gluu community has been FIDO for client-side biometric authentication, i.e. FIDO UAF. The Gluu Server has supported FIDO UAF for a while but uptake has been slow.

That’s why we are excited to announce our partnership with ThumbSignIn, a business unit of Pramati Technologies, a FIDO-certified strong authentication provider. With ThumbSignIn you can now easily roll out biometric authentication for access to Gluu-protected web and mobile applications.

ThumbSignIn can be configured as an alternative to passwords, or as an additional password-less authentication mechanism. The authentication takes place entirely on the users’ mobile device and the biometric template is never transmitted over the Internet or stored on the server. ThumbSignIn uses a “lock box” approach where the person’s biometric unlocks the box, which contains a private key used for authentication and a public key that’s registered on the Gluu Server.

This approach puts people in control of their credentials and greatly reduces liability for enterprises. Holding biometric templates is like toxic waste–the less you hold, the better!

The ThumbSignIn SaaS platform and mobile SDKs are offered for free for up to 1,000 users. In addition, for a limited time ThumbSignIn will provide free support to Gluu customers who adopt ThumbSignIn for authentication. You can use the free ThumbSignIn mobile app or embed the SDK into your own mobile applications for a simpler and more secure authentication experience.

ThumbSignIn is a long-standing member of the FIDO Alliance and its FIDO certification across client and server software attests to their high degree of technical robustness, conformance to industry standards, high security assurance, and seamless interoperability with other FIDO-based products. As the FIDO standard has recently been adopted as a W3C standard, biometrics-based authentication is primed to see much wider adoption.

With ThumbSignIn, you will find it easier to deliver a secure and smooth biometric authentication experience, including:

  • Faster, easier, and stronger third-party app integrations and support
  • Stronger authentication (FIDO-compliant) with biometrics and PKI
  • Simple and seamless user experience

Instructions to integrate ThumbSignIn with your Gluu Server can be found on the Gluu docs.

And if you have questions, or want to learn more about strong authentication with the Gluu Server, just schedule a meeting.

Be sure to subscibe to
our RSS Feed

Mike Schwartz

Mike has been an entrepreneur and identity specialist for more than two decades. He is the technical and business visionary behind Gluu. Mike is an application security expert and has been a featured speaker at RSA Conference, Gartner Catalyst, Cloud Identity Summity (now "Identiverse") and many other security conferences around the world.