The following table provides solution designers and architects with a comparative overview of the different options available as of today to for authentication by face recognition to a ForgeRock Identity platform deployment.
The different columns represent some important criteria to consider when one searches for such a solution, some criteria is self-explanatory while the others are detailed below:
- The Device agnostic column helps to figure out which type of device can be used (any vs a subset).
- The Requires a 3rdparty solution column indicates whether or not other software is required in addition to the ForgeRock platform.
- The Security column represents the relative level of security brought by the solution.
- The ForgeRock supported column represents the level of effort required to integrate the solution.
- Flows: That criteria gives an idea, from the user’s perspective (rather than from a purely technical perspective), of whether registration and/or authentication occurs with or without friction. As a rule of thumb, in band flows, it can be considered as frictionless (or so, since it involves use cases where a user needs a single device or uses a single browser session), while out of band flows can be seen as more secure (in some contexts at least), since different channels are involved. Some exceptions may exist, such as Face ID, which can be used in a purely mobile scenario (so, rather in band-like) or just as a means to register or authenticate on one side with a mobile device, while accessing a website or service from another device.