Top 10 Healthcare Corporation

Top 10 U.S. Healthcare Giant Deployed Passwordless Authentication to more than 10 million customers.

Use Case:
Passwordless Customer Authentication
Desktop MFA

Deployment:
10 Million+ Users

Key Impacts

Reduced ATO Fraud by 98.4%
Accelerated Mobile App Adoption Across 10M+ Users
Saved Millions in Password Reset Costs
Eliminated Use of Passwords and Shared Secrets
Enhanced Customer Login Experience

They Called it “Next-Gen Authentication”

As part of their digital transformation initiative, this Top 10 U.S. Healthcare company had a C-level directive to improve both user experience (UX) and security. To the company, this meant moving away from passwords to what they called “Next Generation Authentication” or NGA for short.

To realize the full potential of NGA, the company outlined key requirements:

  • Reduce ATO fraud for member accounts
  • Improving User Experience to Increase Mobile App Adoption
  • Reduce password reset and help desk costs
  • Implement a repeatable authentication framework to reduce integration costs

Working closely together across multiple teams, initiatives and stakeholders, the company and HYPR successfully delivered passwordless authentication to millions of customers who now enjoy fast, easy access across mobile and web applications.

The NGA initiative carried over through a corporate merger. The vision now is to unify passwordless security across web and mobile apps and address new use cases as they expand passwordless to 30 million customers introduced by the merger.

Saving Users from “The Password Armageddon”
Passwords were an especially difficult problem for the company. The company's security leadership needed the organization to move away from passwords since they were the target of credentials-based attacks, account takeover (ATO) and phishing. Beyond the security org, business leadership was aware that expensive password resets were impacting their bottom line.

Customers typically log into their application a few times per year. This meant password resets and helpdesk congestion were most common during the re-enrollment period. It was considered the annual “Password Armageddon” that cost the business millions annually. The team needed a solution that satisfied all four key requirements which address both business and security aims.

A 98% Drop in Mobile ATO Fraud
The company was able to integrate True Passwordless™ SCA across customer-facing mobile apps in hours using the HYPR Mobile SDK for iOS and Android. HYPR’s fully customizable user interface enabled the organization to control and maintain their brand across platforms and apps. Ease of UI customization makes it easy for new lines of business to adopt passwordless technology and deliver a unified customer experience. HYPR was integrated seamlessly into corporate applications. Within a brief period of time the company replaced their legacy and passwords-based authentication approach with HYPR’s FIDO-based passwordless MFA architecture, which enhanced security and ease of use to customers nationwide.

Today, more than 10 million users benefit from a true passwordless login experience that doesn’t rely on passwords and shared secrets. While authentication is faster and the overall digital experience has improved, so has the year-over-year increase in mobile engagement rates.

With HYPR's passwordless solution, the company has the ability to quickly scale passwordless across a growing user base.

Customers who adopted passwordless were safe from credential-based vulnerabilities, enabling the security and risk teams to decrease ATO fraud and reduce incident response costs that totaled millions of dollars. The number of password resets also fell and resulted in a direct ROI. This is especially beneficial in the context of identity and access management (IAM), since the annual cost in password resets was the top expenditure for the security team.

The Ability to Quickly Scale Passwordless Across a Growing User Base.
The company’s initial success along its passwordless journey created a strong precedent for the merged company to expand passwordless security to 30 million users. The company’s vision is to make customer access as simple as possible by continuing to drive passwordless authentication, enabling customers to quickly access their prescriptions, across their trusted mobile devices, as well as laptops with platform authenticators such as MacOS TouchID and Windows Hello.