CVS Health is a U.S. healthcare organization that includes multiple operating divisions including retail with CVS Pharmacy, which has nearly 10,000 locations across America. CVS Health also includes a large healthcare insurance business that integrates assets from Aetna.

As of Q2 2023, CVS Health is using passkeys for consumer logins to their mobile web service.

The Challenge/ Use Case

The key focus for CVS Health is to ensure integrity and confidentiality of customer data. The overall user experience also needs to be positive, to drive traffic to CVS’s digital assets. 

CVS Health is on a path to help make its consumer authentication experience not only secure, but easier to use. CVS Health is also on a path toward enabling password-less experiences for consumers wherever possible.

“For the external user, they would just simply walk away, if the user log in experience is cumbersome, in any way,” Cisa Kurian, senior security advisor at CVS Health commented. “Good security is always a balance between security and usability.”

How CVS Health Uses FIDO To Secure Its Users

CVS Health is building out an authentication platform to provide password-less authentication capabilities in its web, mobile, IoT and voice applications. Passwordless authentication is enabled with biometric authentication using FIDO standards

“Our goal is to increase friction for a potential threat actor, while enabling ease of use for the legitimate user,” Kurian said.

Benefits

By adopting a FIDO based approach, CVS Health is able to provide an easier authentication experience for its users. Making the login experience more seamless also helps to improve the overall user experience as well.

“We chose FIDO because the standards are open, and allow for simpler and stronger authentication that is based on public key cryptography,” Kurian said. “In other words, it’s easy to use and more secure, at the same time.”


More

Case Study: Gemini Protects Users with FIDO Authentication

Gemini is a cryptocurrency exchange and custodian, founded by Tyler and Cameron Winklevoss in 2014.…

Read More →

Target Uses FIDO Authentication to Secure the Workforce

Target is a retailer with locations across the U.S as well as online ecommerce operations.…

Read More →

SURF Uses FIDO2 to Protect Users in the Netherlands

SURF is the shared IT organization for research institutes and universities in the Netherlands. The…

Read More →


12315 Next