PalmID® for MS Azure B2C

Passwordless sign-in to the websites hosted by Microsoft Azure B2C

How it works

Remembering passwords for multiple websites is a mind-blowing problem. The common answer to this problem employs external authentication buttons, which delegate user authentication via OpenID Connect protocol to trusted identity providers (IDP), which are unlikely to be hacked, such as Google or Facebook. While this solution reduces the number of passwords to be remembered, it only solves part of the problem: users still must sign into IDPs. PalmID sign-in for Azure B2C takes sign-in to a new level.

Redrock Biometrics provides a biometric IDP, which can be logged in from a smartphone running PalmID Agent app. PalmID IDP login screen displays a unique per session QR code, user scans this code using PalmID Agent app, establishes connection between the phone and the session, scans palm with phone camera, and a successful match on IDP concludes the sign-in process.

This solution is highly secure: it requires a phone to be assigned to a registered phone number and checks user’s biometrics, which is practically impossible to spoof. It is also convenient: palms are always handy. On personal devices QR code can be skipped that makes the solution even more convenient.

PalmID IDP Privacy Policy.

  1. PalmID IDP service
  2. PalmID Agent app: a mobile palm scanner for PalmID IDP
  3. Spoofing detection compliant with ISO/IEC 30107-3
  1. Easy account recovery and migration between devices
  2. User can delete own biometric templates at any moment (GDPR requirement)
  1. Sign-in solution for occasionally used websites, such as:,,,,, etc.
  2. Authorization for sensitive transactions, which cannot be performed by hostile or friendly third party

PalmID SaaS

Cloud-based service for PalmID



649 Mission Street, 5th floor, San Francisco, CA 94105