Interview : Ilex IAM Platform and ChromeOS, partners for seamless, secure Access

Through our partnership with the ChromeOS team, the operating system developed by Google, we conducted a cross-interview with experts Nicolas Thiriez, Customer Engineer for ChromeOS, and Olivier Prompt, Chief Operating Officer for Ilex IAM Platform.

They explain in detail how this collaboration came about and the challenges it represents.

How did this partnership come about?

Olivier P.: A clearly expressed customer need: a more agile, high-performance operating system for their shared and often mobile workstations, capable of integrating our contactless card-based strong authentication solution.

Our customers have identified Chrome OS as the answer to their needs: an extremely light, agile and fast operating system that is also secure (LINK). This is how our product and pre-sales teams began collaborating with Google’s teams to integrate the scenarios of fast user switching by card.

Nicolas T.: Google is, together with its partners, working on simpler and safer alternatives to passwords (see e.g. passkey launch). “While passwords will be with us for some time to come, they are often frustrating to remember and put you at risk if they end up in the wrong hands.”

Applied to ChromeOS’ enterprise customers, badge authentication to your laptop or desktop offers a unique opportunity to realize the vision of a passwordless future while meeting customers where they are today.

The collaboration with Ilex allows us to enable badge authentication especially for our European customers. Ilex was requested by existing customers in its role as a strong provider of a badge authentication solution.

Today, Ilex’s solution is the only one that supports this feature! How did our teams collaborate? What did Ilex bring to this implementation?  

Nicolas T.: Our product and engineering teams collaborated very closely to bring this feature to life. We needed to make sure implementing badge login for Ilex was easy while upholding ChromeOS core security. We iterated on the best way to let Ilex interact with ChromeOS login, and very quickly moved to a Proof of concept. Thanks to their experience, Ilex provided invaluable feedback to simplify the implementation. We then worked with our Trusted Tester customers to take their feedback into account and launch the feature.

What market challenges does it address?  

Olivier P.: The fusion of our two offerings aims to strike the right balance between security and user-friendliness across all aspects of shared workstations. The goal was to combine the efficiency of ChromeOS systems with enhanced security and a simpler, faster user login experience. More specifically, our collaboration has strengthened ChromeOS’s native authentication layer—originally based on a standard login/password model—by integrating our passwordless authentication scenarios, among other enhancements.

It’s also an effective way for customers to optimize their costs by deploying highly optimized fleets based on ChromeOS easily integrated with existing Ilex access controls—or quickly rolled out using the SaaS version of Ilex Access Management.

What does this solution involve?

Olivier P.: This feature is a combination of two solutions: Chrome OS interconnected with the Google Workspace environment, and our Ilex Access Management solution. It works by delegating authentication from Chrome OS to Ilex via an identity federation. All our authentication methods are available even in passwordless mode, with contactless cards in particular. This tight integration between the two solutions required both development work on the Chrome OS side, with the implementation of a badge reading extension for unlocking and relocking sessions, and on the Ilex side, with support for the new card APIs and device control APIs. The aim is to guarantee maximum security with the best possible ergonomics, particularly in the case of in-store workstations for frontliners.

What was the involvement of the ChromeOS teams in the implementation of the solution?

Nicolas T.: The ChromeOS team was responsible for the secure implementation of a connector and API to enable badge login with Ilex. Security was a central tenet of our development process, ensuring that the communication and authentication mechanisms between ChromeOS and Ilex were robust and protected against potential threats. This development was an iterative process, heavily informed by the feedback and recommendations provided by the Ilex team, allowing us to refine the solution and ensure a smooth and effective implementation.

In which version of ChromeOS is this solution available?

Nicolas T.: Badge authentication on ChromeOS and ChromeOS Flex is available with ChromeOS version 119.

In which version of Ilex Access Management is this solution available?

Olivier P.: Available from version 9.1, this feature has been optimized in our brand-new version Ilex Access Management 10.0, with numerous enhancements. Discover all the new features here. This version is also available as SaaS, offering our customers greater flexibility and accessibility. 

If our customers want to test it, is it possible?  

Nicolas T.: Yes. It is free of charge to start a Chrome Enterprise Upgrade trial. Once enabled, you can enroll a Chromebook and start configuring badge based authentication. 

How does Ilex AM’s integration into ChromeOS improve user experience and data security? What are the concrete use cases that illustrate the added value of this partnership?

Olivier P.: Thanks to this integration, logging in and switching users on Chrome OS are greatly simplified and accelerated.   

In this first stage, we focused particularly on the business needs of frontliners. These users, generally located on the sales floor, use critical, shared workstations on which they log on and off. The simple gesture of swiping a contactless card seamlessly optimizes the user experience in this case. But that’s not all: once the session has been unlocked, users can access all their applications without having to re-authenticate (their identity is automatically transmitted to all Web services via SSO or Identity Federation). 

Nicolas T.: Ilex on ChromeOS merges the speed and reliability of ChromeOS with the simplicity of passwordless login, providing users with enhanced security and convenience. Many customers combine badge login with the Desk Sync feature on ChromeOS, allowing their ChromeOS desktop to move seamlessly from device to device, and addressing common issues faced by frontline workers in healthcare and retail who require quick, secure access to information on dispersed devices. As companies migrate away from VDI, ChromeOS is the only platform that offers a smooth transition to the Cloud.

Can we expect any new features or integrations in the future?  

Nicolas T.: Yes. This is the first version and we are planning on expanding the possibilities to support new badge interactions, like locking the screen with a badge for example. We also want to keep working with Ilex to extend support to different types of cards. 

Olivier P.: We’re bringing all our experience in the healthcare sector—particularly with the CPS card—to support Google in navigating this highly specialized field. 

What advice would you give to companies looking to optimize their identity and access management with ChromeOS?     

Olivier P.: Don’t hold back, innovate for users! Today, if you’re a decision-maker, we can see that more and more of you are turning to the Chrome OS system, not least for its enhanced security. If you were still hesitating about the ergonomic aspects of connection. Google and Ilex have now removed this obstacle, combining operational efficiency for users with a high level of access security. 
[/av_textblock]

Request a demo