Security
Headlines
HeadlinesLatestCVEs

Headline

Nok Nok, a Global Leader in Customer Passwordless Authentication, Releases Full Support for Passkeys

Nok Nok, an inventor of FIDO authentication standards, announces full support for passkeys in its S3 Authentication Suite that allows organizations to replace passwords.

DARKReading
#web#ios#android#apple#google#microsoft#intel#auth

San Jose, Calif., Oct. 24, 2022 — Nok Nok, a leader in FIDO customer authentication (Fast IDentity Online) and a founder of the FIDO Alliance, today announced full support for passkeys — the FIDO and key-based passwordless sign-in technology standard for replacing passwords.

As stated in Verizon’s 2021 Data Breach Investigations Report, over 80% of successful cyber-attacks start with an account takeover with cybercriminals using sophisticated phishing strategies to steal account credentials based on passwords and personal secrets. With cybercrime accelerating dramatically, online service providers are now only beginning to understand the real cost and risk of propagating the use of passwords and the legacy security infrastructure used to store and use them.

The arrival of passkeys, the replacement for passwords

Passkeys — the new name for passwordless FIDO credentials — are widely viewed as the replacement to end the use of passwords. Current FIDO standards for single-device passkeys are supported by major platforms today. In May 2022, Apple, Microsoft and Google announced multi-device passkeys will be natively available in the OEMs’ devices, operating systems and platforms to enable safer, faster, and more consistent sign-ins to consumer online services across web and mobile devices.

By offering the same safety and convenience for signing into online services as the trusted biometric authentication consumers use to sign into their devices, FIDO passkeys offer consumers modern, safe and fast access to all of their online services and in the future, to their in-home and IoT devices, and even to their vehicles.

To implement passkeys, online service providers must leverage a FIDO authentication server and related client software to support both single-device and multi-device passkeys.

S3’s innovative approach to passkeys

As an early inventor of FIDO specifications, Nok Nok and its S3 Authentication Suite offer the first customer passwordless authentication platform built from the ground up based on FIDO standards, with full support for both single-device and multi-device passkeys. Nok Nok’s S3 Suite provides privacy-compliant, passwordless authentication across platforms and is designed to operate in the most demanding consumer environments, at global scale. Nok Nok’s S3 Authentication Server also offers FIDO features that enable online service providers to offer safe and secure passkey access to consumer services leveraging home, entertainment and IoT devices.

For companies that have not yet incorporated FIDO-enabled technologies into their services, with the Nok Nok S3 solution they can now support traditional FIDO single-device credentials and the latest multi-device passkeys with a single authentication infrastructure. For companies who have already transitioned some or all of their customer authentication to leverage FIDO standards, with the Nok Nok S3 solution they can fully support passkey credentials with no code changes. For Nok Nok customers already supporting Nok Nok iOS FIDO authentication, the currently available passkeys “just-work.”

As stated by Dr. Rolf Lindemann, Nok Nok’s VP of Products and one of the original authors of the FIDO standard, “Nok Nok has been working with the industry and our large customers to operationalize the FIDO protocols in the real world with real world benefits. This discipline of commercializing FIDO innovations has led to an extensive portfolio of patented FIDO capabilities and to the evolution from single device keys to multi-device passkeys.”

Dr. Lindemann shared, “For our customers who have already adopted our S3 platform, no code changes are required to support passkeys on iOS 16+ and we support the device public key option announced for Google’s Android. Additionally, our S3 Suite allows native consumer apps to combine single-device credentials through FIDO “silent authenticators” with multi-device credentials to improve the control of relying parties - even on platforms not supporting the device public key option, simplifying regulatory compliance.”

The advanced granular adaptive orchestration of Nok Nok’s S3 authentication platform includes a rules engine that allows replying parties to easily configure sign-up, sign-in and recovery flows for passkeys that dynamically respond to contextual user data. In addition, Nok Nok’s S3 Intelligent Passwordless AuthenticationTM enables user experience flows to automatically respond to the (FIDO) authenticator characteristics of their consumers’ devices in real-time with passkeys.

The FIDO benefits trifecta

By making use of authentication signals on consumer devices, with FIDO sign-up and sign-in, Nok Nok’s customers have created seamless user experiences that remove friction and complexity associated with authentication and account recovery, which dramatically increases the speed and success rates of sign-in.

Many of Nok Nok’s banking, telco and fintech customers have achieved sign-in success rates of 99.5% and sign-in speed increases of 100% to 200% - with today’s single-device passkeys. Since multi-device passkeys are expected to dramatically increase consumer FIDO adoption across OEM devices, these substantial benefits are now available to all online service providers who support passkeys by implementing a leading FIDO server with robust authentication capabilities such as Nok Nok’s S3 Suite.

In addition, reductions in sign-up, sign-in and account recovery friction result in a material reduction of calls into customer care centers. At an industry-average cost of $70-$90 per call to remediate account-related problems, the adoption of FIDO passkeys can save online service providers millions of dollars in annual OPEX.

Last but most important, FIDO passkeys protect consumers from account takeovers that start with stolen credentials. Passkeys are described as “phishing-resistant”, although some of the OEMs have stated passkeys are “unphishable”. In sign-ins that only use passkeys, the keys are accessed during sign-in, but passkeys remain on the device and server. The keys are never passed for attackers to steal enroute - protecting consumers from sophisticated phishing attacks.

Ten years ago our founding industry group designed FIDO as a new framework for providing better usability, security and privacy. We also intended the framework to reduce the cost and complexity of enterprise infrastructure. Today, FIDO passkeys offer the trifecta of business benefits — improved customer security and privacy with less friction and lower operating cost to the enterprise. Passwords are the single greatest pain point on the internet and at Nok Nok, we are thrilled to announce our seamless platform support for consumer passkeys — signaling the beginning of the end of passwords worldwide,” said Nok Nok CEO Phillip Dunkelberger.

About Nok Nok

Nok Nok is a global leader in passwordless consumer authentication. Delivering the most innovative FIDO services for the authentication market today, Nok Nok empowers global organizations to dramatically improve their user experience and security, and reduce operating expenses, while meeting the most advanced privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-standards-based passwordless consumer authentication. Headquartered in Silicon Valley, California, the company has delivered unique inventions and innovations that are protected by a robust global patent portfolio. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in modern consumer authentication. Nok Nok’s global customers trust their customer authentication with the S3 platform and include Verizon, Intuit, T-Mobile, BBVA, NTT Docomo, MUFG, Japan Post Bank, AFLAC, Standard Bank, Fujitsu Limited, and Hitachi. For more information, visit www.noknok.com.

DARKReading: Latest News

Microsoft Pulls Exchange Patches Amid Mail Flow Issues