July 21, 2016 -
ForgeRock has released the latest edition of the ForgeRock identity platform, which features advanced new capabilities that will enable organizations to facilitate highly secure, frictionless user experiences using push authentication.
In a statement, the company says the platform is the industry’s first end-to-end open source identity management solution to support passwordless login and frictionless second factor authentication capabilities for continuous security.
Unlike other identity management solutions that offer passwordless login at the beginning of a session, the ForgeRock identity platform prompts passwordless, second factor authentication at any point during a session, should an anomaly occur.
For example, if the user’s laptop switches from a secure company wifi network to an unsecure network in a public setting, re-authentication would be invoked via a required response to a push notification sent to their phone in the form of a biometric TouchID, a swipe or other action in order to maintain access to an online service.
“User frustration is a real concern with two-factor authentication, and a significant barrier for organisations working to create the kind of secure, seamless online user experiences that we’ve all come to expect online,” said ForgeRock CEO Mike Ellis. “With passwordless authentication now available through the ForgeRock Identity Platform, our customers can create highly secure, frictionless user experiences that will delight and engage end users, while keeping the growing number of IoT devices and data out of the wrong hands.”
The first authentication step in a ForgeRock implementation typically happens via the Internet, followed by the second method which is ideally completed over a separate network (out of band). This process occurs with push notifications that travel over the Apple (APNs) or Google (GCM) dedicated notification networks.
This two factor authentication process makes it more difficult for potential cybercriminals as they would need to hack into both the user’s laptop and mobile device to gain access to data.
In addition, the use of push notifications provided through an authenticated mobile app is often significantly less expensive than traditional token-based approaches.
ForgeRock has added several other new features to the solution, including Stateless OAuth token support, common audit event handlers for Elasticsearch and JMS, identity relationship visualization, API protection (rate limiting), and encrypted database entries.