Nok Nok Labs developing capabilities that go beyond basic FIDO standards
Nok Nok Labs discussed in a recent blog post how its product and engineering teams are leading FIDO standards development, as well as mapping out and delivering capabilities that go beyond basic FIDO standards.
The company said that all organizations should focus on several key areas while devising their approach to modern authentication, starting with assessing risk signals and building policies around those signals.
According to Nok Nok, organizations should consider three areas when establishing policy-based authentication mechanisms.
The first is geolocation, a signal that locates a user’s device location. This can be checked against a policy defined list of restricted countries, which enables the administrator to deny access from unauthorized locations and adjust their risk score.
The second is travel speed, a signal that determines whether the user’s device has travelled too far of a distance in too short a time.
Using the device’s geolocation, the authentication technology can calculate the travel speed from the last login location and time.
Based on this information, users can take policy-defined action to adjust risk scores or deny fraudulent access from multiple locations within a short time interval.
The third signal is device health, which proactively monitors for signs of tampering on the device.
The company has also developed a method of ensuring that only biometrics authorized by the primary device or application user can authenticate to an account in order to combat unintended fraud on shared devices, which Nok Nok claims is a “major differentiator over basic FIDO for use cases that need a higher standard of security.”
Nok Nok said its development team is working on new functionality that it will share in upcoming release cycles, including additional features that extend the benefits of a FIDO approach to more use cases and value drivers.
Last month Nok Nok Labs launched a premium edition of its Nok Nok S3 Authentication Suite (S3 Suite), which the company called the first unified platform that enables organizations to leverage FIDO standards-based authentication.