Ping Identity updates core MFA product with FIDO support and intelligence capabilities
Ping Identity has updated its PingID multi-factor authentication (MFA) solution with new methods of evaluating user and device risk before granting access, and support for FIDO standards to increase resistance to advanced phishing attacks with local fingerprint or facial biometrics.
The new capabilities enable enterprises to create policies to enforce MFA only when risk increases, according to the company announcement. The extra layer of protection against phishing and stolen credentials is necessary, Ping says, due to the high number of breaches that involve those two threats – 32 and 29 percent respectively, according to Verizon’s 2019 Data Breach Investigations Report.
PingID’s Windows Hello and Mac Touch ID support will include FIDO compliance when it reaches general availability in the next month, enabling secure biometric access to web applications that have implemented FIDO standards. FIDO-compliant security keys, such as Yubikeys, can also be used for web authentication and Windows login. When a mobile device is not available to users, they will be able to use hardware OATH compliant tokens, which are also about to become generally available.
New capabilities also include a configurable number of attempts for end-users logging in to a provider’s website to enter a one-time passcode, and the amount of time accounts are locked after failing OTP attempts. PingID will also soon support easy implementation of MFA for Virtual Private Network users. Features for intelligent risk assessment currently in private preview include request location comparison and IP address reputation.
“Hackers are evolving their tactics to access accounts and steal data every single day, and it’s our responsibility as an enterprise security provider to come up with innovative and reliable ways to assess risk before access is granted, and block access when warranted,” said Steve Shoaff, chief product officer, Ping Identity. “PingID is a core product that enterprises have been using for years, and its new features make it stronger and smarter than ever.”
The company also recently introduced a cloud-based services bundle to protect enterprises against phishing and credential theft with MFA and SSO technologies.