New Nok Nok Labs SDK brings FIDO biometrics and token-based authentication to smart watches
Nok Nok Labs has announced the launch of an SDK to bring FIDO-based authentication with biometrics and secure tokens to smart watches, which the company says is an industry first.
The new ‘Nok Nok App SDK for Smart Watch’ enables organizations to implement authentication based on FIDO protocols using a silent platform authenticator on smart watch devices. This allows organizations to give consumers flexible, easy and secure access with a unified backend authentication infrastructure across different digital channels, including wearables.
Smart watch shipments grew by 44 percent on an annual basis to reach 12 million units in the second quarter of this year, according to a Strategic Analysis report cited in the announcement. Applications used on the wearable devices have extended beyond fitness to banking, productivity, ecommerce, and home security applications. eMarketer predicts one in ten Americans will have a smart watch by the end of this year, with adults over 55 making up the largest group.
“While smartwatches and other wearables are increasingly being utilized to access business information and perform business tasks, few organizations are able to enforce policy controls around these devices, making them one of the most vulnerable of emerging attack vectors,” notes Steve Brasen, research director with IT industry analyst firm, Enterprise Management Associates (EMA). “The new standards-based controls from Nok Nok Labs are addressing authentication head-on by providing a solution that governs access controls directly on smartwatches regardless of whether they are direct-network attached or tethered to a smartphone. Now with Nok Nok, individuals are able to utilize enterprise applications and view sensitive company data that is centrally managed with policies that ensure only authorized users have access.”
Nok Nok says that a very different user authentication process is necessary for accessing sensitive information on a smart watch, because the OAuth or other bearer tokens typically used in smart watch applications provide relatively weak authentication that needs to frequently be renewed due to a lack of strong device binding. The Nok Nok App SDK for Smart Watch gives developers a way to extend a standards-based approach from mobile and web applications while lowering cost and complexity, according to the announcement.
“The ability to access sensitive information via a smart watch necessitates a more secure method of authentication that integrates with existing backend security infrastructures,” says Nok Nok Labs Vice President of Products Dr. Rolf Lindemann. “Nok Nok, an inventor of FIDO specifications, now brings the same level of security to smart watches with the Nok Nok App SDK for Smart Watch, as it previously did with Mobile Apps and Web Browsers.”
Nok Nok recently partnered with Youniqx to build biometric and other FIDO standards-based authentication into European eID systems.