Biometric passwordless IAM providers extend reach with new certifications and solutions
Biometrics as a replacement for passwords in identity and access management (IAM) solutions are increasingly being offered by many of the market’s established leaders and new entrants alike. Ping Identity has announced an acquisition to offer decentralized digital ID with biometric security, Okta and Avatier have unveiled new offerings, Ensurity has a new partnership, and 1Kosmos and Truu have announced certifications.
ForgeRock, meanwhile, has been named as a Leader in the ‘The Forrester Wave: Customer Identity and Access Management (CIAM), Q4 2020’ from Forrester Research.
Biometric authentication is the passwordless method recognized by the most consumers by a significant margin, according to the ‘From Passwords to Passwordless’ report from LastPass. While less than half of respondents identify single sign-on (SSO) (49 percent) or federated identity (39 percent) as a passwordless authentication method, 71 percent are aware that biometrics can replace passwords.
Ping acquires ShoCard to integrate biometric decentralized identity
Ping Identity has acquired biometrics and blockchain-enabled personal digital identity provider ShoCard to advance towards its vision for providing users with more privacy control while reducing fraud and streamlining digital interactions, according to a company announcement.
ShoCard specializes in decentralized or ‘self-sovereign’ digital ID, with user’s mobile phones acting as a personal identity vault.
Integration with the Ping Intelligent Identity Platform, which secures more than 2 billion accounts, allows ShoCard users to collect and store identity data on their mobile device, unlocking and sharing it with facial or fingerprint biometrics. The integration will be made available to all Ping customers as a new model for privacy and customer engagement, the announcement says.
The identity wallet provided through the integration can hold sharable, validated claims that can be selected for sharing with particular vendors, partners, or resources.
“Personal identity is the next wave of the identity security evolution, representing a boon for business and consumers alike. Under this model, businesses can avoid storing sensitive data and the risks that come along with it, while customers can avoid sharing unnecessary personal information with service providers, ultimately creating a more trusted online experience,” said Andre Durand, CEO, Ping Identity. “Issues of privacy and mistrust are addressed when individuals can pick and choose what personal information to share with organizations to validate a fact about themselves. ShoCard’s best-in-class technology allows Ping to greatly accelerate our mission of creating a personal identity future.”
The terms of the acquisition were not disclosed.
Ping has also launched PingOne Services, a stand-alone cloud services suite for advanced identity and access management capabilities with options for flexible integration and fast implementation.
The first two solutions in the suite are PingOne MFA and PingOne Risk Management, and the company is launching a unified cloud administration interface to allow administrators to view and manage identity solutions across different deployment environments.
PingOne MFA can be embedded into web and mobile applications to allow branded user experiences and a choice of authentication methods including SMS, email and push notifications from a mobile device.
PingOne Risk Management includes User and Entity Behavior Analytics (UEBA), along with network, geolocation, and IP intelligence.
New passwordless IAM tools, certifications, and partnership
A new SDK from Okta brings its user identity and device identity capabilities together for authentication to mobile applications with biometrics and push notifications instead of passwords.
The new Okta Devices SDK was unveiled during Okta Showcase, and allows users to be authenticated securely with minimal friction from the various devices they use, according to the announcement.
The SDK will be available for iOS and Android for Early Access in the first quarter of 2021.
Ensurity has announced it will use WISeKey microprocessors, which are Common Criteria certified, in its FIDO2-certified, ThinC-AUTH fingerprint biometric USB key, which is designed for access to Microsoft Windows and Azure AD.
“Microsoft’s computer environment is predominant in most organizations. Ensurity, is an established FIDO2 solution provider working with Microsoft since they adopted this standard to reinforce their Windows and Azure AD platforms security with a passwordless approach,” says Amit Mathur, COO of Ensurity, in a press release. “Building our ThinC-AUTH biometric key on WISeKey’s certified cybersecurity was a natural choice when we decided to further enhance the protection of our customer’s credentials and private information.”
1Kosmos’ BlockID has been certified for the FIDO2 server protocol, which the company says makes it the first blockchain and contactless biometrics-powered authentication system with the certification.
“Now, with our platform being FIDO2 certified, BlockID adds tremendous value to the passwordless world by adding the immutable identity layer on top of authenticating tokens. This certification allows us to provide our customers safer, phishing-resistant methods and a better user experience enterprise wide,” states Rohan Pinto, 1Kosmos CTO.
The company suggests the server certification fills a gap in detail about how to identify a user during the authentication process by using advanced, device-based biometrics.
Truu’s enterprise solution has been certified by Citrix and listed in the Citrix Ready Marketplace, while its Truu Identity Platform has been validated with the Citrix Gateway.
The company says it is the first passwordless authentication vendor to integrate proximity detection and signaling with behavioral identity and biometrics into an adaptive risk engine. The new validations provide passwordless access to Citrix Virtual Apps and Desktops for remote and on-premise users.
Avatier Corporation has launched a new passwordless iOS and Android app to provide a collaborative self-service approach to secure enterprise access.
The mobile identity governance and administration application is intended to provide enterprises with greater control over access requests, compliance access certifications, SSO and self-service password management.
Avatier supports Duo Security, Google Authenticator, Okta Verify, Ping Identity, Radius, RSA SecureID, Symantec VIP and any FIDO2-compliant solution’s MFA, including those using biometrics.
Avatier has a biometrics partnership with ImageWare dating back to 2016.