ForgeRock and Beyond Identity partner on passwordless authentication
ForgeRock and Beyond Identity have entered a new collaboration to aid the security industry as it moves towards passwordless authentication of digital identities with Zero Trust architecture and biometrics.
The partnership was announced in a guest post by Beyond Identity on the ForgeRock blog and will see Beyond Identity integrated into ForgeRock via the OpenID Connect (OIDC) protocol.
In the blog, Kurt Johnson, Beyond Identity’s VP of Strategy and Business Development, mentions how the majority of cyber attacks today are based on stolen and misused digital ID credentials.
“I often say, attackers no longer need to break in, they simply log in,” the executive explained.
While multi-factor authentication (MFA) provides a moderate amount of extra security, Johnson strongly believes passwords should be eliminated altogether.
To this end, the Beyond Identity platform utilizes biometrics with X.509 certificates and TLS encryption, and stores private keys in a secure enclave or Trusted Platform Module (TPM) on endpoint devices.
The firm’s technology also automatically looks for particular vulnerabilities of the device at the point of login, including whether the device is jailbroken, its storage encrypted, a local firewall and biometrics enabled, and security software installed and running.
According to Johnson, the integration of Beyond Identity’s technology within the ForgeRock platform will pioneer a new level of passwordless security.
“Join us, and see how together we can start your Zero Trust journey with the right building blocks and ForgeRock’s sound identity-based architecture,” he concluded.
Both companies have entered new, separate partnerships in the past few months, with Beyond Identity forming a strategic partnership with Distology and ForgeRock joining the Open Identity Exchange (OIX) community.
access management | authentication | Beyond Identity | biometrics | cybersecurity | digital identity | ForgeRock | fraud prevention | passwordless authentication | Zero Trust