Badge and Cisco Duo launch hardware-independent MFA tool

Badge Inc., a digital privacy firm founded by MIT cryptographers, is teaming up with Cisco Duo to introduce a hardware-independent roaming multifactor authentication (MFA) tool which they say is an industry first. This partnership adds Cisco to Badge’s network of identity partners, which includes Okta/Auth0, Radiant Logic, and Ping Identity.

MFA systems are vulnerable to multiple methods of circumventing authentication security, as explained in a blog lost by Web Security Lens. Additionally, traditional hardware-based MFA can be cumbersome, disrupting operations and prompting employees to find workarounds, which in turn increases security vulnerabilities, according to the partnership announcement.

The partners note that the two-factor authentication (2FA) market is becoming commoditized, with large technology providers incorporating it into their applications.

Cisco’s Duo Authenticator handles 16 billion authentications annually, primarily for virtual and remote desktop access, often requiring a secondary device that may not always be available or permitted in certain environments. This has created a need for a more flexible tool, which Badge aims to address.

Badge’s integration with Cisco Duo facilitates new identity and authentication scenarios, to enable password-less enrollment through verifiable credentials (VCs). How it works is once a user’s identity is initially verified, they can authenticate from a device with their face biometrics without needing repeated identity verifications.

Dr. Tina P Srivastava, co-founder of Badge, highlights the benefits: “With Badge’s privacy-preserving authentication, Cisco Duo users can access devices or applications without storing user secrets or private keys. This removes the friction and costs associated with traditional MFA methods like tokens and repeated phone re-registration, making it harder for attackers to gain unauthorized access.”

A recent blog post by Cisco Duo warns that traditional authentication methods are failing, adding that MFA coverage is still vastly incomplete, allowing attackers to easily circumvent weaker forms of authentication. Badge says the collaborative tool eliminates the need to allow fallbacks to phishable account recovery processes when users are without their MFA-required mobile devices.

Ginger Leishman, technology partnerships manager at Cisco Duo, notes: “Duo can operate as a certified passkey provider leveraging Badge, extending Duo’s password-less capabilities. Unlike other models, Badge’s integration allows users to maintain control over their authentication keys without relying on a centralized authority.”

Leishman further explains that with Badge, users enroll once and can access their passkeys on any device across Apple, Microsoft, and Google ecosystems.

Earlier this year, Badge launched its patented biometric authentication software for users to enroll once and authenticate across devices without re-registration.

Article Topics

Badge  |  biometric authentication  |  biometrics  |  Cisco  |  face biometrics  |  multifactor authentication  |  passkeys  |  verifiable credentials