Going Beyond the Standard

It is not a surprise to say that passwords are broken. They were not designed to secure today’s connected economy. As an inventor of FIDO standards, we knew that the key to replacing passwords was a privacy-by-design specification that championed interoperability and decentralized the security topography.

The Nok Nok™ S3 Suite goes beyond the standards. It is the most widely deployed FIDO-certified solution on the planet. It has powered billions of consumer authentication events for banks like BBVA and Standard Bank, for telcos like T-Mobile and NTT DOCOMO, and for a variety of other industries like physical security, government and insurance. We have deployed the Nok Nok solution, at scale, more times than any other purveyor of FIDO certified servers. Our level of experience delivers a better product, a better team, a swifter and more stable integration, and a collection of benefits we are excited to share in this new release of the Nok Nok S3 Suite.

S3 Diagram

Adaptive Policies
Existing authentication systems are robust – but most have been deployed using username and passwords as their foundational layer. We know that passwords do not make a firm foundation. In order to shore up that weakness, new systems have been bolted on to make the passwords more complex, to ask personal questions, to generate and distribute one-time-passcodes or harvest device details in order to lower the probability of fraud (just a little!). Risk-engines were devised to collect and analyze these data points. Regulations have been created mandating the use of these additional methods. As we move into a passwordless future, some of these requirements persist and will still be needed.

With the Nok Nok S3 Suite you can power large scale passwordless deployments – deployments which can be paired with existing risk engines, behavioral biometrics, or other systems. With our new release, we simplify the integration and add an engine capable of dynamically adapting to the context of an authentication event. This allows our customers to select appropriate risk factors and implement them without writing a single line of code. By including authentication context, we help enable compliance with the requirements of PSD2 SCA, and other privacy and security regulations. The new, simplified integration accelerates time to deployment and provides the tools necessary to address the most pressing financial industry requirements.

Expanded Device Support
Since the beginning, FIDO standards have been about interoperability. We worked tirelessly in the early days to make sure the standard integrated with handset manufacturers like Fujitsu and Samsung, secure silicon providers such as Qualcomm, and authentication providers for facial and fingerprint recognition. Nok Nok was the first to bring FIDO authentication support for the Apple Watch and today we are happy to let you know we now also support WearOS (formally Android Wear). But our work is not done. As new devices and solutions come to market, we are eager to expand our support and bring more choices to the consumer. Through our API and SDKs, the same user experience and security can be provided, regardless of channel or device.

Nok Nok™ Quick Authentication
Bandwidth is crowded, especially now that more of us are online with multiple devices. Phones are connected to earphones, watches, computers and more. Each wireless interaction carries a network cost and introduces delay and latency to the customer experience. Some networks are not as robust as others and this inconsistency of experience can create frustration and friction for users.

Following our history of designing “beyond the standard”, today we are introducing Quick Authentication with this latest release. Nok Nok™ Quick Authentication performs secure FIDO authentication in a single network round trip. Organizations can now significantly reduce their network traffic. End-users get both speed and security with this update.

Going Beyond
While FIDO standards are a leap forward towards a passwordless world, the Nok Nok S3 Suite takes you there and beyond. Our latest technology is built to address the authentication needs of companies wrestling with regulatory complexity, without adding friction to the user experience. Customers expect privacy, and regulations – such as CCPA and GDPR – have strict rules and significant penalties for privacy violations. The Nok Nok S3 Suite eliminates the need to centrally store biometric customer data for authentication and – as mentioned – it follows a privacy-by-design approach. With strong, multi-factor authentication, the ability to comply with FFIEC, PSD2 SCA, HIPAA and other regulations is enabled. In addition, support for EMVCo 3DS2’s requirement for transaction confirmation of high value transactions is already included.

We view authentication as the front door to the connected economy. That door should be frictionless, yet secure. It should provide the security an organization and regulatory body requires while not turning away the end-user. We have deployed our solution to customers with tens of millions of users and we know how to build and integrate a scalable solution.

Simple. Secure. Scalable – was what we committed to 8 years ago and what we continue to deliver today.

For more information on the Nok Nok S3 Suite, please download the product brief here, or reach out to our team who will be happy to answer any questions.