02 Aug

5 Min read

Most Organizations Still Using Phishable Multifactor Auth

August 2, 2023 Nok Nok News 0 comments

Survey Reveals Majority of Organizations Still Using Phishable Multifactor Methods for Customer Authentication

San Jose, CA – August 2, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations and Enterprise Strategy Group (ESG), today released the findings of a comprehensive survey on the state of passwords. ESG surveyed over 350 IT, cybersecurity, and application development professionals responsible for identity and access management programs in North America. The results shed light on the challenges organizations continue to face using traditional authentication methods and the increasing interest in passwordless authentication as a more secure and user-friendly alternative. With the availability of low cost cloud CPUs to crack passwords and the prevalence of known accounts/passwords, organizations recognize that passwords are not secure. The survey revealed that traditional authentication methods, such as passwords, are not effective in the face of evolving cyber threats

52% of organizations said eliminating customer passwords had a significant positive impact on revenue. In addition to the expected risk reduction that comes from deploying passwordless authentication for customer-facing apps, removing friction from passwords and MFA positively impacted revenue, customer productivity and satisfaction, and credential-based cybersecurity incidents.

76% of organizations experienced multiple account or credential compromises over the past 12 months. Organizations face a multitude of disparate attack vectors targeting weak authentication methods. Unfortunately, organizations are still not prepared to respond to account or credential compromise, and thus multiple incidents have become the norm.

The survey also highlighted the importance of passwordless authentication for customer-facing applications. Organizations understand the risks of account takeover attacks and the need to secure customer identities. However, a significant portion of customer identities are believed to continue to be insufficiently secured. To mitigate these risks, organizations are prioritizing customer authentication practices, with 36% of the respondents designating authentication as a critical activity.

“In the face of weak passwords and phishable legacy authentication solutions, the survey shows that customer passwordless authentication can deliver a host of security enhancements and increase the user experience,” said Jack Poller, Senior Analyst, ESG. “Benefits include reduced calls to help desk/IT for password resets and account lockouts, to increased customer productivity and satisfaction by eliminating the friction from passwords and MFA, as well as
eligibility to obtain cyber-insurance or reduce rates.”

The findings of the survey indicate that organizations are actively investing in strong authentication, with passwordless authentication gaining traction. Passwordless authentication not only enhances security but also improves the user experience by eliminating the need to remember complex passwords and reducing the reliance on phishable MFA factors.

“This survey reveals that organizations are still relying on the most common, weakest methods of MFA, SMS, and one-time email codes, even when FIDO-based phishing resistant strong authentication is available.,” said Phil Dunkelberger, CEO of Nok Nok. “Major platform vendor ssuch as Google, Apple and Microsoft have all embraced FIDO standards and are rolling out passkeys for consumers. It is time enterprises do the same for their customer authentication.”

For a copy of the results with more detailed information and insights from the survey, please review The State of Passwordless Authentication eBook.

About TechTarget

TechTarget is a leading technology media company that provides trusted and targeted content to enterprise technology buyers and decision-makers. With a network of over 140 technology-specific websites, TechTarget delivers quality content, research, and analysis to help organizations make informed technology purchasing decisions.

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the passwordless authentication market today. Nok Nok empowers organizations to significantly improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon. For more information, https://noknok.com/.

31 May

4 Min read

Nok Nok Announces Record Customer Expansion as Industry Adoption of FIDO Passkeys Accelerates

May 31, 2023 Nok Nok News 0 comments

Next phase of growth powered by regulatory compliance and recent ecosystem partnerships.

Global adoption of passwordless authentication is accelerating due to regulatory compliance, security and user experience requirements, and recent advances from major computing ecosystem participants.

San Jose, CA – May 31, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations, today announced strong 2022 results following the FIDO (Fast IDentity Online) industry introduction of passkeys, deployments with Fortune 500 companies and key partnerships in the government market that will accelerate the company’s next phase of growth. Nok Nok 2022 annual recurring revenue increased by more than 40% YoY, driven by expansion in customer deployments, and the addition of new vertical markets fueled by global regulations that require phishing-resistant authentication.

Innovative Passkey Support

As an inventor of FIDO specifications, Nok Nok and its S3 product suite have been in sync with advances in FIDO authentication. With the introduction of FIDO passkeys in 2022, Nok Nok announced the:

same safety and convenience of using biometrics to access your device as for logging into web services.
reduced attack surfaces by eliminating the most commonly stored credential – the password.
ability to embed passwordless authentication in enterprise workflows reduces development and support time for customer facing applications.
future integration capabilities that will include in-home devices such as Alexa, IoT device services, and physical access to buildings.

“We see new momentum in the FIDO marketplace due to the announcement of Passkeys last year,” offered Miguel Villaumbrales, Global Head of Digital Identity from BBVA. BBVA, a customer of Nok Nok since 2019 with a security-first mindset, has implemented Nok Nok’s FIDO-based biometric authentication in its award winning mobile banking services, including their smart watch applications.

Customer Deployment Spotlight

NTT DOCOMO, INC. has been a customer of Nok Nok since 2015. Under the slogan “Your Security, More Simple,” DOCOMO has improved the authentication user experience for a wide variety of DOCOMO services. In 2020, DOCOMO began offering a passwordless option by providing a password disable setting, and in April 2023, NTT DOCOMO began support for WebAuthn/Passkeys. DOCOMO’s adoption of Nok Nok’s FIDO solution enhanced the authentication user experience, toward DOCOMO’s goal of a “Passwordless World.”

New Partnerships to Address Growing Global Regulatory Compliance

2022 was the year that Nok Nok accelerated product development in order to meet the needs of government and highly regulated industries. Nok Nok announced a partnership with UberEther, a leading provider of identity and access management solutions to the federal government, to provide phishing-resistant authentication in UberEther’s FedRAMP High and DoD Impact Level 5 ready IAM Advantage platform.

Nok Nok also entered into a new partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Recent executive orders and regulations require federal government agencies to leverage phishing-resistant multi-factor authentication (MFA) solutions. Through Carahsoft’s reseller partners, and NASA Solutions for Enterprise-Wide Procurement (SEWP) and National Cooperative Purchasing Alliance (NCPA) contracts, federal government agencies will have access to Nok Nok’s FIDO-enabled and phishing-resistant multi-factor authentication (MFA) solution.

“From when we co-founded the FIDO Alliance in 2012 to where we see adoption today, it is truly rewarding to see industry-leading customers and partners deploying Nok Nok’s FIDO enabled solutions at internet scale to hundreds of millions of global end users,” said Phil Dunkelberger, CEO of Nok Nok. “It has been our best year for deployments, customer expansion and innovation with the shipping of the The Nok Nok™ S3 Authentication Suite Version 9. Recent market interest in our solutions has been driven by the introduction of FIDO-based passkeys, which is creating a global awareness of what interoperable, easy to use passwordless authentication can mean for the consumer experience. All of this momentum points to a more secure, easier to use experience for all users, and reduced complexity for IT and security teams.”

About Nok Nok

Read the official press release.

05 May

4 Min read

Nok Nok Joins Team of Best-in-Class

May 5, 2023 Nok Nok News 0 comments

UberEther’s IAM Advantage Includes Nok Nok

Best-in-Class identity providers UberEther, Ping Identity, SailPoint, Nok Nok, Radiant Logic, Appgate and Carahsoft join forces to modernize identity management for Government and high security customers

STERLING, VA – May 04, 2023 – UberEther, a full-stack technology integrator providing innovative identity solutions, today announced the launch of IAM Advantage, the first solution of its kind to achieve DoD IL5 authorization. IAM Advantage is an identity, credential, and access management (ICAM) solution designed to to help Government agencies and suppliers modernize their legacy identity systems. IAM Advantage can manage access for employees, contractors or citizens and will secure end-to-end workflows from account registration to digital transactions.

IAM Advantage combines solutions from the following best-in-class identity providers that together help agencies comply with NIST’s most recent guidelines for digital identity (SP 800-63) and the Federal memorandum on Zero Trust Strategy (OMB M-22-09).

Core ICAM

Ping Identity, a provider of intelligent identity solutions with authentication, federation, identity management, authorization and access management capabilities for ICAM modernization
Radiant Logic, the foundational identity data management platform that correlates all identity data to create a unified Master User Record (MUR), which acts as the Policy Information Point for a Zero Trust Architecture
SailPoint, an identity security provider that enables the modern enterprise to discover, govern, and secure all identities across all environments

Supporting Technologies

Appgate, a provider of Zero Trust access designed with a direct-routed, software-defined perimeter model that aligns with NIST (SP) 800-207 Zero Trust Architecture
Nok Nok, a phishing-resistant multi-factor authentication (MFA) password-less authentication platform, and compliance solutions to address NIST SP800-63 and SP800-157 standards

Procurement Support, Distribution and Training

Carahsoft, a Master Government Aggregator® providing ease of procurement for IAM Advantage and access to services and training for the Public Sector through hundreds of contract vehicles

“Our Government customers are looking for an integrated identity solution that helps them achieve their compliance and security requirements while reducing the burden of managing multiple vendors,” said Matt Topper, President and Solutions Catalyst at UberEther. “We are delighted to partner with some of the most innovative and respected companies in the identity ecosystem to offer a highly secure solution for our Government customers.”

IAM Advantage is a preconfigured solution, ensuring cost and time savings for Government procurement and security teams. UberEther offers flexible deployment models: on-premises, in any cloud or hybrid environment, or in air-gapped or disconnected (DDIL) environments at the tactical edge. Security is enhanced with a single-tenant environment, and customers control their own encryption keys. Further, IAM Advantage is applicable to both desktop and mobile applications – and in both single sign-on and federated identity management models.

Integrations with Salesforce and ServiceNow are prebuilt and will allow Government customers to integrate IAM Advantage into their existing software stack quickly and affordably. “Identity and access management is a complex and high-risk task for Government agencies, particularly if they rely on outdated legacy products,” said Brian O’Donnell, Vice President of Cybersecurity Solutions at Carahsoft. “The development of the IL5 ICAM solution is a significant step forward in providing Government agencies with robust and reliable IAM solutions that meet their needs and protect against modern threats. We look forward to working with our reseller partners to provide Defense agencies with advanced, highly secure cybersecurity solutions through numerous Carahsoft contract vehicles.”

More information on IAM Advantage can be found here. UberEther is available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86, and NCPA Contract NCPA01-86. For more information, contact the UberEther team at Carahsoft at (703) 889-9808 or [email protected].

About UberEther
Founded in 2010, UberEther is a full stack technology integrator that builds innovative solutions for our clients and turns their security and access control needs into a value-added enabler that transforms the organization in ways previously not possible. We take pride in delivering reliable, repeatable, and secure solutions that provide tangible results for each organization we team with.

View the Official Press Release.

PR Contact:
Megan Sills
[email protected]
(866) 282-3752

27 Apr

5 Min read

Nok Nok Partners with Carahsoft

April 27, 2023 Nok Nok News 0 comments

Nok Nok Partners with Carahsoft to Provide Phishing-Resistant MFA Solutions to Federal, State, and Local Government Agencies

Partnership Enables Federal Agencies to Meet Regulations for Phishing-Resistant MFA, Expanding Nok Nok’s Presence in the Government Sector

SAN JOSE, Ca. – April 27, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations, today announced a partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Under the agreement, Carahsoft will serve as Nok Nok’s Master Government Aggregator®, making the company’s phishing-resistant multi-factor authentication (MFA) solutions available through Carahsoft’s reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP), Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Cooperative Purchasing Alliance (NCPA), and OMNIA Partners contracts.

With the recent executive orders and regulations, Federal Government agencies are under pressure to meet certain phishing-resistant multi-factor authentication (MFA) requirements by the end of 2024. By providing access to numerous contract vehicles, Carahsoft will help streamline the procurement process for the Federal Government to acquire Nok Nok’s S3 Suite and provide the integrated platform to its employees, contractors, partners, and public users.

“Through this partnership with Nok Nok, Government agencies now have expedited access to advanced passwordless technology rooted in immediately responsive authentication,” said Tyler Nelson, Sales Manager who leads the Nok Nok Team at Carahsoft. “Providing our customers with solutions that they can implement right away is critical to protect their workforces. We look forward to working with Nok Nok and our reseller partners to enable agencies to prevent and mitigate the future attacks of tomorrow.”

The Nok Nok S3 Authentication Suite is the first passwordless authentication platform based on FIDO standards that includes full support for both device-bound and synced passkeys and compliance solutions. The platform addresses executive orders; NIST SP800-63 and SP800-157 standards; which specify requirements for authentication, lifecycle management and derived personal identity verification credentials. Nok Nok’s S3 Suite provides privacy-compliant, passwordless authentication across platforms and is designed to operate in the most demanding regulated user environments, at global scale.

“Nok Nok has a long history of successful deployments which provide next-generation phishing-resistant MFA to regulated markets around the world,” said Tammi Hayes, Corporate Development Advisor at Nok Nok. “We are thrilled to work with Carahsoft and its reseller partners to enable the Federal Government with phishing-resistant MFA solutions that they can deploy with their users.”

“The Nok Nok and Carahsoft partnership significantly extends the reach of Nok Nok and its MFA phishing-resistant technology to Government agencies and their supplier networks to increase safety and security for all.” said Robert Lentz, President, Cyber Security Strategies.

Nok Nok’s partnership with Carahsoft aligns with its commitment to the Government sector and its delivery of FedRAMP-certified Identity Access Management (IAM) solutions to Federal Governments agencies and their users.

Nok Nok is the widest deployed FIDO-based platform globally, including Fortune and Global 500 banking, telco and other large institutions with hundreds of millions of users.

Nok Nok’s platform is available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86 and OMNIA Partners Contract #R191902. For more information, contact the Nok Nok team at Carahsoft at (844) 214-4790 or [email protected].

The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem. To learn more about Carahsoft’s Cybersecurity solutions, visit www.carahsoft.com/solve/cybersecurity.

View the official press release. For more information on Nok Nok, please visit www.noknok.com and/or follow the company blog.

About Nok Nok
Nok Nok is a global leader in passwordless customer authentication. Delivering the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today, Nok Nok empowers global organizations to dramatically improve their user experience and security, and reduce operating expenses while meeting the most advanced privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance, an innovator of FIDO standards and global patent holder, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s customers and partners include Verizon, Intuit, T-Mobile, BBVA, NTT DOCOMO, NTT DATA, MUFG Bank, AFLAC Japan, Standard Bank, Fujitsu Limited, and Hitachi.

About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.

13 Apr

7 Min read

Nok Nok Expands S3 Authentication Suite

April 13, 2023 Nok Nok News 0 comments

Nok Nok Expands S3 Authentication Suite to Meet the Needs of Government, Regulated, Payment, and E-Commerce Organizations

New capabilities include regulatory compliance and risk management, synced passkeys, secure payment confirmation, and more

San Jose, CA – April 13, 2023 – Nok Nok , a leader in passwordless authentication for the world’s largest organizations, today announced the latest release of the Nok Nok™ S3 Authentication Suite (S3 Suite) that delivers four new capabilities designed to meet the needs of regulated industries, payments markets, and e-commerce organizations. For government organizations or highly regulated industries such as healthcare, finance, and insurance, the new offering simplifies the ability to comply with security and regulatory requirements, including identifying known and unknown devices. Additional new features help e-commerce organizations reduce friction for consumers. Payment companies will also benefit with new features in the S3 Suite that address Secure Payment Confirmation (SPC) for approving high value financial transactions in web browsers.

With the increasing rise in cyber threats, security professionals are faced with heightened complexity. Not only are they navigating how to implement best practices and respond to federal mandates as they develop, but they also must be responsive to their own users and consumers without preventing their access to services or causing user friction. Organizations that are highly regulated industries are also under enormous pressure and must be prepared to respond to and comply with government and industry regulations. The Nok Nok S3 Suite leverages a wide range of authenticators, including biometric and non-biometric modalities to help meet regulatory compliance, address NIST SP800-63 and SP800-157 standards, and support various authentication needs. By integrating with an organization’s security solutions, the S3 Suite provides additional contextual information and leverages scores provided by external risk engines and behavioral biometric systems.

“The war against cyber criminals has not let up and the job of being a security professional continues to be more difficult as new mandates from the White House have been added to the list of compliance requirements. And if you are an international organization, EU and Asia requirements add to the compliance complexity. We are excited to address these compliance needs and broaden the reach of our technology into these regulated markets. Organizations operating in finance, enterprise, e-commerce and government are up against increased pressure to comply and regulation is only expected to become more stringent in the years to come,” said Phil Dunkelberger, CEO of Nok Nok. “We co-founded the FIDO Alliance to make it easier to implement strong, passwordless authentication solutions for consumers and enterprises. Now, we are expanding our offering to companies in key regulated sectors that need to be able to quickly and efficiently respond to the evolving regulations coming from the US and foreign governments.”

New government and regulated industry support includes:

Passkeys. With the rise in adoption of synced passkeys, regulated organizations need to be able to understand whether users are using their passkey with a known device or on a new device. When new devices are introduced for the first time, regulated organizations typically need to trigger additional verification steps to ensure the device belongs to the legitimate user. With the Nok Nok S3 Suite v9, organizations can easily configure authentication rules that detect the use of new devices and configure methods in order to verify whether the device is used by the legitimate user.
Support for Security Key Tracking and Inventory. New capabilities allow organizations in highly regulated industries such as healthcare, insurance and banking, to monitor and track users that are using the security key(s) they were given by their employer. With these new product features, organizations can “attest” that a user is using the security key they were issued – not a third party key – and meet security and regulatory requirements.

New E-Commerce and Consumer support includes:

Synced passkeys. Asking users to provide a password reduces enrollment conversion rates and requiring a password at checkout negatively impacts the checkout conversion. Today’s release of the S3 Suite with synced passkey features allows consumers from any of their devices to access e-commerce sites by easily signing in using biometrics instead of using a password. Additionally, the synced passkey feature enables merchants to reduce friction at sign-up, making it easier to engage personally with the customer, enroll them in loyalty programs, automate billing, and collect specific data which has become more difficult with 3rd party cookies being deprecated.

New Payment support includes:

Secure Payment Confirmation. While today’s strong customer authentication two-step-verification is more secure, it is still perceived as inconvenient to the consumer. The introduction of W3C Secure Payment Confirmation (SPC) into the S3 platform is similar to integrating a POS terminal into your browser that allows the user to use device biometrics instead of a card and (one-time) PIN. Support for SPC has been added to the EMVCo 3D Secure specification that is widely used for online card payments. For customers in the buying process, SPC dramatically cuts down on friction. This new SPC method extends the existing transaction confirmation capabilities of the Nok Nok S3 Suite making it the first choice for banks, payment service providers, and e-commerce merchants intending to implement delegated authentication.

“We have heard it said many times, removing passwords can improve time and effort spent handling password resets and account lockouts ; it reduces friction and improves the user experience, and it can drastically reduce risk,” said Jack Poller, senior analyst Enterprise Strategy Group. “As easy as it sounds, the complexity of replacing passwords while still staying compliant in regulated industries or meeting government regulations can be very complicated. Leveraging its history delivering FIDO-based strong authentication into enterprise and consumer markets, Nok Nok rolls out a set of capabilities that will ease the replacement of passwords in some of the most demanding environments. IT and security operations are trying to handle increased complexity in their environments every day; standards-based, passkey solutions should be high on their lists for first defense.”

The Nok Nok S3 Authentication Suite includes an Authentication Server and App SDKs for mobile, web and smartwatch applications. It leverages the security capabilities already present on a user’s device to bring strong and convenient authentication to any application. The S3 Suite enables organizations to easily turn a user’s device into a strong, multi-factor authentication method through support for all FIDO protocols, including passkeys.

With the S3 Suite’s rich set of capabilities, organizations can support the full customer lifecycle from frictionless on-boarding, progressive profiling, easy bootstrapping of new devices, account recovery, suspension and deprovisioning of users, to call center authentication support.

Press assets:

Learn more about the latest Nok Nok Authentication S3 Suite.

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today. Nok Nok empowers organizations to dramatically improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon.

For more information, https://noknok.com/.

29 Nov

1 Min read

Nok Nok and UberEther Partner to Deliver Phishing-Resistant MFA Fedramp-Certified IAM Solutions to Protect the US Federal Government and its Suppliers

November 29, 2022 Nok Nok News 0 comments

Nok Nok’s S3 Suite brings Next Level MFA to UberEther’s IAM Advantage Platform. Read the full press release.

22 Nov

3 Min read

Nok Nok Now Provides Full Passkey Support

November 22, 2022 Nok Nok News 0 comments

Nok Nok, one of the founding partners in the FIDO Alliance, or “Fast IDentity Online,” is now announcing full support for passkeys to offer digital service providers an alternative to traditional password verification with safer, faster, passwordless authentication combined with passkeys.

Over 80% of successful digital intrusions result from password credential theft, either through sophisticated phishing techniques to steal passwords or personal secrets or user negligence in failing to use strong, secure passwords that are difficult to remember. With digital cyber crime accelerating, single password verification systems are becoming increasingly vulnerable as all it takes is one stolen password to assume significant or complete control of a customer’s system.

Passkeys As A Solution

Passkeys are a phishing-resistant replacement for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are resistant to phishing, are always strong, and are designed so that there are no shared secrets. Different user authenticators can be used, such as various biometric factors like face or fingerprint identification, but this is also combined with additional authentication procedures, such as verifying encrypted keys on a personal device, such as a phone, for additional security.

For clients who already support FIDO, the technology behind passkeys, the Nok Nok S3 authentication platform now fully. supports single-device and multi-device passkeys and requires no code changes. For clients who do no already support FIDO, the Nok Nok S3 suite provides passkey support for both single-device and multi-device passkeys on one authentication infrastructure. Integrating passkeys not only makes user registration and sign-in more secure but also makes them faster and less prone to error and frustration.

Improving User Experiences

Because of the ease of passwordless authentication based on passkeys, businesses have found that passkey sign-in dramatically reduces user friction during sign-in while also reducing credential theft from phishing attacks since there are no shared secrets with passkeys. Passkeys are the next-level multi-factor authentication designed to replace passwords. Even though a typical “strong password” is possible with a long string of random alphanumeric characters, these passwords are harder to remember and they still require a second authentication factor such as SMS or email of passcodes. Passkeys do away with passwords and the need for a second code for authentication (two factor authentication). because the technology behind passkeys provides multi-factor authentication in one simple, user step.

Passwordless authentication with passkeys offer a 99.5% sign-in success rate and typically speeds up the sign-in process for users by anywhere from 100-200%. This means fewer sign-in failures, less frustration, and perhaps most importantly, people not abandoning a service because they find the traditional multifactor authentication process too restrictive, demanding, and inconvenient. Thus, they switch to another service that treats them better.

These initiatives by the FIDO alliance continue to provide more security to businesses and their data, with more convenience and speed for customers. Do you need to learn more about FIDO protocol and moving to a passwordless authentication system, read here to learn more.

16 Mar

4 Min read

Nok Nok Unveils Latest S3 Suite

March 16, 2022 Nok Nok News 0 comments

Nok Nok unveils the latest version of the S3 Authentication Suite – Version 8.0.1.

With this latest release, companies and organizations can now more easily operationalize modern identity and passwordless authentication in their system-level workflows, business processes and customer payment transactions. The enhancements to the Nok Nok S3 Authentication Suite are also designed to streamline large-scale operations in modern cloud environments and securely integrate with existing cryptographic infrastructure.

Key features and business benefits in this release include:

Enhanced Risk-Based Authentication: The S3 Suite now simplifies Registration and Authentication rules into a single ruleset. This allows customers to have full control over registration and authentication workflows based on predetermined business risk criteria to create very low friction customer journey experiences.
Federation Integration: The S3 Suite now supports OpenID Connect as an integration mechanism allowing S3 to serve as an “authentication provider” that works with industry-leading identity providers (e.g., ForgeRock, Azure B2C) which allows Nok Nok customers to quickly integrate into existing identity and authentication systems.
Enhanced Transaction Confirmation Support: The S3 Suite will support payment transaction confirmation in Web Applications. Customers supporting PSD2-SCA workflows will be able to implement dynamic linking on both Mobile native and Web applications so that a fraudulent merchant or man-in-the-network can’t change the details of a FIDO-authenticated transaction to hijack and steal transaction revenue.
Integration With Existing Enterprise Cryptographic Infrastructure: Customers will be able to store sensitive digital system keys of our S3 server into standalone HSM (hardware security modules) or cloud-HSM hardware infrastructure to provide the ultimate business safeguards for storing and managing digital keys that control access to business servers and databases.
Pluggable Authentication for Backend Database Access: The S3 Suite servers will offer a pluggable connection framework that supports multiple architectural approaches to help our customers eliminate vulnerable database connections based on username and passwords from all of their existing system-level workflows and applications.
Support an External Backend “Secrets” Store: The S3 Server will support the ability to send push notifications and email-OTP messages through typically insecure, external gateways. To be secure, connecting and opening sessions to those external systems requires strong authentication. With the new “external backend secrets store”, S3 offers the highest security in connecting with the systems of external MFA vendors.

“Through continued innovations that stay ahead of changing threat environments, Nok Nok continues to raise the bar above the modern authentication standards we helped to create. These new capabilities will offer greater integration flexibility for our customers that will enable them to integrate our S3 Suite with the use of their own APIs for handling encryption operations and also the use of external, hardware-based key vaults for storing sensitive information,” said Dr . Rolf Lindemann, Vice President of Products at Nok Nok.

Nok Nok’s S3 Authentication Suite was the first commercially deployed, highly scalable authentication suite built from the ground up leveraging the industry’s FIDO authentication protocols. With its modular architecture and container support, the Nok Nok S3 Suite has proven to run at internet scale, supporting mission-critical identity and modern authentication for tens of millions of users while protecting over 1B daily authentications around the globe.

About Nok Nok

Nok Nok is a pioneer in the FIDO standards and the trusted leader in next-generation identity and passwordless authentication solutions. The Nok Nok™ S3 Suite empowers companies to transform their customer experiences, transactions, business processes, and workflows by leveraging modern identity and passwordless authentication. The Nok Nok™ S3 Suite offers the most scalable and feature-rich passwordless solution that integrates into existing system-level workflows and legacy security infrastructure. Companies that implement the Nok Nok next-gen passwordless platform experience authentication success rates above 99%, onboarding conversion improvements of more than 10%, a 90% reduction in account recovery requests, and significantly reduced OpEx. Headquartered in Silicon Valley, California, the company has delivered unique inventions and innovations that are protected by a robust global patent portfolio. As a founder of the FIDO Alliance and an inventor of FIDO specifications, Nok Nok is the expert in deploying standards-based authentication, and its industry-leading customers and partners include Verizon, T-Mobile, Intuit, Cigna, Softbank, MUFG, NTT Docomo, Fujitsu Limited, Hitachi, Ericsson, MTRIX GmbH, NTT DATA, and OneSpan. For more information, visit www.noknok.com.

View the Official Press Release

16 Mar

4 Min read

Nok Nok Unveils Latest S3 Suite

March 16, 2022 Nok Nok News 0 comments

Nok Nok unveils the latest version of the S3 Authentication Suite – Version 8.0.1.

Key features and business benefits in this release include:

Enhanced Risk-Based Authentication: The S3 Suite now simplifies Registration and Authentication rules into a single ruleset. This allows customers to have full control over registration and authentication workflows based on predetermined business risk criteria to create very low friction customer journey experiences.
Federation Integration: The S3 Suite now supports OpenID Connect as an integration mechanism allowing S3 to serve as an “authentication provider” that works with industry-leading identity providers (e.g., ForgeRock, Azure B2C) which allows Nok Nok customers to quickly integrate into existing identity and authentication systems.
Enhanced Transaction Confirmation Support: The S3 Suite will support payment transaction confirmation in Web Applications. Customers supporting PSD2-SCA workflows will be able to implement dynamic linking on both Mobile native and Web applications so that a fraudulent merchant or man-in-the-network can’t change the details of a FIDO-authenticated transaction to hijack and steal transaction revenue.
Integration With Existing Enterprise Cryptographic Infrastructure: Customers will be able to store sensitive digital system keys of our S3 server into standalone HSM (hardware security modules) or cloud-HSM hardware infrastructure to provide the ultimate business safeguards for storing and managing digital keys that control access to business servers and databases.
Pluggable Authentication for Backend Database Access: The S3 Suite servers will offer a pluggable connection framework that supports multiple architectural approaches to help our customers eliminate vulnerable database connections based on username and passwords from all of their existing system-level workflows and applications.
Support an External Backend “Secrets” Store: The S3 Server will support the ability to send push notifications and email-OTP messages through typically insecure, external gateways. To be secure, connecting and opening sessions to those external systems requires strong authentication. With the new “external backend secrets store”, S3 offers the highest security in connecting with the systems of external MFA vendors.

About Nok Nok

View the Official Press Release

11 Aug

13 Min read

CompoSecure and Nok Nok Partner to deliver advanced security and authentication

August 11, 2021 Nok Nok News 0 comments

CompoSecure and Nok Nok partner to deliver advanced security and authentication across platforms with a best-in-class user experience. Category leaders create an innovative solution to protect consumers and enable merchants to fight online fraud with a breakthrough “internet ID and payment card”

WATCH VIDEO

Somerset, NJ – August 11, 2021 – CompoSecure Holdings, L.L.C. (“CompoSecure”), a leading provider of premium financial payment cards and emergent provider of cryptocurrency storage and security solutions, and Nok Nok Labs, Inc. (Nok Nok™), a pioneer and leader in passwordless authentication, announced a strategic collaboration to develop a FIDO ^®-extended solution, expanding the protections for consumers of CompoSecure’s Arculus^TM platform. The innovative, combined technology platform is expected to enable banks, fintechs, and financial services companies to put in the hands of every user a simple-to-use, personalized, and universal “digital identity”.

Currently, in beta testing, Arculus was created with the vision to promote cryptocurrency adoption by making it safe, simple, and secure for the average person to buy, sell and swap cryptocurrency. The Nok Nok solution leverages global industry standards that promote strong and easy-to-use authentication. Members of this industry alliance that support these authentication standards include Amazon.com, Apple, American Express, BBVA, Facebook, Google, Intel, Intuit, MasterCard, PayPal, Verizon, T-Mobile, Visa, and many more.

Nok Nok will collaborate with CompoSecure to increase the security, privacy, and cardholder experience associated with both companies’ current financial market and cryptocurrency customers. These additional platform capabilities will set the stage for CompoSecure to offer a breakthrough “Internet ID and payment card” that can be used as a virtual ignition key for the authentication of a user into any digital service on any device. A practical use case for a consumer is turning the payment or credit card in your wallet into a digitally transformed eCard and eWallet for digital transactions. The benefits are better usability and security for the consumer, and better fraud protection and cost control for the merchant.

“More and more people are transacting online because they are convenience-focused and their adoption of digital banking highlights their comfort with digital tools,” said Adam Lowe, Chief Innovation Officer of CompoSecure. “This new technology platform will ensure that you, and only you, are authorized to make a transaction with CompoSecure’s metal cards, with a simple and secure action, such as swiping a finger, entering a PIN, and tapping your card to your phone for an NFC-encrypted transaction.”

“We see this collaboration with CompoSecure as a game-changer for Nok Nok, bringing our vision of greater security and a better user experience to every consumer around the world,” said Phillip Dunkelberger, CEO of Nok Nok. “While securing payments will be a key focus, we will work with CompoSecure in other key areas such as eGaming, cryptocurrency exchanges, e-passports, and more. From daily use as a credit card to connecting securely to a variety of e-commerce transactions, consumers will have a trusted method for online and offline activities.”

Other common use cases include:

Payments – Strong authentication provides added security to touchless payments and online “card-not-present” transactions. This reduces chargebacks and fraudulent use for merchants, and provides better security and ease of use for consumers. Added capabilities include making it significantly easier to onboard new customers and providing a better method to use websites for current customers.
Online Banking – More and more consumers are transacting digitally and need both convenience and protection. The “internet ID and payment card” serves as a strong credential for secure transactions that can be embedded into other identity verification systems.
Cryptocurrency – The Nok Nok solution will integrate with CompoSecure’s Arculus Key^TM card, an air-gapped storage solution that connects to the Arculus Wallet^TM mobile app via an encrypted NFC connection. This provides intuitive controls, advanced security protection and the ability to manage multiple cryptocurrency wallets in one device.
eGaming – This solution enables eGaming companies to enhance security and usability to their payment ecosystems and add cryptocurrencies as a payment alternative.
Online Gambling – Internet gambling providers will have the ability to add multi-factor authentication for streamlined security without compromising ease of use for higher value bets and transactions while greatly reducing fraud.
Identity – The ability to provide identity is central to the next generation of capabilities on the internet. This card can be used to provide personalized and customizable “verifiable claims” where user identity is critical to validate entitlements.

“The ability to have a single card to transact as a credit card and a universal authenticator, all contained in a well-designed secure metal container, takes universal ID to the next level,” said Ignacio Bernal, former Global CTO at BBVA, a multinational financial services company. “The ability to link these dynamically provides a global identity, which fuels a whole new set of applications and capabilities in the market. CompoSecure and Nok Nok Labs have the right solution at the right time to transform how we conduct our business securely over the internet. It’s clear that the time has come for consumers to have access to a master digital identity that not only rids their lives of passwords but also opens their world to an easier approach to digital transactions.”

For more information on this new security technology platform, please visit www.composecure.com.

On April 19, 2021, CompoSecure announced that it had signed a merger agreement with Roman DBDR Tech Acquisition Corp. (NASDAQ: DBDR) (“Roman DBDR”), a special purpose acquisition company. Upon closing of the proposed merger, the combined company will operate as CompoSecure, Inc. and plans to trade on the Nasdaq stock market. The transaction reflects a pro forma enterprise value for the combined company of approximately $1.2 billion. The transaction is expected to close in the third quarter of 2021 and remains subject to approval by Roman DBDR stockholders and other customary closing conditions.

About Nok Nok Labs, Inc.:
Nok Nok is a trusted leader in passwordless consumer authentication to the world’s largest organizations. Delivering the most innovative authentication solutions in the market today, Nok Nok empowers global organizations to improve the user experience to access digital services while meeting the most advanced privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver a proven, cost-effective, future-proof, and standards-based passwordless consumer authentication solution. Headquartered in Silicon Valley, California, the company has delivered unique inventions and innovations that are protected by a robust global patent portfolio. As a founder of the FIDO Alliance and an inventor of FIDO specifications, Nok Nok is the expert in deploying standards-based authentication, and its industry-leading customers and partners include BBVA, DDS, Inc., Ericsson, Fujitsu Limited, Hitachi, Intuit, Lenovo, MTRIX GmbH, NTT DATA, NTT DOCOMO, OneSpan, SoftBank, T-Mobile, and Verizon. For more information, visit www.noknok.com.

About CompoSecure
Founded in 2000, CompoSecure is a pioneer and category leader in premium payment cards and an emergent provider of cryptocurrency and digital asset storage and security solutions. The company focuses on serving the affluent customers of payment card issuers worldwide using proprietary production methods that meet the highest standards of quality and security. The company offers secure, innovative, and durable proprietary products that implement leading-edge engineering capabilities and security. CompoSecure’s mission is to increase clients’ brand equity in the marketplace by offering products and solutions which differentiate the brands they represent, thus elevating the cardholder experience. For more information, please visit www.composecure.com. ArculusTM was created with the mission to promote cryptocurrency adoption by making it safe, simple, and secure for the average person to buy, sell and store cryptocurrency. With a strong background in security hardware and financial payments, the Arculus^TM solution was developed to allow people to use a familiar payment card form factor to manage their cryptocurrency. For more information, please visit GetArculus.com.

About Roman DBDR Tech Acquisition Corp.

Roman DBDR is a special purpose acquisition company whose business purpose is to effect a merger, capital stock exchange, asset acquisition, stock purchase, reorganization, or similar business combination with one or more businesses or entities. While the Company may pursue an initial business combination target in any stage of its corporate evolution or in any industry or sector, it intends to focus its search on companies in the technology, media, and telecom (“TMT”) industries. The Company is led by its Co-Chief Executive Officers, Dr. Donald G. Basile and Dixon Doll, Jr. The Company’s experienced board of directors includes former NVCA Chairman and longtime venture capitalist Dixon Doll, Global Net Lease (NYSE: GNL) CEO James L. Nelson, former fund manager Paul Misir, investment banker and investor Arun Abraham, and entrepreneur Alan Clingman. For more information, please visit www.romandbdr.com. Roman DBDR raised $236 million in its initial public offering (inclusive of underwriter’s exercise of over-allotment option) in November 2020 and is listed on Nasdaq under the symbol “DBDR”.

Forward-Looking Statements

Certain statements included in this Press Release that are not historical facts are forward-looking statements for purposes of the safe harbor provisions under the United States Private Securities Litigation Reform Act of 1995. Forward-looking statements include, but are not limited to statements regarding Roman DBDR’s or CompoSecure’s expectations, hopes, beliefs, intentions, or strategies regarding the future, including, without limitation, statements regarding: (i) the ability of Roman DBDR and CompoSecure to complete the proposed merger described in the Press Release, (ii) the size, demand and growth potential of the markets for CompoSecure’s products and CompoSecure’s ability to serve those markets, (iii) the degree of market acceptance and adoption of CompoSecure’s products, (iv) CompoSecure’s ability to develop innovative products and compete with other companies engaged in the financial services and technology industry and the timing of the ArculusTM launch and (v) CompoSecure’s ability to attract and retain clients. In addition, any statements that refer to projections, forecasts, or other characterizations of future events or circumstances, including any underlying assumptions, are forward-looking statements. Forward-looking statements generally are accompanied by words such as “believe,” “may,” “will,” “estimate,” “continue,” “anticipate,” “intend,” “expect,” “should,” “would,” “plan,” “predict,” “potential,” “seem,” “seek,” “future,” “outlook,” and similar expressions that predict or indicate future events or trends or that are not statements of historical matters. These forward-looking statements include, but are not limited to, statements regarding estimates and forecasts of other financial and performance metrics and projections of market opportunity. These statements are based on various assumptions, whether or not identified in this Press Release, and on the current expectations of CompoSecure’s and Roman DBDR’s management and are not predictions of actual performance. These forward-looking statements are provided for illustrative purposes only and are not intended to serve as, and must not be relied on by any investor as, a guarantee, a prediction, or a definitive statement of fact or probability. Neither Roman DBDR nor CompoSecure gives any assurance that either Roman DBDR or CompoSecure will achieve its expectations. Actual events and circumstances are difficult or impossible to predict and will differ from assumptions. Many actual events and circumstances are beyond the control of CompoSecure and Roman DBDR. These forward-looking statements involve a number of risks, uncertainties (some of which are beyond Roman DBDR’s and CompoSecure’s control), or other assumptions that may cause actual results or performance to be materially different from those expressed or implied by these forward-looking statements. These factors include, among others: the inability to complete the proposed merger; the inability to recognize the anticipated benefits of the proposed merger, including due to the failure to receive required security holder approvals, or the failure of other closing conditions; and costs related to the proposed merger. You should carefully consider the risks and uncertainties described in the “Risk Factors” section of the preliminary proxy statement on Schedule 14A (the “Proxy Statement”) relating to the proposed merger filed by Roman DBDR with the U.S. Securities and Exchange Commission (the “SEC”) and the definitive proxy statement and other documents filed by Roman DBDR from time to time with the SEC. These filings identify and address other important risks and uncertainties that could cause actual events and results to differ materially from those contained in the forward-looking statements. If any of these risks materialize or our assumptions prove incorrect, actual results could differ materially from the results implied by these forward-looking statements. There may be additional risks that none of Roman DBDR or CompoSecure presently know or that Roman DBDR or CompoSecure currently believe are immaterial that could also cause actual results to differ from those contained in the forward-looking statements. In addition, forward-looking statements reflect Roman DBDR’s and CompoSecure’s expectations, plans or forecasts of future events and views as of the date of this Press Release. Roman DBDR and CompoSecure anticipate that subsequent events and developments will cause Roman DBDR’s and CompoSecure’s assessments to change. However, while Roman DBDR and CompoSecure may elect to update these forward-looking statements at some point in the future, Roman DBDR and CompoSecure specifically disclaim any obligation to do so. These forward-looking statements should not be relied upon as representing Roman DBDR’s and CompoSecure’s assessments as of any date subsequent to the date of this Press Release. Accordingly, undue reliance should not be placed upon the forward-looking statements. Certain market data information in this Press Release is based on the estimates of CompoSecure and Roman DBDR management.

Additional Information about the Proposed Merger and Where to Find It

In connection with the proposed merger, Roman DBDR has filed a preliminary proxy statement with the SEC. A definitive proxy statement will be sent to stockholders of Roman DBDR seeking approval of the proposed merger. The documents relating to the proposed merger (when they are available) can be obtained free of charge from the SEC’s website at www.sec.gov. These documents (when they are available) can also be obtained free of charge by contacting CompoSecure at: William Maina, ICR for CompoSecure, (646) 277-1236, [email protected].

Participants in the Solicitation

This communication is not a solicitation of a proxy from any security holder of Roman DBDR. CompoSecure, Roman DBDR and our respective directors, executive officers, other members of management, and employees may be deemed to be participants in the solicitation of proxies from Roman DBDR’s stockholders in connection with the proposed merger. Information regarding the names and interests in the proposed merger of Roman DBDR’s directors and officers is contained Roman DBDR’s filings with the SEC. Additional information regarding the interests of potential participants in the solicitation process has also been included in the preliminary, and will be included in the definitive, proxy statement relating to the proposed merger and other relevant documents filed with the SEC. These documents can be obtained free of charge from the sources indicated above.

####

Contact Us

Latest Posts

Navigation

About Us

Recent posts

Missing the Forest for the Trees

Nok Nok’s FedRAMP High Journey: Next Step in Federal Cybersecurity