摩擦と疲労=不正:パスキーは違います!
高度な認証によるバンキングセキュリティの強化:パスキーの導入
オンライン取引がユビキタス化した今日のデジタル環境では、銀行部門における強固なセキュリティ対策の確保が最も重要である。しかし、利用者は何度も本人確認を求められるため、利用開始のプロセスで摩擦に遭遇したり、諦めてしまったりすることがあまりにも多い。
サイバー脅威の急増と悪意ある行為者の高度化に伴い、従来の認証方法は、機密性の高い金融デー タを保護するには不十分であることが証明されている。しかし、FIDO(Fast Identity Online)のような先進的な認証技術によって、銀行が顧客の口座や取引を保護する方法に革命をもたらす、変革的なシフトが進行中である。ここでは、特に FIDO テクノロジーの採用を通じて、高度な認証によってバンキング・セキュリ ティがどのように強化されつつあるかについて、4 つの重要な検討事項と展望を掘り下げる:
展望:FIDOベース認証へのシフト
認証の状況はパラダイムシフトを迎えており、パスワードやOTPといった従来の方法からFIDOパスキーへと移行しつつある。この進化は、より強力なセキュリティ対策、ユーザーエクスペリエンスの向上、およびPSD2やSCAなどの規制要件へのコンプライアンスの必要性によって推進されている。銀行が FIDO テクノロジーを採用することで、銀行はセキュリティの強化、摩擦の低減、認証方法の柔軟性向上といったメリットを享受できる。
クロスプラットフォームで合理的かつセキュアな銀行アプリケーションのオンボーディングを実現するNok Nok。FIDOベースの認証クレデンシャルを開発したNok Nokは、オンラインサービスへのパスワードレスサインアップとサインインを提供します。Nok Nok™ソリューションは、FIDO標準を活用してゼロから構築されており、最も幅広いユースケースに対応する最も包括的なパスキー・サポートを提供します。
結論として、FIDO ベースの認証は、ますますデジタル化する世界でバンキング・セ キュリティを強化する鍵を握っている。先進的な認証技術を採用し、ユーザー・エクスペリエンスを優先することで、銀行は進化する脅威を先取りし、金融取引にふさわしい安心感を顧客に提供することができる。
今日のデジタル時代において、モバイル機器のバンキング・アプリはどこにでもあるものとなり、金融サービスへの利便性とアクセスのしやすさを提供している。ジェネレーションZ、ミレニアル世代、ジェネレーションXの半数以上がモバイル・バンキング・アプリを好んで利用しており、従来の実店舗型バンキングが急速にデジタル・ソリューションに取って代わられつつあることは明らかだ。しかし、モバイル・バンキング・アプリの導入が急増する中、シームレスなユーザー体験を維持しながら強固なセキュリティを確保することは、世界中の銀行にとって最重要課題となっている。
このような課題に対処するため、銀行は FIDO(Fast Identity Online)や WebAuthn(Web Authentication)のような先進技術に注目し、決済承認プロセスに革命を起こそうとしている。これらの技術がどのように実装されるかを理解することは、特に米国と欧州連合(EU)の間で異なるアプローチを考慮する上で極めて重要である。
米国では、銀行アプリ内で生体認証を活用し、支払い承認を合理化することに重点が置かれている。ユーザーは指紋や顔認証などの生体認証機能を使って認証できるため、面倒なパスワード入力が不要になる。しかし、オンライン決済では、リスク分析とSMSワンタイムパスワード(OTP)に依存しているため、カード非通知詐欺や誤認断が多発している。SMSワンタイムパスワードの使用は、しばしばユーザーの摩擦を招き、顧客がコンテキストを切り替えたり、2台目のデバイスを使用したりする必要があるため、放棄率が増加します。これらの課題に対処するため、FIDO/WebAuthnの上に構築されたSecure Payment Confirmation (SPC)が導入され、生体認証であれPINであれ、1回のジェスチャーでオンライン取引を承認するためのフィッシングに強いクレデンシャルが提供されている。このアプローチは、コンバージョン率を大幅に改善し、不正行為を減らし、誤った辞退を最小限に抑え、最終的にセキュリティとユーザーエクスペリエンスの両方を向上させる。
一方、欧州連合(EU)では、銀行アプリも認証にバイオメトリクスを利用しており、パスワード入力の必要性を軽減し、セキュリティを強化している。しかし、オンライン決済の承認方法は異なっており、プッシュ・トゥ・アプリが好ましい方法となっている。ユーザーは決済取引を承認するためにバンキング・アプリに切り替える必要があり、摩擦が生じ、放棄率が高まる可能性がある。銀行アプリでは生体認証が使用されているにもかかわらず、加盟店アプリ(特にウェブアプリ)では生体認証が実用的でないため、その普及には限界がある。さらに、ウェブアプリの完全性保護が不十分であることも大きな問題です。このため、「what-you-see-is-what-you-sign」をウェブアプリに直接実装することは、現在では不可能です。このような課題に対処するため、FIDO/WebAuthnの上にSecure Payment Confirmation(SPC)が採用され、加盟店のアプリまたは発行者のアクセスコントロールサーバー(ACS)によってトリガーされるフィッシング耐性のあるクレデンシャルが提供される。このアプローチは、強固なセキュリティ対策を維持しながら、決済承認プロセスを簡素化することでコンバージョン率を向上させる。
両地域とも、FIDO/WebAuthn ベースのソリューションの採用は、ウェブ・アプリや ACS をトリガーとする支払承認のセキュリティとユーザビリティを強化する上で、重要な一歩となる。ユーザーにシームレスで安全な認証方法を提供することで、銀行は信頼と信用を浸透させ、デジタル・バンキング・サービスの普及を促進することができる。
銀行業界がデジタル時代に進化を続ける中、革新的なテクノロジーが金融サービスの未来を形作る上で重要な役割を果たすことは明らかです。セキュリティとユーザー・エクスペリエンスを優先することで、銀行は銀行業務のデジタル変革におけるリーダーとしての地位を確立し、競争が激化する中で顧客満足度とロイヤルティの向上を促進することができます。
銀行が安全な支払い確認(SPC)の要件を実装する必要がある場合、米国とEUの両方の決済セキュリティの経験を持つNok Nokのような信頼できるFIDOベンダーと提携することで、この技術の実装を成功させることができます。さまざまな認証プロトコルを採用し、暗号化エビデンスを生成する大規模なユーザーベースを実証するNok Nokの能力は、安全なオンライン決済のユーザビリティを向上させる信頼できるパートナーとしての地位をさらに強固なものにしています。
In the world of cybersecurity, the federal government sets some of the most stringent requirements for its suppliers. It’s a landscape where only the best can thrive, and Nok Nok, a pioneer in Fast IDentity Online (FIDO) authentication solutions, has emerged as an important supplier. The company recently achieved the coveted Federal Risk and Authorization Management Program (FedRAMP) High authorization through its partnership with UberEther’s IAM Advantage. This achievement follows its DoD Impact Level 5 (IL5) achieved in 2022 and marks a significant milestone in delivering top-notch cybersecurity to federal agencies, partners, and citizens.
Here are the key takeaways from this latest achievement:
1. Federal Government’s Uncompromising Cybersecurity Standards
The federal government has long been known for its uncompromising cybersecurity standards. In response to the 2021 White House Cybersecurity Executive Order and the subsequent call from US Government CISO Jen Easterly for advanced Multi-Factor Authentication (MFA) based on FIDO standards, the demand for cutting-edge cybersecurity capabilities has never been higher. The government is leading the way in adopting the best of breed cybersecurity measures, making it crucial for suppliers to meet these advanced cybersecurity requirements.
2. Nok Nok’s Unique Position: FIDO and More
Nok Nok’s unique position as one of the original creators of FIDO standards sets it apart. The partnership with UberEther has enabled Nok Nok to provide federal agencies with phishing-resistant MFA that not only meets DoD Impact Level 5 (IL5) and FedRAMP High certifications but also complies with the Federal Information Processing Standards (FIPS) and National Institute of Standards and Technology (NIST) standards. This combination of expertise and collaboration empowers federal agencies to meet the highest levels of security and regulatory requirements seamlessly.
3. Streamlining Phishing-Resistant Authentication
Nok Nok’s MFA solution offers an effortless and convenient alternative to traditional Personal Identity Verification (PIV) and Common Access Card (CAC) methods. Leveraging the public key cryptography capabilities of modern endpoint devices such as smartphones and PCs as well as security keys, the solution eliminates the need for additional drivers, middleware, or browser plugins. This approach provides a secure and user-friendly way for employees, contractors, and citizens to access information, all while reducing the vulnerabilities and costs associated with password management.
In Conclusion:
Nok Nok and its partnership with UberEther are at the forefront of delivering advanced cybersecurity solutions to the federal government, setting the gold standard for phishing-resistant MFA. With FedRAMP High authorization, FIPS and NIST compliance, and adherence to FIDO standards, Nok Nok and UberEther are ensuring the highest level of security for federal agency employees, contractors, and citizens. As the digital era continues to evolve, Nok Nok is committed to transcending traditional boundaries and meeting the dynamic cybersecurity needs of our modern society.
Here we are at the end of Cybersecurity Awareness Month, and you’ve heard vendors declare how their solutions can help make you and your enterprise safe. There is a lot to consider and maybe you are thinking you can solve the problem on your own – and go the “build vs. buy” route. Let’s look at the considerations when it comes to adopting the cutting-edge FIDO-based passkeys as the decision carries considerable weight and potential consequences.
When organizations contemplate the implementation of passkeys as an alternative to traditional passwords, they often start by focusing on the Minimum Viable Product (MVP). However, the real challenge lies beyond the MVP—the unknowns that come with version 1.1 and beyond. The technology landscape is constantly evolving, demanding adaptability and scalability. This is when the decision between starting from scratch and leveraging experienced vendors becomes critical.
Here are 6 considerations for your decision-making process:
Building a passkey solution from scratch may seem like an attractive proposition, especially for the sake of cost-effectiveness and fitting into existing infrastructure. However, it’s crucial to consider the road beyond the Minimum Viable Product (MVP). Rapid technological advancements necessitate staying up-to-date and future-ready. Vendors with experience in passwordless authentication solutions not only offer much more than a MVP but also pave the way for future expansions and improvements, helping organizations avoid technological dead-ends.
The ability of passkeys to seamlessly integrate across diverse environments is a fundamental requirement. Most established vendors excel in providing such integration, saving organizations time and resources. In contrast, building this integration in-house can be time-consuming and expensive, especially when compliance requirements need to be addressed. Dedicated passwordless authentication vendors bring years of experience, ensuring compatibility across a wide range of devices and regulatory environments.
The tech landscape is no longer homogeneous. Maintaining compatibility across various hardware and software versions can be a significant challenge when building in-house. Dedicated vendors can simplify this process by integrating seamlessly with an organization’s existing backend infrastructure, including cloud Hardware Security Modules (HSMs) and Secret Stores. This integration capability minimizes extensive code changes.
Staying abreast of evolving FIDO and WebAuthn specifications is crucial for passkey solutions. Organizations often underestimate the effort and resources required for ongoing maintenance when building in-house. Partnering with experienced authentication vendors ensures that passkey features remain up-to-date, reducing maintenance burdens and allowing organizations to stay focused on their core objectives.
Homegrown development carries inherent unknown unknowns, particularly when implementing a paradigm like passkeys for the first time. Organizations may overlook critical factors or encounter unexpected challenges, resulting in higher costs, delays, or compromises on user experience. Partnering with an established passwordless authentication provider mitigates these risks by leveraging their extensive experience and lessons learned from successful passkey deployments.
While building a passkey solution independently may seem appealing from a cost perspective, it often fails to account for hidden expenses and missed opportunities. Unknown unknowns can be costly both in terms of time and money. Leveraging a vendor like Nok Nok, with expertise and a wealth of investment in FIDO-based implementations, ensures a smoother fit into existing infrastructure and access to valuable intellectual property.
Conclusion
While building a solution from scratch may appear cost-effective or a better fit for existing infrastructure, it often underestimates the maintenance challenges, development risks, and missed opportunities. By leveraging a traditional passwordless vendor’s comprehensive passkey features, organizations can ensure a complete, scalable, secure, and future-proof implementation, benefiting from the expertise and investment of a trusted industry leader.
In our hyper-connected digital era, where online shopping is an integral part of our lives, the cumbersome process of creating and managing passwords has become a significant roadblock for e-commerce platforms. A study by NordPass reveals that a typical internet user juggles between 70 to 80 different passwords, highlighting the complexity users face in managing their online identities. It’s high time we explore more convenient and secure alternatives to passwords to enhance the online shopping experience.
Imagine signing up for e-commerce websites with the same ease and simplicity you experience when unlocking your mobile device using facial recognition or a finger swipe. The prospect is intriguing, practical and when done correctly, more secure. Biometric authentication could potentially revolutionize the way we interact with online platforms, particularly in the realm of e-commerce.
One of the costly issues faced by e-commerce sites is shopping cart abandonment, which accounts for a staggering $18 billion in lost revenue annually. A significant portion of this abandonment stems from the cumbersome process of creating a password during the checkout process. When users are prompted to create an account with a password, especially when they are trying to complete their transaction, friction is introduced. This friction can discourage potential customers, leading them to opt for a guest checkout and even abandon their carts.
The consequences of this friction extend beyond lost sales. E-commerce platforms miss out on the opportunity to build customer loyalty and gather valuable customer data for tailored marketing strategies. When users opt for guest checkouts, companies lose the chance to personalize their outreach and marketing efforts. Marketing is all about understanding your audience, and the more information a company has about its users, the better they can target and engage prospective customers effectively. Studies show that users who create accounts have a 10% higher average order value.
What if e-commerce websites offered an alternative solution to the traditional password setup, allowing users to employ biometrics for authentication in the form of “one-step checkout” so that customers don’t have to enter their information repeatedly? Passwordless authentication that utilizes biometrics, such as touch ID and Face ID can provide a seamless and secure user experience. No need for complex passwords! Additionally, implementing FIDO-based Passkey authentication solutions, like those offered by Nok Nok, can protect users from the most common type of attack – phishing – making it extremely difficult for malicious actors to gain unauthorized access to accounts. This proactive approach to security not only benefits customers but also strengthens the credibility and trustworthiness of e-commerce platforms.
By embracing passwordless authentication solutions, e-commerce platforms can simplify the onboarding process leading to increased account creation and reduced cart abandonment rates. The seamless experience would encourage users to complete their purchases, engage more often and potentially foster long-term relationships, leading to increased revenue and enhanced customer loyalty.
It’s evident that the traditional method of creating and managing passwords is outdated and cumbersome, particularly in the fast-paced world of e-commerce. Implementing FIDO-based passkey authentication can be a game-changer, providing users with a more convenient and secure means of accessing e-commerce sites. It’s time for the industry to embrace these innovative authentication methods and elevate the online shopping experience for everyone.
In the vast landscape that is the digital world, security is paramount. As technology advances, so does the sophistication of cyber threats. Recognizing this critical need for cybersecurity, the month of October has been designated as Cybersecurity Awareness Month. This observance, which began in the early 2000s, aims to raise awareness about cybersecurity and educate individuals and organizations about the importance of protecting their digital assets.
Throughout this Cybersecurity Awareness Month, we will embark on a fascinating journey through the evolutionary phases/lens of authentication. Authentication, the process of verifying the identity of users and systems, has come a long way from its humble beginnings. From passwords to biometrics, multi-factor authentication (MFA), one-time passwords (OTP), and ultimately passwordless and passkeys, we explore the transitions that have revolutionized the way we secure our digital lives.
The Era of Passwords
Passwords were the pioneers of authentication in the digital realm. Their roots can be traced back to ancient times when watchwords and secret codes were used to gain access to restricted areas. Fast forward to the computer age, passwords became a ubiquitous form of authentication. The word “password” itself can be dated back to the 1960s, gaining prominence with the advent of computing.
Fun Fact: The world’s first password, reportedly used at the Massachusetts Institute of Technology (MIT) in the early 1960s, was “password.”
Not-So-Fun Fact: Weak passwords are still a major vulnerability. “123456” and “password” have consistently topped the list of most commonly used passwords, highlighting the need for stronger authentication methods.
Rise of Biometrics
The 21st century brought forth a paradigm shift in authentication with the integration of biometrics. Biometric authentication uses unique physical or behavioral traits, such as fingerprints, facial recognition, and voice patterns, to verify an individual’s identity.
Fun Fact: The idea of using fingerprints as a means of identification dates back to ancient Babylon, where fingerprints were used on clay tablets for business transactions.
Not-So-Fun Fact: Modern AI makes it easy to create deep-fakes, making spoofing practical, emphasizing the need for a possession factor as well.
Multi-Factor Authentication (MFA)
To enhance security, the concept of MFA (or two-factor) emerged, combining two or more authentication methods. MFA typically involves a combination of something you know (e.g., password), something you have (e.g., smartphone), and something you are (e.g., fingerprint).
Fun Fact: MFA can be traced back to the use of bank ATM cards, which require the card (something you have) and a PIN (something you know).
Not-So-Fun Fact: Phishing attacks can bypass legacy MFA, emphasizing the need for phishing-resistant MFA.
One-Time Passwords (OTP)
OTP is a dynamic authentication method that provides a single-use code, usually valid for a short period. It’s widely used for secure logins and transactions.
Fun Fact: OTPs gained popularity in the mid-2000s and have since become a standard for secure online interactions.
Not-So-Fun Fact: OTPs are easily phishable and users have no easy way of knowing whether they are entering them into a legitimate application.
The Emergence of Passwordless Authentication and Passkeys
In a bid to eliminate the weaknesses associated with traditional passwords, passwordless authentication and passkeys have gained traction. Passwordless authentication often leverages biometrics, device fingerprinting, or cryptographic keys to verify users, while passkeys involve securely stored credentials on devices.
Fun Fact: FIDO (Fast Identity Online) Alliance has played a significant role in the development and adoption of passwordless authentication standards.
Not-So-Fun Fact: The adoption of new authentication methods can be slow due to organizational readiness and resistance to change.
Cybersecurity Awareness Month serves as a timely reminder of the ever-evolving landscape of cybersecurity and the imperative to stay informed and updated. The journey from passwords to passkeys showcases the constant efforts and innovations in the realm of authentication to enhance security and protect our digital footprints. As we celebrate Cybersecurity Awareness Month, let us embrace these advancements and continually strive to bolster our digital defenses for a safer online world.
The Mobile Banking Revolution Affords Freedom
Mobile banking has become an integral part of modern life – at least once a month consumers use mobile native and web apps to access their banks. It offers convenience and accessibility, enabling users to manage their finances from home and on the go. From checking account balances to transferring funds and paying bills, mobile banking has revolutionized the way we handle our money. Some of the biggest names in banking aspire to make the “Best Mobile Banking Apps” List.
However, with this convenience comes a significant challenge: security. Even with various risk management requirements and procedures in place, mobile banking transactions can be vulnerable to various threats, including phishing attacks, identity theft, and scalable password attacks. Any banking or financial institution needs to be on top of these rules and threats daily.
Just a Few Benefits of Nok Nok’s Passwordless Authentication
Mobile Banking Without Friction/MFA Fatigue
One of the best ways that banks can keep customers engaged and safe is by reducing user friction. Unlike traditional two-step authentication methods that can be cumbersome, Nok Nok simplifies the process. It requires only a single step by the user, eliminating the need for additional codes or passwords.
This streamlined process not only enhances user convenience but also protects against “MFA Fatigue” attacks, where users become frustrated with the complexity of multi-factor authentication and may opt for less secure methods.
Preventing Phishing!
Banks also need to be on the lookout for phishing attacks – which involves tricking users into revealing their login credentials including passwords and even OTPs through deceptive means. Nok Nok’s authentication uses FIDO credentials which cannot be “phished”. There is no “secret” that can be unintentionally shared with an attacker. Customers’ credentials remain confidential and secure, even when they’re away from home.
In addition to preventing MFA fatigue and phishing attacks, Nok Nok reduces user friction, making the overall mobile banking experience safer and more seamless by employing:
Biometric Authentication
Nok Nok’s solution empowers financial institutions to embrace biometric authentication for their customers. This means that only authorized individuals can access sensitive financial data. Biometric authentication leverages unique physical traits such as fingerprints or facial recognition, making it exceedingly secure and challenging to replicate.
Device Trustworthiness
Nok Nok’s solution goes further by evaluating the trustworthiness of the user’s mobile device before granting access to sensitive financial information. If a device is compromised or lacks essential security features, access can be promptly denied.
Scalability
Nok Nok’s authentication platform is purposefully designed to scale seamlessly with the ever-growing demands of mobile banking services. It can efficiently accommodate 10’s of millions of users and devices without compromising the security of financial transactions.
コンプライアンス
Compliance with regulations is paramount in the world of mobile banking. Nok Nok’s solution aligns perfectly with financial industry regulations, ensuring that banking organizations remain compliant with data security and privacy standards.
Conclusion
As the world continues to embrace mobile banking as a fundamental part of modern life, security remains a top priority. Nok Nok’s innovative authentication methods ensure that banking customers can enjoy the benefits of mobile banking without compromising on safety. So, whether you’re planning to simply check your account balance on a lazy Sunday in the backyard or in the parking lot before a little retail therapy – Nok Nok has your back, keeping your financial data secure and accessible with ease.
Before you buy a new car, you test drive it. Sometimes you test drive lots of cars before you make a decision. Not all cars are the same, and they are definitely not the same as your old car. You want to see how the car drives, how the brakes work, cruise control, air conditioning and of course the all important safety features. It is the same when it comes to buying technology solutions – security is paramount. And equally important is the “look and feel” when the solution is customer facing. And now you can test drive the Nok Nok passkey authentication solution.
How often has customer experience ruined your relationship with a brand after the brand has changed an interface? Facebook changed its look and feel almost every two years and it drove their users nuts every time! But what if change made things much better and easier? Like when Apple introduced Touch ID? Nok Nok provides a passkey authentication solution that lets you authenticate your customers quickly and easily across mobile phones, desktop computers and tablets– all without passwords – a delightful change! It won’t look and feel like your old “car,” it will be better, and more secure!
And guess what? You can test drive Nok Nok when you sign up for a free trial. And learn more about how using a Nok Nok passkey authentication solution is the same regardless of your device when you watch the video. And btw – our video is shorter than test driving a car!
Last month, Nok Nok Labs attended the White House Multifactor Authentication (MFA) Modernization Symposium. This event brought together government and industry leaders to discuss how to achieve full adoption of MFA across federal agencies, as called for in the Executive Order on Improving the Nation’s Cybersecurity.
Many government agencies currently rely on Personal Identity Verification (PIV) and Common Access (CAC) cards for employee authentication. However, these smart cards are not always convenient for remote access and everyday use. Connecting to a separate card reader can negatively impact user experience. As Deputy National Security Advisor Anne Neuberger noted, government policies should not create barriers to MFA adoption.
There was broad consensus among participants at the symposium that to fully implement MFA, the government needs to move beyond legacy technologies and embrace advanced standards like passkeys. Passkeys are a modern type of credential that can help government agencies finally achieve comprehensive MFA deployment. With passkeys, users authenticate using a cryptographic key pair stored on their device, rather than typing in a password, providing phishing-resistant security without the usability drawbacks of traditional second factors. Passkeys are already supported across major platforms and browsers and can be bound to a single device or synced across multiple devices, making them a practical path to securing access for employees, contractors, and citizens across all applications and environments.
It is clear that the transition to full MFA adoption will take thoughtful planning and cannot happen overnight. With over a decade of experience in authentication and as a founding member of the FIDO Alliance, Nok Nok Labs is well prepared to assist agencies throughout this process of transitioning to full MFA adoption. We understand the unique needs of the government and have solutions to deliver robust security and usability at scale.
While modernizing authentication is no small task, the White House symposium reiterated that it must be a priority if we are to defend our digital infrastructure in today’s threat environment. Public-private collaboration will be key to overcoming roadblocks on the path ahead. Nok Nok Labs looks forward to continuing to work with our partners across government as we chart the course to a passwordless future and a more secure online experience.
[mc4wp_form id="18773″].
[mc4wp_form id="18790″].
[mc4wp_form id="18789″].
[mc4wp_form id="18788″].
[mc4wp_form id="18787″].
[mc4wp_form id="18786″].
[mc4wp_form id="18785″].
[mc4wp_form id="18784″].
[mc4wp_form id="18783″].
「モバイル端末を利用した取引は急速に普及しており、利便性とセキュリティの両立が不可欠です。日立の金融システムやセキュリティ関連分野における豊富なシステム開発力とノウハウ、そしてグローバルに展開し、実績のあるNok Nok LabsのFIDO認証製品を組み合わせることで、その両立を実現し、今回の採用に至りました。」
– Nobuo Nagaarashi, General Manager, Financial Information Systems 1st Division, Hitachi, Ltd.
MUFGのMはMitsubishiの略で、mitsuとhishiを組み合わせた造語である。ミツは3。菱は菱の実を意味し、ひし形や菱形を表す言葉である。 日立とのパートナーシップにより、MUFGは銀行の多くのアプリやサービスにおいてパスワードレス認証ソリューションを実現している。
「FIDOのアーリーアダプターとして、私たちは大きなビジネス効果を実感しており、パートナーであるNok Nokとともに最新のFIDOイノベーションを活用し続けることに完全に賛同しています。
– Rakan Khalid, Group Product Manager, Identity.
IntuitはNok NokのS3 Suiteを利用して、モバイル・アプリケーションとデバイスにパスワードレス認証を導入しました。その結果、顧客のIntuitアプリケーション体験における摩擦が軽減されました。
「ドコモは、標準ベースのアプローチに裏打ちされたシンプルで強力な認証を数百万人の顧客に提供する世界的なイノベーターである。
– Phillip Dunkelberger, President & CEO of Nok Nok Labs.
Nok Nokの初期の顧客の1社であるNTTドコモは、FIDOを利用した課金システムを提供した最初の通信事業者であり、FIDOを統合した統合IDシステムを提供した最初の通信事業者であり、虹彩生体認証を利用したモバイルデバイスを提供した最初の通信事業者です。
「従来、認証システムの最大の課題のひとつは、セキュリティとユーザー体験のバランスをとることでした。FIDO標準のおかげで、両要素がシームレスに連携し、透明性のある迅速なユーザー体験とともに、最高水準のセキュリティを顧客に提供できると確信しています。」
– Juan Francisco Losa, Global Technology & Information Security Officer.
Nok Nokは銀行業界のリーダーであるBBVAと提携し、最先端の生体認証機能を通じて同行のモバイル・バンキング・サービスのセキュリティとユーザー体験を向上させました。
「パスワードは弱く、忘れられやすく、ハッキングされやすいからです。ソフトバンクが数百万人の顧客のために当社の標準ベースの認証プラットフォームを選択したことを非常に喜ばしく思っています。"
– Phillip Dunkelberger, President & CEO of Nok Nok Labs.
ソフトバンクの携帯電話契約者数百万人が、モバイルアプリケーション「My SoftBank Plus」を通じて生体認証を利用できるようになりました。この実装により、ソフトバンクの携帯電話ユーザーは、生体認証を使用してMy SoftBankサービスのデータにアクセスし、摩擦のないシンプルで迅速な認証体験を実現します。
「アフラックは日本の保険会社として初めてFIDO認定ソリューションを導入しました。今後もNok Nok Labsと連携し、銀行や保険業界、その他の業界への導入を進めていきたいと考えています。」
– Michihiko Ejiri, VP, Head of Portal Service Division, Service Technology Unit, Fujitsu Limited.
Nok Nok S3 Suiteにより、富士通はアフラックの顧客に対し、iOSおよびAndroidデバイス上であらゆる生体認証を使用したモバイル保険金支払いアプリケーションにおいての強力な認証を提供しました。このソリューションはまた、アフラックとその顧客に対し、既存のセキュリティ環境と相互運用可能で、ユーザー名とパスワードへの依存を軽減または排除する拡張性のあるユーザー認証方法を提供します。
「私たちのお客様には、その要件を満たす市場で最も安全な製品のみを使用しています。Nok Nok Labsは当社の製品ポートフォリオにぴったり合致しており、非常に信頼できるパートナーシップであると自負しています。」
– Lukas Praml, CEO of YOUNIQX.
オーストリア国立印刷局(OeSD)の子会社で数々の賞を受賞しているYOUNIQX Identity AGとNok Nokは、リヒテンシュタイン国民のための電子IDシステム(eID)を提供するために提携しました。 この導入は、Nok NokのFIDOプラットフォームが電子IDの提供に初めて使用されたことを意味します。
ファン・ファクト
2009年現在、リヒテンシュタインの国民一人当たりの所得は139,100ドルで、世界のどの国よりも高い。
「Nok Nokの最先端の標準ベースのプラットフォームは、素晴らしいユーザー体験を提供します。
Steve Bell, Chief Technology Officer at Gallagher
When a horse called Joe took too much of a liking to using a car as a scratching post, owner Bill Gallagher Sr. devised a cunning electrical circuit that delivered a shock whenever the horse rocked the vehicle, and in doing so created a company. Today, with passwordless authentication from Nok Nok, Gallagher is leading the IoT industry with innovative solutions that work in your office and in the outback.
「過去のパスワード忘れは約65%でした。Nok Nok LabsのFIDOソリューションを導入した後、パスワード忘れは7%に減少しました。」
Michael Engan, T-Mobile
Nok Nok S3 Suiteを使用することで、T-Mobileはキャリアにおけるパスワードレス認証導入のリーダー的存在となりました。T-Mobileのソリューションはパスワード忘れを減らし、顧客満足度を劇的に向上させました。
T-MobileのMichael EnganがIdentiverse 2019でNok NokのS3 Authentication Suiteの導入について語ります。
