14 Jul

2 Min read

Cyber Hero Micro Briefing Series with Rolf Lindemann

July 14, 2023 Nok Nok News 0 comments

Could we ask for a better analogy? This week’s blockbuster premier is “Mission Impossible – Dead Reckoning Part One” with the always entertaining Tom Cruise. His character Ethan Hunt and the IMF must track down a dangerous weapon before it falls into the wrong hands. So too are the founders of the FIDO Alliance like Tom Cruise leaping tall buildings and racing through narrow alleyways to protect against “dangerous hackers” looking to get their hands on your passwords!

This week’s Cyber Hero is a little like Tom Cruise – Rolf Lindemann of Nok Nok – dashing and swashbuckling. Rolf has been there since the inception of the FIDO Alliance. Hear in his own words how the small group of people tackled one of the biggest problems still in the world of computing.

Imagine a group of individuals standing on the beach looking out at the ocean and being told you need to boil all the water. This is what it often felt like when the original founders of the FIDO specification and the FIDO Alliance went through the process of deciding where to begin to replace passwords. They all knew that no one company or person could solve the problem of weak, phishable passwords. But they knew something had to be done as the bandaids being applied to try to strengthen passwords were not working as $100s of millions of dollars were being lost to cybercriminals everyday.

Listen to Rolf’s full podcast episode from earlier this week and subscribe to our blog to stay up to date on all the comics and podcasts premiering this summer in our Cyber Hero Origins series!

26 Jun

6 Min read

AI Brings Need for Robust Security

June 26, 2023 Nok Nok News 0 comments

Title: AI Brings Need for Robust Security to the Next Level
By: Dr. Rolf Lindemann

New technologies often enable new business models. That is not a new observation. The latest new technology is (or more precisely the latest technological break-through has been made using) Artificial Intelligence or “AI”. Whenever the first signs of such new business models are visible, they trigger discussions around potential benefits and threats of the new technologies. The latest discussion that caught my attention was the potential (mis-)use of AI for running large scale attacks. I think it is worth putting that in perspective, because there is an underlying pattern here. If that catches your attention, you are invited to follow me…

Years back, the internet brought us search engines that made information available in an instant. To collect and keep updated all that information is an enormous and expensive effort (fixed cost), but it pays off since the cost per query is negligible but the revenue per search generates (advertising) revenue . This is typically called a scalable business model .

First phase of scalable attacks. What works “for good” often also works “for bad”, meaning that people with bad intentions can create scalable business models based on scalable attacks. We have seen those already. Back in 2013, hundreds of millions of passwords were stolen adding up to more than a billion stolen passwords at that time . In some way that was the first phase of scalable attacks. Those were focused on authenticating returning users. Nok Nok was one of the founding members of the FIDO Alliance that published FIDO Authentication specifications which protect against scalable attacks and hence brings robust security to authentication.

Second phase of scalable attacks was focused on knowledge-based authentication , i.e. asking for your mother’s maiden name, name of your first pet, your first car model, social security number etc. to then assume it is only you that could correctly answer those questions. Unfortunately, the search engines in the internet (see above) often can find the answer to such questions hence making it easy for attackers to create new accounts on behalf of a user. This is not really surprising as that type of information was not considered a secret by any party and as a result was shared frequently. Essentially breaking Identity Verification. As a result, the Federal Financial Institutions Examination Council (FFIEC) stated that identity verification generally shall not solely depend on knowledge-based questions . Document-centric identity proofing evolved as a response to this attack . This means that users scan their picture ID and their face and let a remote service verify they match.

Third phase of scalable attacks. When your mom calls you on the phone, how do you know it is her? First, you might see her phone number in the display of your phone. Second, you will recognize her voice, and third, during the call you will recognize the way she interacts with you. Now, maybe there is a number four: you will recognize her face when she uses a video call. So that makes four independent methods – that looks pretty secure. Maybe let’s not rely on the phone number as we know about the “Caller ID” spoofing attacks – yet another method lacking robust security: the Caller ID is not cryptographically tied to the phone line.

So, what about her voice? This is where AI comes in. You might have heard about DALL-E , the engine using a large-language model that creates images based on your instructions (and the hundreds of millions of images used for training). There is a similar engine called VALL-E, which simulates anyone’s voice after being trained with just 3 seconds of audio . When I first saw this technology being used in a Bond movie , I considered it “science fiction” – now it is real and might soon be easily available to anyone on the darknet.

What about mom’s face video? The publicly used term for that is “Deepfake”. There are very convincing examples available on the internet . The Chaos Computer Club (CCC), Europe’s largest association of hackers, demonstrated how to attack a prominent document-centric identity proofing service using such an attack . Again, these types of tools might soon be easily available to anyone on the darknet (or already are, but I have not checked).

So, the only security method that remains is the way she interacts with you. I am sure this interaction does not change that frequently, so someone observing it once will likely be able to replicate it using the tools mentioned above. Again, neither my voice nor a video recording of me are considered a secret. They are often even available on the internet. So methods that are only secure if no one can replicate such public information at the right time are not robust.

What are the “lessons learned” here? When it comes to security that is robust against scalable attacks, we cannot rely on the difficulty to create voices nor videos of other people. Instead, we really must use cryptographic methods directly backed by something the user possesses, like electronic ID cards and hardware backed wallets or indirectly backed by something the user possesses, like cloud wallets with strong proven security using strong user authentication backed by FIDO security keys, passkeys or similar .

The recent advances in AI make it very clear that we have to accelerate the shift towards robust security for all remote interactions as methods that were only theoretically attackable (but not practically attacked) before are practically attacked now (or will be in the near future). This shift towards robust security will then help us to keep fraud under control, accelerate business and provide peace of mind to users – getting us closer to the ePromiseland .

23 Jun

1 Min read

Cyber Hero Series – It’s a bird, it’s a plane, it’s Tushar!

June 23, 2023 Nok Nok News 0 comments

This week’s blockbuster premiere is a comedy, drama and a romance all wrapped in one with one of the perennial favorite actors, Tom Hanks – “Asteroid City.” And as is the case with any movie written and directed by Wes Anderson – there is a mix of styles and different time periods.

In today’s edition of the Cyber Hero Origins series, our second digital comic, we go back in time a little and look at how our Cyber Hero Tushar Phondge has spent a career eradicating passwords, working toward putting into the hands of individuals – not big companies – the control over the types of personal information that is shared. His mission – self-sovereign identity.

Nok Nok says THANK YOU, Tushar, for learning as a boy how to tinker with cars and applying that same passion to cyber security – evangelizing and implementing FIDO-based passwordless authentication solutions along the way.

16 Jun

2 Min read

Cyber Hero Micro Briefing Series with Tammi Hayes

June 16, 2023 Nok Nok News 0 comments

One of the most highly anticipated summer superhero movies is out today – “The Flash.” While she can’t travel back in time like The Flash to change what’s happened in the past, our Cyber Hero this week, Tammi Hayes, has been there since the beginning, making us all more secure on the internet.

Tammi has been a cybersecurity champion for over two decades, pioneering its evolution since the early dot-com era. Her involvement with RSA, however, marked merely the beginning of her cybersecurity odyssey.

In this week’s episode of Cyber Hero Origins, Tammi describes her journey to becoming a cybersecurity evangelist and how she’s raised awareness for FIDO and Nok Nok – pushing forward the discourse on passwordless security and helping FIDO to become a globally accepted standard for all industries.

Thank you, Tammi! Your continuous efforts in cybersecurity are not merely a testament to your expertise and dedication, but it also serves as an inspiration for others!

Listen to her full podcast episode from earlier this week and subscribe to our blog to stay up to date on all the comics and podcasts premiering this summer in our Cyber Hero Origins series!

09 Jun

1 Min read

Cyber Hero Origins – Rakan Khalid

June 9, 2023 Nok Nok News 0 comments

This week’s expected summer movie blockbuster is “Transformers – Rise of the Beast.” At the same time we are excited to present to you a “transformer” in his own field Rakan Khalid, Head of Product, Identity Verification and Authentication. Rakan is our first Cyber Hero Origin in the form of a comic!

A little about why Rakan is a true Transformer and Cyber Hero: as a young person he took it upon himself to transform for his father, a doctor in Dubai, what was a paper based patient record system into an easy to manage electronic format. Fast forward through impressive jobs at Intel and eBay, and now Rakan is evangelizing FIDO-standards based passwordless authentication to protect his employer and their customers from breaches and fraud – not an easy transformation as people hold tightly to vulnerable passwords.

Nok Nok says THANK YOU to Rakan, one of many unsung cyber heroes who are responsible for thought leadership in his organization driving FIDO-based passwordless authentication.

Subscribe to our blog and stay tuned, as we have comics and podcasts premiering all summer!

02 Jun

2 Min read

Intro to Cyber Hero Series – From the Beginning

June 2, 2023 Nok Nok News 0 comments

Intro to Cyber Hero Series - From the Beginning.

31 May

4 Min read

Nok Nok Announces Record Customer Expansion as Industry Adoption of FIDO Passkeys Accelerates

May 31, 2023 Nok Nok News 0 comments

Next phase of growth powered by regulatory compliance and recent ecosystem partnerships.

Global adoption of passwordless authentication is accelerating due to regulatory compliance, security and user experience requirements, and recent advances from major computing ecosystem participants.

San Jose, CA – May 31, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations, today announced strong 2022 results following the FIDO (Fast IDentity Online) industry introduction of passkeys, deployments with Fortune 500 companies and key partnerships in the government market that will accelerate the company’s next phase of growth. Nok Nok 2022 annual recurring revenue increased by more than 40% YoY, driven by expansion in customer deployments, and the addition of new vertical markets fueled by global regulations that require phishing-resistant authentication.

Innovative Passkey Support

As an inventor of FIDO specifications, Nok Nok and its S3 product suite have been in sync with advances in FIDO authentication. With the introduction of FIDO passkeys in 2022, Nok Nok announced the:

same safety and convenience of using biometrics to access your device as for logging into web services.
reduced attack surfaces by eliminating the most commonly stored credential – the password.
ability to embed passwordless authentication in enterprise workflows reduces development and support time for customer facing applications.
future integration capabilities that will include in-home devices such as Alexa, IoT device services, and physical access to buildings.

“We see new momentum in the FIDO marketplace due to the announcement of Passkeys last year,” offered Miguel Villaumbrales, Global Head of Digital Identity from BBVA. BBVA, a customer of Nok Nok since 2019 with a security-first mindset, has implemented Nok Nok’s FIDO-based biometric authentication in its award winning mobile banking services, including their smart watch applications.

Customer Deployment Spotlight

NTT DOCOMO, INC. has been a customer of Nok Nok since 2015. Under the slogan “Your Security, More Simple,” DOCOMO has improved the authentication user experience for a wide variety of DOCOMO services. In 2020, DOCOMO began offering a passwordless option by providing a password disable setting, and in April 2023, NTT DOCOMO began support for WebAuthn/Passkeys. DOCOMO’s adoption of Nok Nok’s FIDO solution enhanced the authentication user experience, toward DOCOMO’s goal of a “Passwordless World.”

New Partnerships to Address Growing Global Regulatory Compliance

2022 was the year that Nok Nok accelerated product development in order to meet the needs of government and highly regulated industries. Nok Nok announced a partnership with UberEther, a leading provider of identity and access management solutions to the federal government, to provide phishing-resistant authentication in UberEther’s FedRAMP High and DoD Impact Level 5 ready IAM Advantage platform.

Nok Nok also entered into a new partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Recent executive orders and regulations require federal government agencies to leverage phishing-resistant multi-factor authentication (MFA) solutions. Through Carahsoft’s reseller partners, and NASA Solutions for Enterprise-Wide Procurement (SEWP) and National Cooperative Purchasing Alliance (NCPA) contracts, federal government agencies will have access to Nok Nok’s FIDO-enabled and phishing-resistant multi-factor authentication (MFA) solution.

“From when we co-founded the FIDO Alliance in 2012 to where we see adoption today, it is truly rewarding to see industry-leading customers and partners deploying Nok Nok’s FIDO enabled solutions at internet scale to hundreds of millions of global end users,” said Phil Dunkelberger, CEO of Nok Nok. “It has been our best year for deployments, customer expansion and innovation with the shipping of the The Nok Nok™ S3 Authentication Suite Version 9. Recent market interest in our solutions has been driven by the introduction of FIDO-based passkeys, which is creating a global awareness of what interoperable, easy to use passwordless authentication can mean for the consumer experience. All of this momentum points to a more secure, easier to use experience for all users, and reduced complexity for IT and security teams.”

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the passwordless authentication market today. Nok Nok empowers organizations to significantly improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon. For more information visit NokNok.com.

Read the official press release.

05 May

4 Min read

Nok Nok Joins Team of Best-in-Class

May 5, 2023 Nok Nok News 0 comments

UberEther’s IAM Advantage Includes Nok Nok

Best-in-Class identity providers UberEther, Ping Identity, SailPoint, Nok Nok, Radiant Logic, Appgate and Carahsoft join forces to modernize identity management for Government and high security customers

STERLING, VA – May 04, 2023 – UberEther, a full-stack technology integrator providing innovative identity solutions, today announced the launch of IAM Advantage, the first solution of its kind to achieve DoD IL5 authorization. IAM Advantage is an identity, credential, and access management (ICAM) solution designed to to help Government agencies and suppliers modernize their legacy identity systems. IAM Advantage can manage access for employees, contractors or citizens and will secure end-to-end workflows from account registration to digital transactions.

IAM Advantage combines solutions from the following best-in-class identity providers that together help agencies comply with NIST’s most recent guidelines for digital identity (SP 800-63) and the Federal memorandum on Zero Trust Strategy (OMB M-22-09).

Core ICAM

Ping Identity, a provider of intelligent identity solutions with authentication, federation, identity management, authorization and access management capabilities for ICAM modernization
Radiant Logic, the foundational identity data management platform that correlates all identity data to create a unified Master User Record (MUR), which acts as the Policy Information Point for a Zero Trust Architecture
SailPoint, an identity security provider that enables the modern enterprise to discover, govern, and secure all identities across all environments

Supporting Technologies

Appgate, a provider of Zero Trust access designed with a direct-routed, software-defined perimeter model that aligns with NIST (SP) 800-207 Zero Trust Architecture
Nok Nok, a phishing-resistant multi-factor authentication (MFA) password-less authentication platform, and compliance solutions to address NIST SP800-63 and SP800-157 standards

Procurement Support, Distribution and Training

Carahsoft, a Master Government Aggregator® providing ease of procurement for IAM Advantage and access to services and training for the Public Sector through hundreds of contract vehicles

“Our Government customers are looking for an integrated identity solution that helps them achieve their compliance and security requirements while reducing the burden of managing multiple vendors,” said Matt Topper, President and Solutions Catalyst at UberEther. “We are delighted to partner with some of the most innovative and respected companies in the identity ecosystem to offer a highly secure solution for our Government customers.”

IAM Advantage is a preconfigured solution, ensuring cost and time savings for Government procurement and security teams. UberEther offers flexible deployment models: on-premises, in any cloud or hybrid environment, or in air-gapped or disconnected (DDIL) environments at the tactical edge. Security is enhanced with a single-tenant environment, and customers control their own encryption keys. Further, IAM Advantage is applicable to both desktop and mobile applications – and in both single sign-on and federated identity management models.

Integrations with Salesforce and ServiceNow are prebuilt and will allow Government customers to integrate IAM Advantage into their existing software stack quickly and affordably. “Identity and access management is a complex and high-risk task for Government agencies, particularly if they rely on outdated legacy products,” said Brian O’Donnell, Vice President of Cybersecurity Solutions at Carahsoft. “The development of the IL5 ICAM solution is a significant step forward in providing Government agencies with robust and reliable IAM solutions that meet their needs and protect against modern threats. We look forward to working with our reseller partners to provide Defense agencies with advanced, highly secure cybersecurity solutions through numerous Carahsoft contract vehicles.”

More information on IAM Advantage can be found here. UberEther is available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86, and NCPA Contract NCPA01-86. For more information, contact the UberEther team at Carahsoft at (703) 889-9808 or [email protected].

About UberEther
Founded in 2010, UberEther is a full stack technology integrator that builds innovative solutions for our clients and turns their security and access control needs into a value-added enabler that transforms the organization in ways previously not possible. We take pride in delivering reliable, repeatable, and secure solutions that provide tangible results for each organization we team with.

View the Official Press Release.

PR Contact:
Megan Sills
[email protected]
(866) 282-3752

27 Apr

5 Min read

Nok Nok Partners with Carahsoft

April 27, 2023 Nok Nok News 0 comments

Nok Nok Partners with Carahsoft to Provide Phishing-Resistant MFA Solutions to Federal, State, and Local Government Agencies

Partnership Enables Federal Agencies to Meet Regulations for Phishing-Resistant MFA, Expanding Nok Nok’s Presence in the Government Sector

SAN JOSE, Ca. – April 27, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations, today announced a partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Under the agreement, Carahsoft will serve as Nok Nok’s Master Government Aggregator®, making the company’s phishing-resistant multi-factor authentication (MFA) solutions available through Carahsoft’s reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP), Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Cooperative Purchasing Alliance (NCPA), and OMNIA Partners contracts.

With the recent executive orders and regulations, Federal Government agencies are under pressure to meet certain phishing-resistant multi-factor authentication (MFA) requirements by the end of 2024. By providing access to numerous contract vehicles, Carahsoft will help streamline the procurement process for the Federal Government to acquire Nok Nok’s S3 Suite and provide the integrated platform to its employees, contractors, partners, and public users.

“Through this partnership with Nok Nok, Government agencies now have expedited access to advanced passwordless technology rooted in immediately responsive authentication,” said Tyler Nelson, Sales Manager who leads the Nok Nok Team at Carahsoft. “Providing our customers with solutions that they can implement right away is critical to protect their workforces. We look forward to working with Nok Nok and our reseller partners to enable agencies to prevent and mitigate the future attacks of tomorrow.”

The Nok Nok S3 Authentication Suite is the first passwordless authentication platform based on FIDO standards that includes full support for both device-bound and synced passkeys and compliance solutions. The platform addresses executive orders; NIST SP800-63 and SP800-157 standards; which specify requirements for authentication, lifecycle management and derived personal identity verification credentials. Nok Nok’s S3 Suite provides privacy-compliant, passwordless authentication across platforms and is designed to operate in the most demanding regulated user environments, at global scale.

“Nok Nok has a long history of successful deployments which provide next-generation phishing-resistant MFA to regulated markets around the world,” said Tammi Hayes, Corporate Development Advisor at Nok Nok. “We are thrilled to work with Carahsoft and its reseller partners to enable the Federal Government with phishing-resistant MFA solutions that they can deploy with their users.”

“The Nok Nok and Carahsoft partnership significantly extends the reach of Nok Nok and its MFA phishing-resistant technology to Government agencies and their supplier networks to increase safety and security for all.” said Robert Lentz, President, Cyber Security Strategies.

Nok Nok’s partnership with Carahsoft aligns with its commitment to the Government sector and its delivery of FedRAMP-certified Identity Access Management (IAM) solutions to Federal Governments agencies and their users.

Nok Nok is the widest deployed FIDO-based platform globally, including Fortune and Global 500 banking, telco and other large institutions with hundreds of millions of users.

Nok Nok’s platform is available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86 and OMNIA Partners Contract #R191902. For more information, contact the Nok Nok team at Carahsoft at (844) 214-4790 or [email protected].

The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem. To learn more about Carahsoft’s Cybersecurity solutions, visit www.carahsoft.com/solve/cybersecurity.

View the official press release. For more information on Nok Nok, please visit www.noknok.com and/or follow the company blog.

About Nok Nok
Nok Nok is a global leader in passwordless customer authentication. Delivering the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today, Nok Nok empowers global organizations to dramatically improve their user experience and security, and reduce operating expenses while meeting the most advanced privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance, an innovator of FIDO standards and global patent holder, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s customers and partners include Verizon, Intuit, T-Mobile, BBVA, NTT DOCOMO, NTT DATA, MUFG Bank, AFLAC Japan, Standard Bank, Fujitsu Limited, and Hitachi.

About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.

13 Apr

7 Min read

Nok Nok Expands S3 Authentication Suite

April 13, 2023 Nok Nok News 0 comments

Nok Nok Expands S3 Authentication Suite to Meet the Needs of Government, Regulated, Payment, and E-Commerce Organizations

New capabilities include regulatory compliance and risk management, synced passkeys, secure payment confirmation, and more

San Jose, CA – April 13, 2023 – Nok Nok , a leader in passwordless authentication for the world’s largest organizations, today announced the latest release of the Nok Nok™ S3 Authentication Suite (S3 Suite) that delivers four new capabilities designed to meet the needs of regulated industries, payments markets, and e-commerce organizations. For government organizations or highly regulated industries such as healthcare, finance, and insurance, the new offering simplifies the ability to comply with security and regulatory requirements, including identifying known and unknown devices. Additional new features help e-commerce organizations reduce friction for consumers. Payment companies will also benefit with new features in the S3 Suite that address Secure Payment Confirmation (SPC) for approving high value financial transactions in web browsers.

With the increasing rise in cyber threats, security professionals are faced with heightened complexity. Not only are they navigating how to implement best practices and respond to federal mandates as they develop, but they also must be responsive to their own users and consumers without preventing their access to services or causing user friction. Organizations that are highly regulated industries are also under enormous pressure and must be prepared to respond to and comply with government and industry regulations. The Nok Nok S3 Suite leverages a wide range of authenticators, including biometric and non-biometric modalities to help meet regulatory compliance, address NIST SP800-63 and SP800-157 standards, and support various authentication needs. By integrating with an organization’s security solutions, the S3 Suite provides additional contextual information and leverages scores provided by external risk engines and behavioral biometric systems.

“The war against cyber criminals has not let up and the job of being a security professional continues to be more difficult as new mandates from the White House have been added to the list of compliance requirements. And if you are an international organization, EU and Asia requirements add to the compliance complexity. We are excited to address these compliance needs and broaden the reach of our technology into these regulated markets. Organizations operating in finance, enterprise, e-commerce and government are up against increased pressure to comply and regulation is only expected to become more stringent in the years to come,” said Phil Dunkelberger, CEO of Nok Nok. “We co-founded the FIDO Alliance to make it easier to implement strong, passwordless authentication solutions for consumers and enterprises. Now, we are expanding our offering to companies in key regulated sectors that need to be able to quickly and efficiently respond to the evolving regulations coming from the US and foreign governments.”

New government and regulated industry support includes:

Passkeys. With the rise in adoption of synced passkeys, regulated organizations need to be able to understand whether users are using their passkey with a known device or on a new device. When new devices are introduced for the first time, regulated organizations typically need to trigger additional verification steps to ensure the device belongs to the legitimate user. With the Nok Nok S3 Suite v9, organizations can easily configure authentication rules that detect the use of new devices and configure methods in order to verify whether the device is used by the legitimate user.
Support for Security Key Tracking and Inventory. New capabilities allow organizations in highly regulated industries such as healthcare, insurance and banking, to monitor and track users that are using the security key(s) they were given by their employer. With these new product features, organizations can “attest” that a user is using the security key they were issued – not a third party key – and meet security and regulatory requirements.

New E-Commerce and Consumer support includes:

Synced passkeys. Asking users to provide a password reduces enrollment conversion rates and requiring a password at checkout negatively impacts the checkout conversion. Today’s release of the S3 Suite with synced passkey features allows consumers from any of their devices to access e-commerce sites by easily signing in using biometrics instead of using a password. Additionally, the synced passkey feature enables merchants to reduce friction at sign-up, making it easier to engage personally with the customer, enroll them in loyalty programs, automate billing, and collect specific data which has become more difficult with 3rd party cookies being deprecated.

New Payment support includes:

Secure Payment Confirmation. While today’s strong customer authentication two-step-verification is more secure, it is still perceived as inconvenient to the consumer. The introduction of W3C Secure Payment Confirmation (SPC) into the S3 platform is similar to integrating a POS terminal into your browser that allows the user to use device biometrics instead of a card and (one-time) PIN. Support for SPC has been added to the EMVCo 3D Secure specification that is widely used for online card payments. For customers in the buying process, SPC dramatically cuts down on friction. This new SPC method extends the existing transaction confirmation capabilities of the Nok Nok S3 Suite making it the first choice for banks, payment service providers, and e-commerce merchants intending to implement delegated authentication.

“We have heard it said many times, removing passwords can improve time and effort spent handling password resets and account lockouts ; it reduces friction and improves the user experience, and it can drastically reduce risk,” said Jack Poller, senior analyst Enterprise Strategy Group. “As easy as it sounds, the complexity of replacing passwords while still staying compliant in regulated industries or meeting government regulations can be very complicated. Leveraging its history delivering FIDO-based strong authentication into enterprise and consumer markets, Nok Nok rolls out a set of capabilities that will ease the replacement of passwords in some of the most demanding environments. IT and security operations are trying to handle increased complexity in their environments every day; standards-based, passkey solutions should be high on their lists for first defense.”

The Nok Nok S3 Authentication Suite includes an Authentication Server and App SDKs for mobile, web and smartwatch applications. It leverages the security capabilities already present on a user’s device to bring strong and convenient authentication to any application. The S3 Suite enables organizations to easily turn a user’s device into a strong, multi-factor authentication method through support for all FIDO protocols, including passkeys.

With the S3 Suite’s rich set of capabilities, organizations can support the full customer lifecycle from frictionless on-boarding, progressive profiling, easy bootstrapping of new devices, account recovery, suspension and deprovisioning of users, to call center authentication support.

Press assets:

Learn more about the latest Nok Nok Authentication S3 Suite.

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today. Nok Nok empowers organizations to dramatically improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon.

For more information, https://noknok.com/.

Nok Nok News

Contact Us

Latest Posts

Navigation

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Nok Nok News

Title: AI Brings Need for Robust Security to the Next LevelBy: Dr. Rolf Lindemann

Next phase of growth powered by regulatory compliance and recent ecosystem partnerships.

Global adoption of passwordless authentication is accelerating due to regulatory compliance, security and user experience requirements, and recent advances from major computing ecosystem participants.

Innovative Passkey Support

Customer Deployment Spotlight

New Partnerships to Address Growing Global Regulatory Compliance

About Nok Nok

UberEther’s IAM Advantage Includes Nok Nok

Best-in-Class identity providers UberEther, Ping Identity, SailPoint, Nok Nok, Radiant Logic, Appgate and Carahsoft join forces to modernize identity management for Government and high security customers

Nok Nok Partners with Carahsoft to Provide Phishing-Resistant MFA Solutions to Federal, State, and Local Government Agencies

Partnership Enables Federal Agencies to Meet Regulations for Phishing-Resistant MFA, Expanding Nok Nok’s Presence in the Government Sector

Nok Nok Expands S3 Authentication Suite to Meet the Needs of Government, Regulated, Payment, and E-Commerce Organizations

New capabilities include regulatory compliance and risk management, synced passkeys, secure payment confirmation, and more

Contact Us

Contact and Subscribe

Latest Posts

Navigation

Please complete this form to view and download this resource.

Submit to Download Forms

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Please complete this form to view and download this resource.

Title: AI Brings Need for Robust Security to the Next Level
By: Dr. Rolf Lindemann