• 3 truths and no lies for identity protection and authentication in 2020

    Phil Dunkelberger | Dec 12, 2019

    As we wrap up another year (and another decade), my thoughts are turning to 2020 and what we need to keep an eye out for next year as we put our plans together. 2019 has been one to remember from big data leaks like last week’s

  • 113 recitals and Brexit ain’t one of them – A PSD2 Survival Guide

    Walter Beisheim, Chief Corporate Development Officer, Nok Nok Labs | Sep 24, 2019

    PSD2 is on a 5+ year odyssey of bringing modern consumer authentication strategies and protections to European consumers. Delayed twice already, it’s unlikely to be delayed further.  Fortunately, Nok Nok Labs can deliver a SCA compliance process today that will offer smooth sailing regardless of the siren songs.

  • The “Anti-Pattern” of Server-Side Biometric Secrets

    Rajiv Dholakia, VP Strategic Development, Nok Nok Labs | Aug 27, 2019

    The Guardian and Forbes reported that researchers traced a massive leakage of 28 Million biometric and personal records to a company whose products are used worldwide for physical access control to a UK based company.

  • Does PSD2 Practically Eliminate SMS-OTP?

    Dr. Rolf Lindemann | Jun 19, 2019

    The payment services directive 2 (PSD2) effective date (Sept 14th, 2019) is approaching quickly. While open banking APIs are a big topic in PSD2, I want to focus on the new rules regarding Strong Customer Authentication (SCA) that are also part of this new PSD2.

  • A Banner Year for FIDO

    Dr. Rolf Lindenmann | May 30, 2019

    What if you could authenticate with phishing protection, support dedicated security hardware or security hardware integrated in your users’ everyday devices, allow users to choose PINs, or the biometric modality of their choice – wouldn’t that be great?

  • An Ounce of Prevention – Cloud Infrastructure Providers as Vectors for Scalable Attacks

    Rajiv Dholakia | Apr 25, 2019

    Krebs on Security broke a story on 16th of April 2019 about the IT outsourcing and consulting giant Wipro Ltd. The blog reported that Wipro had suffered a breach of its internal systems and that its infrastructure was being used to mount attacks onto Wipro’s customers.

  • Validation is Here – a Humbling, Yet Satisfying Couple of Weeks

    Dr. Rolf Lindemann | Mar 15, 2019

    What an amazing couple of weeks! From Barcelona all the way to San Francisco, we’re honored and humbled to have been tied to three major awards recognizing the imprint we’ve made in modernizing the authentication landscape.

  • Where is Identity Headed in 2019? My Top Five Predictions

    Phillip Dunkelberger | Dec 21, 2018

    It’s the “trends and predictions” time of year — all kinds of lists for all kinds of industries. Lest we neglect the identity and access management sector, I’ve got my own list of five predictions.

  • Android Protected Confirmation and FIDO

    Matthew Lourie and Jeff Milstead | Nov 12, 2018

    In a previous post, we talked about how Android and iOS have made enormous progress in mobile platform security. This post focusses on Android Protected Confirmation and how Nok Nok Labs leverages this security feature to help protect the industry as a whole.

  • What is Modern 2FA?

    Matthew Lourie | Oct 4, 2018

    Passwords have very few fans and rightfully so. The end-user impact on usability is something we can all understand. Less widely understood is that passwords expose organizations and our infrastructure to remote, scalable attacks. Learn how modern two-factor authentication (2FA) addresses these issues, where traditional approaches have fallen short.