Blog

We have an opportunity. This year has radically accelerated a fundamental shift that has been going on for quite some time. A core component of our security architecture has been eliminated.

This month is National Cybersecurity Awareness Month. Let me be blunt. If you don’t think you are responsible for cybersecurity – you are wrong.

It is not a surprise to say that passwords are broken. They were not designed to secure today’s connected economy. As an inventor of FIDO standards, we knew that the key to replacing passwords was a privacy-by-design specification that championed interoperability and decentralized the security topography.

It’s been an exciting week as Apple has once again shown its commitment to stronger, standards-based authentication by adding support for Web Authentication Platform Authenticators to iOS, iPadOS, macOS and Safari. With browsers like Safari allowing their users to leverage Face ID or Touch ID based platform authenticators to log…

As we wrap up another year (and another decade), my thoughts are turning to 2020 and what we need to keep an eye out for next year as we put our plans together. 2019 has been one to remember from big data leaks like last week’s…

PSD2 is on a 5+ year odyssey of bringing modern consumer authentication strategies and protections to European consumers. Delayed twice already, it’s unlikely to be delayed further.  Fortunately, Nok Nok Labs can deliver a SCA compliance process today that will offer smooth sailing regardless of the siren songs.

The Guardian and Forbes reported that researchers traced a massive leakage of 28 Million biometric and personal records to a company whose products are used worldwide for physical access control to a UK based company.

The payment services directive 2 (PSD2) effective date (Sept 14th, 2019) is approaching quickly. While open banking APIs are a big topic in PSD2, I want to focus on the new rules regarding Strong Customer Authentication (SCA) that are also part of this new PSD2.

What if you could authenticate with phishing protection, support dedicated security hardware or security hardware integrated in your users’ everyday devices, allow users to choose PINs, or the biometric modality of their choice – wouldn’t that be great?

Krebs on Security broke a story on 16th of April 2019 about the IT outsourcing and consulting giant Wipro Ltd. The blog reported that Wipro had suffered a breach of its internal systems and that its infrastructure was being used to mount attacks onto Wipro’s customers.