• The “Anti-Pattern” of Server-Side Biometric Secrets

    Rajiv Dholakia, VP Strategic Development, Nok Nok Labs | Aug 27, 2019

    The Guardian and Forbes reported that researchers traced a massive leakage of 28 Million biometric and personal records to a company whose products are used worldwide for physical access control to a UK based company.

  • Does PSD2 Practically Eliminate SMS-OTP?

    Dr. Rolf Lindemann | Jun 19, 2019

    The payment services directive 2 (PSD2) effective date (Sept 14th, 2019) is approaching quickly. While open banking APIs are a big topic in PSD2, I want to focus on the new rules regarding Strong Customer Authentication (SCA) that are also part of this new PSD2.

  • A Banner Year for FIDO

    Dr. Rolf Lindenmann | May 30, 2019

    What if you could authenticate with phishing protection, support dedicated security hardware or security hardware integrated in your users’ everyday devices, allow users to choose PINs, or the biometric modality of their choice – wouldn’t that be great?

  • An Ounce of Prevention – Cloud Infrastructure Providers as Vectors for Scalable Attacks

    Rajiv Dholakia | Apr 25, 2019

    Krebs on Security broke a story on 16th of April 2019 about the IT outsourcing and consulting giant Wipro Ltd. The blog reported that Wipro had suffered a breach of its internal systems and that its infrastructure was being used to mount attacks onto Wipro’s customers.

  • Validation is Here – a Humbling, Yet Satisfying Couple of Weeks

    Dr. Rolf Lindemann | Mar 15, 2019

    What an amazing couple of weeks! From Barcelona all the way to San Francisco, we’re honored and humbled to have been tied to three major awards recognizing the imprint we’ve made in modernizing the authentication landscape.

  • Where is Identity Headed in 2019? My Top Five Predictions

    Phillip Dunkelberger | Dec 21, 2018

    It’s the “trends and predictions” time of year — all kinds of lists for all kinds of industries. Lest we neglect the identity and access management sector, I’ve got my own list of five predictions.

  • Android Protected Confirmation and FIDO

    Matthew Lourie and Jeff Milstead | Nov 12, 2018

    In a previous post, we talked about how Android and iOS have made enormous progress in mobile platform security. This post focusses on Android Protected Confirmation and how Nok Nok Labs leverages this security feature to help protect the industry as a whole.

  • What is Modern 2FA?

    Matthew Lourie | Oct 4, 2018

    Passwords have very few fans and rightfully so. The end-user impact on usability is something we can all understand. Less widely understood is that passwords expose organizations and our infrastructure to remote, scalable attacks. Learn how modern two-factor authentication (2FA) addresses these issues, where traditional approaches have fallen short.

  • Nok Nok Labs Addresses Potential WebAuthn Protocol Security Concerns

    Ramesh Kesanupalli, Nok Nok Labs Founder, Co-Founder The FIDO Alliance | Sep 12, 2018

    It is what you do with the standard that matters.

  • Mobile Security Arms Race: FIDO2, Stronger Biometrics, and More

    Matthew Lourie | Aug 11, 2018

    In just a few short years, Android and iOS have made great strides in security. While these advances are making it more secure for the end-user, developers face complexity in stitching new security features together. In this blog, we explore this issue, and how to create simplicity for the developer.