17 Aug

2 Min read

Test Drive the Nok Nok Passkey Authentication Solution

August 17, 2023 Nok Nok News 0 comments

Before you buy a new car, you test drive it. Sometimes you test drive lots of cars before you make a decision. Not all cars are the same, and they are definitely not the same as your old car. You want to see how the car drives, how the brakes work, cruise control, air conditioning and of course the all important safety features. It is the same when it comes to buying technology solutions – security is paramount. And equally important is the “look and feel” when the solution is customer facing. And now you can test drive the Nok Nok passkey authentication solution.

How often has customer experience ruined your relationship with a brand after the brand has changed an interface? Facebook changed its look and feel almost every two years and it drove their users nuts every time! But what if change made things much better and easier? Like when Apple introduced Touch ID? Nok Nok provides a passkey authentication solution that lets you authenticate your customers quickly and easily across mobile phones, desktop computers and tablets– all without passwords – a delightful change! It won’t look and feel like your old “car,” it will be better, and more secure!

And guess what? You can test drive Nok Nok when you sign up for a free trial. And learn more about how using a Nok Nok passkey authentication solution is the same regardless of your device when you watch the video. And btw – our video is shorter than test driving a car!

Free Trial

Watch Video

21 Jul

2 Min read

Cyber Hero Micro Briefing Series with Matt Topper

July 21, 2023 Nok Nok News 0 comments

Security, privacy and identity are very serious topics but the people beyond these technologies are human – they are creative and they find unique ways to solve the complex problems surrounding these topics. This week’s big blockbuster premiere coming in with a bang is “Oppenheimer”, the new Christopher Nolan movie starring Cillian Murphy as the infamous Robert Oppenheimer, father of the atomic bomb.

Although our Cyber Hero this week may not have created one of the most secretive, private and protected research sites on earth like Oppenheimer, he has built a space where users can scale, build resilience and safely and securely access the service. Matt Topper of UberEther is a big proponent of safety and security, and he believes high-level security should be accessible to everyone, not just a few scientists in Los Alamos.

While they are not guarding the secrets of the nuclear bomb, most regulated industries have incredibly high security requirements nowadays including multi factor authentication. Listen to Matt dissect the pros and cons of this kind of technology and its place moving forward.

Listen to Matt’s full podcast episode from earlier this week and subscribe to our blog to stay up to date on all the comics and podcasts premiering this summer in our Cyber Hero Origins series!

14 Jul

2 Min read

Cyber Hero Micro Briefing Series with Rolf Lindemann

July 14, 2023 Nok Nok News 0 comments

Could we ask for a better analogy? This week’s blockbuster premier is “Mission Impossible – Dead Reckoning Part One” with the always entertaining Tom Cruise. His character Ethan Hunt and the IMF must track down a dangerous weapon before it falls into the wrong hands. So too are the founders of the FIDO Alliance like Tom Cruise leaping tall buildings and racing through narrow alleyways to protect against “dangerous hackers” looking to get their hands on your passwords!

This week’s Cyber Hero is a little like Tom Cruise – Rolf Lindemann of Nok Nok – dashing and swashbuckling. Rolf has been there since the inception of the FIDO Alliance. Hear in his own words how the small group of people tackled one of the biggest problems still in the world of computing.

Imagine a group of individuals standing on the beach looking out at the ocean and being told you need to boil all the water. This is what it often felt like when the original founders of the FIDO specification and the FIDO Alliance went through the process of deciding where to begin to replace passwords. They all knew that no one company or person could solve the problem of weak, phishable passwords. But they knew something had to be done as the bandaids being applied to try to strengthen passwords were not working as $100s of millions of dollars were being lost to cybercriminals everyday.

Listen to Rolf’s full podcast episode from earlier this week and subscribe to our blog to stay up to date on all the comics and podcasts premiering this summer in our Cyber Hero Origins series!

26 Jun

6 Min read

AI Brings Need for Robust Security

June 26, 2023 Nok Nok News 0 comments

Title: AI Brings Need for Robust Security to the Next Level
By: Dr. Rolf Lindemann

New technologies often enable new business models. That is not a new observation. The latest new technology is (or more precisely the latest technological break-through has been made using) Artificial Intelligence or “AI”. Whenever the first signs of such new business models are visible, they trigger discussions around potential benefits and threats of the new technologies. The latest discussion that caught my attention was the potential (mis-)use of AI for running large scale attacks. I think it is worth putting that in perspective, because there is an underlying pattern here. If that catches your attention, you are invited to follow me…

Years back, the internet brought us search engines that made information available in an instant. To collect and keep updated all that information is an enormous and expensive effort (fixed cost), but it pays off since the cost per query is negligible but the revenue per search generates (advertising) revenue . This is typically called a scalable business model .

First phase of scalable attacks. What works “for good” often also works “for bad”, meaning that people with bad intentions can create scalable business models based on scalable attacks. We have seen those already. Back in 2013, hundreds of millions of passwords were stolen adding up to more than a billion stolen passwords at that time . In some way that was the first phase of scalable attacks. Those were focused on authenticating returning users. Nok Nok was one of the founding members of the FIDO Alliance that published FIDO Authentication specifications which protect against scalable attacks and hence brings robust security to authentication.

Second phase of scalable attacks was focused on knowledge-based authentication , i.e. asking for your mother’s maiden name, name of your first pet, your first car model, social security number etc. to then assume it is only you that could correctly answer those questions. Unfortunately, the search engines in the internet (see above) often can find the answer to such questions hence making it easy for attackers to create new accounts on behalf of a user. This is not really surprising as that type of information was not considered a secret by any party and as a result was shared frequently. Essentially breaking Identity Verification. As a result, the Federal Financial Institutions Examination Council (FFIEC) stated that identity verification generally shall not solely depend on knowledge-based questions . Document-centric identity proofing evolved as a response to this attack . This means that users scan their picture ID and their face and let a remote service verify they match.

Third phase of scalable attacks. When your mom calls you on the phone, how do you know it is her? First, you might see her phone number in the display of your phone. Second, you will recognize her voice, and third, during the call you will recognize the way she interacts with you. Now, maybe there is a number four: you will recognize her face when she uses a video call. So that makes four independent methods – that looks pretty secure. Maybe let’s not rely on the phone number as we know about the “Caller ID” spoofing attacks – yet another method lacking robust security: the Caller ID is not cryptographically tied to the phone line.

So, what about her voice? This is where AI comes in. You might have heard about DALL-E , the engine using a large-language model that creates images based on your instructions (and the hundreds of millions of images used for training). There is a similar engine called VALL-E, which simulates anyone’s voice after being trained with just 3 seconds of audio . When I first saw this technology being used in a Bond movie , I considered it “science fiction” – now it is real and might soon be easily available to anyone on the darknet.

What about mom’s face video? The publicly used term for that is “Deepfake”. There are very convincing examples available on the internet . The Chaos Computer Club (CCC), Europe’s largest association of hackers, demonstrated how to attack a prominent document-centric identity proofing service using such an attack . Again, these types of tools might soon be easily available to anyone on the darknet (or already are, but I have not checked).

So, the only security method that remains is the way she interacts with you. I am sure this interaction does not change that frequently, so someone observing it once will likely be able to replicate it using the tools mentioned above. Again, neither my voice nor a video recording of me are considered a secret. They are often even available on the internet. So methods that are only secure if no one can replicate such public information at the right time are not robust.

What are the “lessons learned” here? When it comes to security that is robust against scalable attacks, we cannot rely on the difficulty to create voices nor videos of other people. Instead, we really must use cryptographic methods directly backed by something the user possesses, like electronic ID cards and hardware backed wallets or indirectly backed by something the user possesses, like cloud wallets with strong proven security using strong user authentication backed by FIDO security keys, passkeys or similar .

The recent advances in AI make it very clear that we have to accelerate the shift towards robust security for all remote interactions as methods that were only theoretically attackable (but not practically attacked) before are practically attacked now (or will be in the near future). This shift towards robust security will then help us to keep fraud under control, accelerate business and provide peace of mind to users – getting us closer to the ePromiseland .

23 Jun

1 Min read

Cyber Hero Series – It’s a bird, it’s a plane, it’s Tushar!

June 23, 2023 Nok Nok News 0 comments

This week’s blockbuster premiere is a comedy, drama and a romance all wrapped in one with one of the perennial favorite actors, Tom Hanks – “Asteroid City.” And as is the case with any movie written and directed by Wes Anderson – there is a mix of styles and different time periods.

In today’s edition of the Cyber Hero Origins series, our second digital comic, we go back in time a little and look at how our Cyber Hero Tushar Phondge has spent a career eradicating passwords, working toward putting into the hands of individuals – not big companies – the control over the types of personal information that is shared. His mission – self-sovereign identity.

Nok Nok says THANK YOU, Tushar, for learning as a boy how to tinker with cars and applying that same passion to cyber security – evangelizing and implementing FIDO-based passwordless authentication solutions along the way.

16 Jun

2 Min read

Cyber Hero Micro Briefing Series with Tammi Hayes

June 16, 2023 Nok Nok News 0 comments

One of the most highly anticipated summer superhero movies is out today – “The Flash.” While she can’t travel back in time like The Flash to change what’s happened in the past, our Cyber Hero this week, Tammi Hayes, has been there since the beginning, making us all more secure on the internet.

Tammi has been a cybersecurity champion for over two decades, pioneering its evolution since the early dot-com era. Her involvement with RSA, however, marked merely the beginning of her cybersecurity odyssey.

In this week’s episode of Cyber Hero Origins, Tammi describes her journey to becoming a cybersecurity evangelist and how she’s raised awareness for FIDO and Nok Nok – pushing forward the discourse on passwordless security and helping FIDO to become a globally accepted standard for all industries.

Thank you, Tammi! Your continuous efforts in cybersecurity are not merely a testament to your expertise and dedication, but it also serves as an inspiration for others!

Listen to her full podcast episode from earlier this week and subscribe to our blog to stay up to date on all the comics and podcasts premiering this summer in our Cyber Hero Origins series!

09 Jun

1 Min read

Cyber Hero Origins – Rakan Khalid

June 9, 2023 Nok Nok News 0 comments

This week’s expected summer movie blockbuster is “Transformers – Rise of the Beast.” At the same time we are excited to present to you a “transformer” in his own field Rakan Khalid, Head of Product, Identity Verification and Authentication. Rakan is our first Cyber Hero Origin in the form of a comic!

A little about why Rakan is a true Transformer and Cyber Hero: as a young person he took it upon himself to transform for his father, a doctor in Dubai, what was a paper based patient record system into an easy to manage electronic format. Fast forward through impressive jobs at Intel and eBay, and now Rakan is evangelizing FIDO-standards based passwordless authentication to protect his employer and their customers from breaches and fraud – not an easy transformation as people hold tightly to vulnerable passwords.

Nok Nok says THANK YOU to Rakan, one of many unsung cyber heroes who are responsible for thought leadership in his organization driving FIDO-based passwordless authentication.

Subscribe to our blog and stay tuned, as we have comics and podcasts premiering all summer!

02 Jun

2 Min read

Intro to Cyber Hero Series – From the Beginning

June 2, 2023 Nok Nok News 0 comments

Intro to Cyber Hero Series - From the Beginning.

31 May

4 Min read

Nok Nok Announces Record Customer Expansion as Industry Adoption of FIDO Passkeys Accelerates

May 31, 2023 Nok Nok News 0 comments

Next phase of growth powered by regulatory compliance and recent ecosystem partnerships.

Global adoption of passwordless authentication is accelerating due to regulatory compliance, security and user experience requirements, and recent advances from major computing ecosystem participants.

San Jose, CA – May 31, 2023 – Nok Nok, a leader in passwordless authentication for the world’s largest organizations, today announced strong 2022 results following the FIDO (Fast IDentity Online) industry introduction of passkeys, deployments with Fortune 500 companies and key partnerships in the government market that will accelerate the company’s next phase of growth. Nok Nok 2022 annual recurring revenue increased by more than 40% YoY, driven by expansion in customer deployments, and the addition of new vertical markets fueled by global regulations that require phishing-resistant authentication.

Innovative Passkey Support

As an inventor of FIDO specifications, Nok Nok and its S3 product suite have been in sync with advances in FIDO authentication. With the introduction of FIDO passkeys in 2022, Nok Nok announced the:

same safety and convenience of using biometrics to access your device as for logging into web services.
reduced attack surfaces by eliminating the most commonly stored credential – the password.
ability to embed passwordless authentication in enterprise workflows reduces development and support time for customer facing applications.
future integration capabilities that will include in-home devices such as Alexa, IoT device services, and physical access to buildings.

“We see new momentum in the FIDO marketplace due to the announcement of Passkeys last year,” offered Miguel Villaumbrales, Global Head of Digital Identity from BBVA. BBVA, a customer of Nok Nok since 2019 with a security-first mindset, has implemented Nok Nok’s FIDO-based biometric authentication in its award winning mobile banking services, including their smart watch applications.

Customer Deployment Spotlight

NTT DOCOMO, INC. has been a customer of Nok Nok since 2015. Under the slogan “Your Security, More Simple,” DOCOMO has improved the authentication user experience for a wide variety of DOCOMO services. In 2020, DOCOMO began offering a passwordless option by providing a password disable setting, and in April 2023, NTT DOCOMO began support for WebAuthn/Passkeys. DOCOMO’s adoption of Nok Nok’s FIDO solution enhanced the authentication user experience, toward DOCOMO’s goal of a “Passwordless World.”

New Partnerships to Address Growing Global Regulatory Compliance

2022 was the year that Nok Nok accelerated product development in order to meet the needs of government and highly regulated industries. Nok Nok announced a partnership with UberEther, a leading provider of identity and access management solutions to the federal government, to provide phishing-resistant authentication in UberEther’s FedRAMP High and DoD Impact Level 5 ready IAM Advantage platform.

Nok Nok also entered into a new partnership with Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®. Recent executive orders and regulations require federal government agencies to leverage phishing-resistant multi-factor authentication (MFA) solutions. Through Carahsoft’s reseller partners, and NASA Solutions for Enterprise-Wide Procurement (SEWP) and National Cooperative Purchasing Alliance (NCPA) contracts, federal government agencies will have access to Nok Nok’s FIDO-enabled and phishing-resistant multi-factor authentication (MFA) solution.

“From when we co-founded the FIDO Alliance in 2012 to where we see adoption today, it is truly rewarding to see industry-leading customers and partners deploying Nok Nok’s FIDO enabled solutions at internet scale to hundreds of millions of global end users,” said Phil Dunkelberger, CEO of Nok Nok. “It has been our best year for deployments, customer expansion and innovation with the shipping of the The Nok Nok™ S3 Authentication Suite Version 9. Recent market interest in our solutions has been driven by the introduction of FIDO-based passkeys, which is creating a global awareness of what interoperable, easy to use passwordless authentication can mean for the consumer experience. All of this momentum points to a more secure, easier to use experience for all users, and reduced complexity for IT and security teams.”

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the passwordless authentication market today. Nok Nok empowers organizations to significantly improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon. For more information visit NokNok.com.

Read the official press release.

05 May

4 Min read

Nok Nok Joins Team of Best-in-Class

May 5, 2023 Nok Nok News 0 comments

UberEther’s IAM Advantage Includes Nok Nok

Best-in-Class identity providers UberEther, Ping Identity, SailPoint, Nok Nok, Radiant Logic, Appgate and Carahsoft join forces to modernize identity management for Government and high security customers

STERLING, VA – May 04, 2023 – UberEther, a full-stack technology integrator providing innovative identity solutions, today announced the launch of IAM Advantage, the first solution of its kind to achieve DoD IL5 authorization. IAM Advantage is an identity, credential, and access management (ICAM) solution designed to to help Government agencies and suppliers modernize their legacy identity systems. IAM Advantage can manage access for employees, contractors or citizens and will secure end-to-end workflows from account registration to digital transactions.

IAM Advantage combines solutions from the following best-in-class identity providers that together help agencies comply with NIST’s most recent guidelines for digital identity (SP 800-63) and the Federal memorandum on Zero Trust Strategy (OMB M-22-09).

Core ICAM

Ping Identity, a provider of intelligent identity solutions with authentication, federation, identity management, authorization and access management capabilities for ICAM modernization
Radiant Logic, the foundational identity data management platform that correlates all identity data to create a unified Master User Record (MUR), which acts as the Policy Information Point for a Zero Trust Architecture
SailPoint, an identity security provider that enables the modern enterprise to discover, govern, and secure all identities across all environments

Supporting Technologies

Appgate, a provider of Zero Trust access designed with a direct-routed, software-defined perimeter model that aligns with NIST (SP) 800-207 Zero Trust Architecture
Nok Nok, a phishing-resistant multi-factor authentication (MFA) password-less authentication platform, and compliance solutions to address NIST SP800-63 and SP800-157 standards

Procurement Support, Distribution and Training

Carahsoft, a Master Government Aggregator® providing ease of procurement for IAM Advantage and access to services and training for the Public Sector through hundreds of contract vehicles

“Our Government customers are looking for an integrated identity solution that helps them achieve their compliance and security requirements while reducing the burden of managing multiple vendors,” said Matt Topper, President and Solutions Catalyst at UberEther. “We are delighted to partner with some of the most innovative and respected companies in the identity ecosystem to offer a highly secure solution for our Government customers.”

IAM Advantage is a preconfigured solution, ensuring cost and time savings for Government procurement and security teams. UberEther offers flexible deployment models: on-premises, in any cloud or hybrid environment, or in air-gapped or disconnected (DDIL) environments at the tactical edge. Security is enhanced with a single-tenant environment, and customers control their own encryption keys. Further, IAM Advantage is applicable to both desktop and mobile applications – and in both single sign-on and federated identity management models.

Integrations with Salesforce and ServiceNow are prebuilt and will allow Government customers to integrate IAM Advantage into their existing software stack quickly and affordably. “Identity and access management is a complex and high-risk task for Government agencies, particularly if they rely on outdated legacy products,” said Brian O’Donnell, Vice President of Cybersecurity Solutions at Carahsoft. “The development of the IL5 ICAM solution is a significant step forward in providing Government agencies with robust and reliable IAM solutions that meet their needs and protect against modern threats. We look forward to working with our reseller partners to provide Defense agencies with advanced, highly secure cybersecurity solutions through numerous Carahsoft contract vehicles.”

More information on IAM Advantage can be found here. UberEther is available through Carahsoft’s GSA Schedule No. 47QSWA18D008F, SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA01-86, and NCPA Contract NCPA01-86. For more information, contact the UberEther team at Carahsoft at (703) 889-9808 or [email protected].

About UberEther
Founded in 2010, UberEther is a full stack technology integrator that builds innovative solutions for our clients and turns their security and access control needs into a value-added enabler that transforms the organization in ways previously not possible. We take pride in delivering reliable, repeatable, and secure solutions that provide tangible results for each organization we team with.

View the Official Press Release.

PR Contact:
Megan Sills
[email protected]
(866) 282-3752

Contact Us

Latest Posts

Navigation

About Us

Recent posts

Nok Nok: Making Mobile Banking More Secure and Convenient