13 Apr

7 Min read

Nok Nok Expands S3 Authentication Suite

April 13, 2023 Nok Nok News 0 comments

Nok Nok Expands S3 Authentication Suite to Meet the Needs of Government, Regulated, Payment, and E-Commerce Organizations

New capabilities include regulatory compliance and risk management, synced passkeys, secure payment confirmation, and more

San Jose, CA – April 13, 2023 – Nok Nok , a leader in passwordless authentication for the world’s largest organizations, today announced the latest release of the Nok Nok™ S3 Authentication Suite (S3 Suite) that delivers four new capabilities designed to meet the needs of regulated industries, payments markets, and e-commerce organizations. For government organizations or highly regulated industries such as healthcare, finance, and insurance, the new offering simplifies the ability to comply with security and regulatory requirements, including identifying known and unknown devices. Additional new features help e-commerce organizations reduce friction for consumers. Payment companies will also benefit with new features in the S3 Suite that address Secure Payment Confirmation (SPC) for approving high value financial transactions in web browsers.

With the increasing rise in cyber threats, security professionals are faced with heightened complexity. Not only are they navigating how to implement best practices and respond to federal mandates as they develop, but they also must be responsive to their own users and consumers without preventing their access to services or causing user friction. Organizations that are highly regulated industries are also under enormous pressure and must be prepared to respond to and comply with government and industry regulations. The Nok Nok S3 Suite leverages a wide range of authenticators, including biometric and non-biometric modalities to help meet regulatory compliance, address NIST SP800-63 and SP800-157 standards, and support various authentication needs. By integrating with an organization’s security solutions, the S3 Suite provides additional contextual information and leverages scores provided by external risk engines and behavioral biometric systems.

“The war against cyber criminals has not let up and the job of being a security professional continues to be more difficult as new mandates from the White House have been added to the list of compliance requirements. And if you are an international organization, EU and Asia requirements add to the compliance complexity. We are excited to address these compliance needs and broaden the reach of our technology into these regulated markets. Organizations operating in finance, enterprise, e-commerce and government are up against increased pressure to comply and regulation is only expected to become more stringent in the years to come,” said Phil Dunkelberger, CEO of Nok Nok. “We co-founded the FIDO Alliance to make it easier to implement strong, passwordless authentication solutions for consumers and enterprises. Now, we are expanding our offering to companies in key regulated sectors that need to be able to quickly and efficiently respond to the evolving regulations coming from the US and foreign governments.”

New government and regulated industry support includes:

Passkeys. With the rise in adoption of synced passkeys, regulated organizations need to be able to understand whether users are using their passkey with a known device or on a new device. When new devices are introduced for the first time, regulated organizations typically need to trigger additional verification steps to ensure the device belongs to the legitimate user. With the Nok Nok S3 Suite v9, organizations can easily configure authentication rules that detect the use of new devices and configure methods in order to verify whether the device is used by the legitimate user.
Support for Security Key Tracking and Inventory. New capabilities allow organizations in highly regulated industries such as healthcare, insurance and banking, to monitor and track users that are using the security key(s) they were given by their employer. With these new product features, organizations can “attest” that a user is using the security key they were issued – not a third party key – and meet security and regulatory requirements.

New E-Commerce and Consumer support includes:

Synced passkeys. Asking users to provide a password reduces enrollment conversion rates and requiring a password at checkout negatively impacts the checkout conversion. Today’s release of the S3 Suite with synced passkey features allows consumers from any of their devices to access e-commerce sites by easily signing in using biometrics instead of using a password. Additionally, the synced passkey feature enables merchants to reduce friction at sign-up, making it easier to engage personally with the customer, enroll them in loyalty programs, automate billing, and collect specific data which has become more difficult with 3rd party cookies being deprecated.

New Payment support includes:

Secure Payment Confirmation. While today’s strong customer authentication two-step-verification is more secure, it is still perceived as inconvenient to the consumer. The introduction of W3C Secure Payment Confirmation (SPC) into the S3 platform is similar to integrating a POS terminal into your browser that allows the user to use device biometrics instead of a card and (one-time) PIN. Support for SPC has been added to the EMVCo 3D Secure specification that is widely used for online card payments. For customers in the buying process, SPC dramatically cuts down on friction. This new SPC method extends the existing transaction confirmation capabilities of the Nok Nok S3 Suite making it the first choice for banks, payment service providers, and e-commerce merchants intending to implement delegated authentication.

“We have heard it said many times, removing passwords can improve time and effort spent handling password resets and account lockouts ; it reduces friction and improves the user experience, and it can drastically reduce risk,” said Jack Poller, senior analyst Enterprise Strategy Group. “As easy as it sounds, the complexity of replacing passwords while still staying compliant in regulated industries or meeting government regulations can be very complicated. Leveraging its history delivering FIDO-based strong authentication into enterprise and consumer markets, Nok Nok rolls out a set of capabilities that will ease the replacement of passwords in some of the most demanding environments. IT and security operations are trying to handle increased complexity in their environments every day; standards-based, passkey solutions should be high on their lists for first defense.”

The Nok Nok S3 Authentication Suite includes an Authentication Server and App SDKs for mobile, web and smartwatch applications. It leverages the security capabilities already present on a user’s device to bring strong and convenient authentication to any application. The S3 Suite enables organizations to easily turn a user’s device into a strong, multi-factor authentication method through support for all FIDO protocols, including passkeys.

With the S3 Suite’s rich set of capabilities, organizations can support the full customer lifecycle from frictionless on-boarding, progressive profiling, easy bootstrapping of new devices, account recovery, suspension and deprovisioning of users, to call center authentication support.

Press assets:

Learn more about the latest Nok Nok Authentication S3 Suite.

About Nok Nok

Nok Nok is a leader in passwordless customer authentication and delivers the most innovative FIDO (Fast IDentity Online) solutions for the authentication market today. Nok Nok empowers organizations to dramatically improve their user experience and security, and reduce operating expenses, while enabling compliance with the most rigorous privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver proven, FIDO-enabled passwordless customer authentication. As a founder of the FIDO Alliance and an innovator of FIDO standards, Nok Nok is an expert in next-level, multi-factor authentication. Nok Nok’s global customers and partners include AFLAC Japan, BBVA, Carahsoft, Fujitsu Limited, Hitachi, Intuit, Mastercard, MUFG Bank, NTT DATA, NTT DOCOMO, Standard Bank, T-Mobile, and Verizon.

For more information, https://noknok.com/.

17 Feb

1 Min read

Nok Nok Featured on Keen On

February 17, 2023 Nok Nok News 0 comments

Nok Nok on KEEN ON. When Will Silicon Valley Fix its Annoying Password Problem? Nok Nok’s Phillip Dunkelberger on digital technology that might finally kill the online password as featured on the KEEN ON podcast with Andrew Keen. In this KEEN ON episode, Andrew Keen talks to Nok Nok CEO Phillip Dunkelberger on digital technology that, he promises, will finally kill the online password.

View more KEEN ON content here and enjoy additional Nok Nok Videos here.

23 Jun

3 Min read

Learn More About Passwordless Authentication With This Master Class

June 23, 2022 Nok Nok News 0 comments

More businesses are seeing both the convenience and cost benefits of integrating devices and data and cloud-based application and storage systems. After all, if an employee working abroad needs to access data, it’s more efficient to be able to do so from a smartphone with access to an online database than it would be for that employee to have to return to the home office and access the data from their own desktop computer. However, this convenience means that there needs to be more consideration for cybersecurity, which can be a serious vulnerability for many companies.

If you’d like to learn more about how authentication failures affect businesses and how passwordless authentication can overcome these challenges, register for a free Live Masterclass Webinar:

Topic: The Cost Of Password Authentication Failures

Day: Tuesday, June 28

Time: 2:00 pm, EDT

Topic: The Cost Of Password Authentication Failures

Panelists:

Jim Delli Santi: VP Marketing/Strategy Nok Nok Labs

Phil Dunkelberger: President/CEO Nok Nok Labs

Larry Ponemon: Founder/Chairman Ponemon Institute

Attend this webinar and learn to balance strong security with ease of accessibility.

Older Security Is Vulnerable Security

Cybersecurity is only as robust as the people willing to follow its guidelines, which is where passwords, one of the oldest security measures, can fail. Current recommendations for passwords are that they are “strong,” which often means a long string of 8-16 randomly selected alphanumeric characters, making it almost statistically impossible to guess.

However, this recommendation can be difficult to follow since it also means passwords that are challenging to remember. Some will ignore the guidance in favor of easy-to-remember passwords, such as names, phrases, or other mnemonic triggers, which are also easy to guess.

Disruptive Consequences

Authentication disruption can occur on both sides of a business. A client or customer that ignores protocol can have weak passwords stolen or compromised. This can result in losing account control, sometimes funds, and eventually, trust in the company.

However, enforcing a strong password protocol can also result in customer loss. Hard-to-remember strong passwords can sometimes result in multiple log-in failures or even be so difficult they discourage clients and convince them to take their business elsewhere where protocols are less stringent and more vulnerable.

The Financial Consequences

Another area where cybersecurity disruptions can have a significant negative impact is work efficiency. Disruptions can be as minor as a build-up of inefficiencies or outright failure due to security disruptions. On the most extreme end, however, criminal activity like “ransomware” can lock users out of their data until money is paid to the hackers to revert control.

30 Mar

3 Min read

What Is The Ponemon Institute?

March 30, 2022 Nok Nok News 0 comments

There’s a popular saying in the modern-day that “facts don’t care about your feelings.” Nowhere is this more true than in the field of cyber security where, just because you have a good feeling that your data is safe, this doesn’t make it actually true. The facts, like the level of cyber security maintained and the security practices followed, will be the determining factors.

One of the best ways to maintain and practice cyber security is to have experts make recommendations. In this capacity, the Ponemon Institute is a critical ally to companies, schools, and any organization concerned with ensuring their networks and data are secure.

Just The Facts

The Ponemon Institute was created in 2002 by Dr. Larry Ponemon and Susan Jayson. It is an organization dedicated to two principles: studying information security and privacy issues and educating people about those results and their implications. It’s an independent organization dedicated to objective study and gathering data to present it without bias or agenda. In other words, the Ponemon Institute studies issues of cyber security and privacy and then faithfully preserves the data acquired from those studies.

The Ponemon Institute covers both the issues of preserving data privacy, such as handling personal data of clients or patients, and it also covers security issues, such as preventing financial data, social insurance numbers, or credit card numbers from being stolen by cybercriminals.

The Institute has worked with pharmaceutical companies, financial services, telecommunications companies, hospitality, government sectors, and many more to identify the costs of data breaches as well.

Learning From The Data

The results derived from Ponemon Institute studies have a broad array of implications for cyber security. They can accurately measure the costs and losses involved with network breaches and data theft. They can show the effectiveness and cost efficiencies that come with implementing one type of network security, such as biometrics, over another, such as traditional single-password systems.

This data is not just useful for the organizations that have conducted studies. It can benefit anyone through education. Cyber security is not the only important thing; data privacy is as well. It’s not enough to ensure that companies protect their own data; the private personal data of individuals must be protected from corporate exploitation as well, especially today as Trust and Safety becomes a new category of enterprise value.

These concerns of modern cyber security form the cornerstone of the Ponemon Institute’s studies. With their data, implementing new security measures, such as multi-factor authentication and cryptographic biometric authentication, can be assured of greater effectiveness. If you’re interested in modernizing your digital security using the latest research and data, you can learn more here about Nok Nok’s modern identity and passwordless authentication and how it protects multifactor security measures.

02 Nov

1 Min read

Nok Nok’s founder named Authentication Visionary

November 2, 2021 Nok Nok News 0 comments

Nok Nok’s founder named Authentication Visionary. Nok Nok’s founder and CEO, Phil Dunkelberger has been named a visionary by Goode Intelligence for his work in authentication, encryption, and security. Enjoy this interview with Alan Goode the CEO and Chief Analyst at Goode Intelligence.

Contact Us

Latest Posts

Navigation

About Us

Recent posts

Missing the Forest for the Trees

Nok Nok’s FedRAMP High Journey: Next Step in Federal Cybersecurity