Passwordless technology and phishing-resistant multifactor authentication provider Beyond Identity says it has received FIDO2 certification and can help companies adopt standards-based passwordless authentication.
FIDO2, developed by the FIDO Alliance, is a more secure standard that enables users to leverage common devices to easily authenticate online services in both mobile and desktop environments. The FIDO Alliance is an open industry association made up of some of the largest technology and cybersecurity companies in the world, including Amazon, Apple, Google, Microsoft, RSA, VMware, Yubico and more.
The company says its solutions extend FIDO2 with a continuous risk-based authentication capability that evaluates device security posture and incorporates additional risk signals from endpoint detection and response, extended detection and response and mobile device management systems to provide a complete zero trust authentication solution.
“We’re excited to achieve FIDO2 certification because eliminating passwords removes the largest source of ransomware attacks and fraud from account takeovers, but it is only step one on the way to complete security,” noted Jasson Casey, CTO of Beyond Identity. “Harnessing the power of FIDO in our platform enables us to make passkeys universally available, simplifying the deployment of phishing-resistant MFA for CISOs and their teams.”
The FIDO standards were developed to help secure identities and essentially replace passwords with more secure methods of authentication.
“Beyond Identity’s FIDO certification speaks to its commitment to supporting the industry standards for strong authentication and our shared vision of a passwordless future. They join a growing FIDO ecosystem dedicated to increasing security and privacy while lowering user friction,” says Andrew Shikiar, executive director and CMO of the FIDO Alliance.
According to Beyond Identity, the company’s platform can simplify enterprise deployment of passwordless solutions, increase adoption, integrates with single sign-on systems, supports identity protocols, and supports all major browsers, devices and application combinations.
The company says Beyond Identity uses “zero phishable factors” and ensures that private keys are “securely stored in the secure enclave.” In addition, all devices accessing resources are cryptographically bound to an authorized identity for IT visibility and control, and device security posture checks prevent insecure devices from accessing resources.
Beyond Identity also says its solutions enforce risk-based policies that evaluate endpoint security posture and use signals from security tools to ensure zero trust authentication.
Leave a Reply