Bringing 1Kosmos Passwordless Security to AWS Cognito

Robert MacDonald

I am very excited to announce that 1Kosmos is an official AWS Cognito Passwordless MFA partner.

Amazon Cognito places the utmost importance on online account security. To bolster the protection of account holders, starting in 2024, Amazon Cognito made it a goal to expand its multi-factor authentication (MFA) requirements, ultimately partnering with 1Kosmos to help the Amazon Cognito team reach its customer security initiatives.

A Better MFA

It’s no secret that MFA significantly augments the security of web and mobile applications by necessitating additional identification methods beyond just a password. By implementing various forms of MFA organizations can effectively mitigate the risks associated with user account takeovers, phishing attacks, and password breaches.

To take things a step further, users can elevate their account security through biometric authentication features like TouchID (fingerprint), FaceID and LiveID (a 1Kosmos architectural advantage). Additionally, it offers one-time passwords (OTP) through SMS and email, time-based one-time passwords (TOTP) via a linked mobile authenticator, and push notifications. This flexibility empowers Amazon customers to select the MFA methods that best align with the requirements of their application ecosystem.

User Experience is Important

The team at Amazon Cognito places delivering a seamless user experience high on its list of requirements, and that is why partnering with 1Kosmos was a perfect fit. The 1Kosmos MFA capabilities provide a diverse array of authentication choices to accommodate a broad spectrum of users and devices, all with a similar user experience. The 1Kosmos BlockID and Amazon Cognito partnership strikes the right balance between security and usability when developing customer-facing applications.

Easy Access to Passwordless

1Kosmos is a trusted AWS Partner and AWS Marketplace Seller offering BlockID and passwordless MFA solutions to elevate online account security. The platform boasts FIDO2 and NIST 800-63-3 certifications, further affirming its reliability. Amazon Cognito customers can easily deploy and directly acquire BlockID through the AWS Marketplace, enabling the implementation of a phishing-resistant passwordless MFA solution.

Identity Verification

An optional capability of the 1Kosmos platform, 1Kosmos BlockID provides organizations an automated and cryptographically secure way to verify a virtually unlimited array of identity details including government issued ID, education qualifications, healthcare data, financial account details, and other third-party machine-readable personal information while respecting an individual’s privacy. This provides progressively higher levels of identity assurance for authentication and digitally transforms a broad range of business processes such as worker or contractor onboarding, new customer account origination, and provisioning of digital services.

Combination of Verification and Authentication

This capability of the BlockID cloud service has been meticulously crafted to combat identity impersonation, thwart account takeovers, and prevent fraudulent activities, all while offering a user-friendly and frictionless login experience.

1Kosmos BlockID leverages identity-based verification to transparently authenticate users, effectively shielding against account compromises and fraudulent activities. The result of implementing BlockID identity verification with the integration of Amazon Cognito enables organizations to have a higher level of assurance for the users they have under management.

Privacy by Design

The 1Kosmos decentralized private blockchain technology empowers individuals with exclusive access and full control over their personally identifiable information, ensuring a privacy-centric design. This approach allows end users to review and authorize or decline the sharing of their data with online services they want to utilize. All personally identifiable information (PII) undergoes end-to-end encryption, guaranteeing that it remains shielded from exposure. Users can directly grant or deny sharing requests to the applications they connect with, without any involvement of third-party intermediaries, such as external public key servers or messaging hosts, ensuring that their data, keys, and plain text messages remain inaccessible to these entities.

More About 1Kosmos

Our platform encrypts and securely stores biometrics and ID data within a private, permissioned blockchain, safeguarding user data against potential breaches. BlockID is not only certified to NIST Identity Assurance Level 2 but also compliant with Level 3, showcasing a steadfast commitment to upholding and advancing identity assurance and regulatory compliance.

BlockID also further supports identity governance through the following features:

  • Biometric-based Authentication: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through credential triangulation and identity verification.
  • Identity Proofing: BlockID provides tamper evident and trustworthy digital verification of identity – anywhere, anytime and on any device with over 99% accuracy.
  • Privacy by Design: Embedding privacy into the design of our ecosystem is a core principle of 1Kosmos. We protect personally identifiable information in a distributed identity architecture, and the encrypted data is only accessible by the user.
  • Distributed Ledger: 1Kosmos protects personally identifiable information in a private and permissioned blockchain, encrypts digital identities, and is only accessible by the user. The distributed properties ensure no databases to breach or honeypots for hackers to target.
  • Interoperability: BlockID can readily integrate with existing infrastructure through its 50+ out-of-the-box integrations or via API/SDK.
  • Industry Certifications: Certified-to and exceeds requirements of NIST 800-63-3, FIDO2, UK DIATF and iBeta DEA EPCS specifications.
    To learn more about the relationship please see the press release here and the AWS Partner Network blog here.
FIDO2 Authentication with 1Kosmos
Read More
Meet the Author

Robert MacDonald

Vice President of Product Marketing

Robert is the Vice President of Product Marketing at 1Kosmos. He is a highly influential senior global marketer with more than 15 years of marketing experience in B2B and B2C software in the biometric authentication space. Prior to 1Kosmos, Rob managed product strategy and vision for the Identity and Access Management portfolio at Micro Focus, leading a team of product marketers to drive sales and support the channel. Earlier in his career he set the foundation for content planning, sales enablement and GTM activities for ForgeRock. He has also held senior marketing positions at Entrust, Dell, Quest and Corel Corporation.