How Does 1Kosmos Augment Zscaler?

The 2022 Verizon Data Breach report found that a staggering 82% of breaches this year were caused by the human element which encompasses errors, misuse, and social engineering. The report also found that 45% of breaches were caused by credential misuse. 

If your organization secures any remote access systems like Zscaler with a password, you are vulnerable to a data breach. Even if 2FA or password based MFA has been implemented, a user’s password is the first authentication factor, which can be stolen. 

What about biometric based MFA? Device level biometrics like Touch ID and Face ID don’t actually prove the user’s identity. This is because multiple fingerprints and faces can be registered to the same phone. Furthermore, these fingerprints and faces are never matched to any valid source of proof like a government issued credential.

Now more than ever, it is important that remote access solutions like Zscaler are protected from data breaches. As the workforce has become increasingly remote over the last two years, the risk of data theft has been exacerbated by employees who use their personal devices and networks which have lower security standards than their corporate-controlled alternatives. This makes it easier than ever for hackers to access company data. 

BlockID hardens the security of remote access solutions like Zscaler by enabling them to prove the identity of their users. By proving the identity of users each time they log in, all of the other pillars of zero trust become easier to manage.

How Does 1Kosmos Prove Identity? 

When a user downloads the BlockID app and enrolls, they will take a live selfie – This is part of our LiveID. Then, we ask the user for that selfie and compare it to their photo from government issued documents like a passport or a driver’s license. 1Kosmos matches the selfie with the documents and gives the user a digital certificate that verifies their identity and it binds the account to the proven identity. When users authenticate through LiveID we compare the live selfie with the one taken at enrollment to prove identity and grant access.

To summarize, proving identity and reaching Zero Trust requires one platform that

1. Establishes user-controlled identity
2. Proves authentication with that previously established identity

There are two standards for identity and authentication: NIST 800-63-3 for ID enrollment and strong ID usage, and FIDO2 for passwordless. No platform besides BlockID has combined both of these into one experience. When done right, this single experience can replace many legacy processes and provide a seamless user experience.

In addition to NIST 800-63-3 and FIDO, BlockID’s live biometrics are iBeta certified which validates the reliability of BlockID for accurately performing live biometrics for identity proofing.

If you are interested in learning more about the BlockID platform and how it can support your zero trust journey, I invite you to watch our on-demand webinar, “Implementing a Sustainable Zero Trust Architecture.”

FIDO2 Authentication with 1Kosmos

Read More