What is the most important piece of information to know when you are securing a financial transaction, launching a nuclear weapon, or simply onboarding a new employee? The answer is that you absolutely need to know that the person you are interacting with is authentically who they say they are. Without indisputable authentication, how can the US Army know that it is in fact the President of the United States who is launching a nuclear weapon? How can your bank know that you are transferring $5,000 to your savings account? How can you be sure that your new employee is who they say they are? The truth is, if you don’t have an indisputable identity proofing solution, it will be impossible to know if these transactions are secure. If you are not authentically verifying the identity of the person you are dealing with, nuclear codes could be stolen, money could be lost, and you could risk hiring the wrong employee. Which authentication solutions, if any, can indisputably prove an individual’s identity to mitigate these risks?

Which solutions can authentically verify the user’s identity?

Single Sign-On

If a person signs into an account with a password before transacting with you, it must authentically be them, right? Wrong. Single Sign-On (SSO) enables employees to authenticate multiple applications and websites by logging in once, with one set of login credentials. What happens if this one set of credentials gets stolen? All other accounts that are linked to the set of credentials would get compromised as well. SSO authentication has a centralized server so hackers can gain access to any platform or website relying on SSO when they penetrate a single point of attack.

Authenticity test: failed

2FA

If the person you’re transacting with uses 2FA, then that must authentically be them, right? Wrong again. With a 2FA system, passwords are the first authenticators, which can be lost or stolen. The second authentication factor is usually something like an SMS code, a security key, or biometrics. Unfortunately, none of these second authentication factors are secure either. Consider this: a phone or security key gets run through the wash in the pocket of a pair of jeans. If there are no recovery options, the user could be locked out of their account forever. What if the 2FA solution uses biometric authentication? The truth is that fingerprints can be copied to hack Touch ID and faces can be spoofed to compromise Face ID.

Authenticity test: failed

MFA

Certainly MFA must ensure that the person you’re dealing with is authentic? Absolutely not. MFA solutions are hackable. If pieces of hardware like security keys are used as an authentication level, they can be lost or stolen. If less advanced forms of biometrics are an authentication factor, users tend to feel more secure. However, voices can be replicated, fingerprints can be copied, faces can be spoofed, and iris scanners can be hacked. In reality, MFA is not the end all solution to replacing passwords.

Authenticity test: failed

1Kosmos BlockID

What’s the 1Kosmos BlockID difference that allows you to authentically verify anyone’s identity? 1Kosmos’ passwordless solution uses an advanced form of biometrics called a liveness test that secures the identity of your employees who need to authenticate and access your systems and internal web resources. A hacker cannot reproduce and compromise the analysis and result of a liveness test, so the fear of having one’s fingerprints copied, face spoofed, or voice replicated is eliminated. Live ID brings an extra, uncompromisable level of authentication. With a simple blink of an eye and a smile, 1Kosmos BlockID can indisputably verify an individual’s identity. The solution brings users the highest levels of identity and authentication assurance per the NIST 800-63-3 guidelines, or IAL3 and AAL3.

Authenticity test: passed

To conclude…

Everyone deserves indisputable identity verification, whether you’re launching nuclear weapons or paying for an Uber online. There should be no doubt that you are dealing with the right person. You deserve the highest level of security, and with 1Kosmos, you can have it. If you would like to ensure that all of your transactions are authentic, I encourage you to explore the only indisputable identity verification system: 1Kosmos BlockID workforce solutions.

FIDO2 Authentication with 1Kosmos
Read More