WHY BLOCKID CUSTOMER?
1Kosmos modernizes customer onboarding with self-service KYC identity verification and then provides a convenient, identity-backed digital wallet that customers can use to login, transact and share PII data safely.
We know that customers are your most valuable asset. With 1Kosmos, you can differentiate between users with valid, verifiable identities and imposters hiding behind stolen or synthetic identities. Then deliver legitimate customers the convenience, speed, and security they want through tailorable onboarding and authentication experiences they’ll enjoy.
Our solutions for identity verification and passwordless MFA bring a transformational level of trust to each digital interaction, inspiring loyalty and slamming the door shut on fraud to help carve an efficient path to growth. Afterall, customers want to be recognized. Cybercriminals don’t. So why treat them the same alienating way with passwords, antiquated 2FA and device-level authentication?
Login Strong Customer Authentication Open
Automatically Verify Identity for New Customer Accounts
All online logins assume identity, organizations hoping they’ve granted access to the legitimate customer and not to someone performing an account takeover. With 1Kosmos our customers prove identity and can help them reduce synthetic identity fraud. We also enable our customers to comply with Know Your Customer/Anti Money Laundering mandates and ensure legitimate new accounts by automating ID verification with our FIDO2, NIST and iBeta PAD-2 certified solution.
During enrollment, customer experience is a must and the flexibility provided by 1Kosmos means that organizations can utilize an app-based or an appless enrollment workflow, and frictionless authentication once verified.
1Kosmos BlockID identity proofing utilizes a user’s driver’s license, passport, or National ID to verify user identity and is completed within a few minutes with 99%+ identity proofing accuracy and 99%+ spoofing and counterfeit detection. 1Kosmos BlockID supports document verification for over 205 countries. We can also verify identity at lower levels of assurance using banking, telco (eg, SIM binding), email, social security number, and phone number, among other methods.
The extracted data is used to build a convenient reusable digital wallet for frictionless biometric MFA and to give users control over their captured PII data.
Unrivaled Biometric Authentication
Traditional MFA solutions that rely on SMS, push notifications and email not only present too much friction to the transaction but come with well-known security loopholes that lead to account takeover and fraud. These solutions provide proof of possession, not proof of identity. As a result, consumers are getting phished more often as they routinely get emails, SMS messages, and phone calls trying to trick them into disclosing account credentials, personal information, or downloading malware.
1Kosmos mitigates these problems because our approach ties verified identities to the user’s biometric that was captured at enrollment. Our exceptional user experience is warm and friendly. As a result, every access attempt physically verifies the user identity, leaving no chance for impostors to login, defeating ATO attacks and fraudulent transactions.
The BlockID platform is NIST 800-63-3, FIDO and iBeta PAD-2 certified and supports remote identity proofing to comply with Know Your Customer mandates. The user’s data is protected by a cryptographic public/private key pair, so the biometric can’t be spoofed or stolen, and sessions can’t be compromised.
Build Customer Trust and Loyalty Through Enterprise Grade Security
After identity verification and customer enrollment, customers typically build weak credentials such as username and password. 1Kosmos BlockID provides an authentication platform to support biometric passwordless multi-factor authentication. Identity proofing can adjust with flexible levels of identity assertion to support the needs of your business and, more specifically, to support the evolving needs of your customers.
1Kosmos BlockID authentication methods are available through our SDK, and can be easily integrated into any mobile app, delivered through the 1Kosmos BlockID app, or implemented as an appless experience. Users will authenticate via any of our methods depending on the business need, the risk profile of the activity, and the security requirement for each access request. By implementing 1Kosmos BlockID, organizations can deploy any of seven identification methods including: device biometrics, LiveID, push message, email/SMS/Token, 3rd party hardware token, Windows Hello, and Mac TouchID.
BlockID also integrates via industry authentication standards such as OAuth, OIDC, SAML and FIDO. It also offers legacy support via RADIUS and supports interoperability across Windows, Office365, Mac, iOS, Android, Linux, and Unix operating systems.
Deploy What You Need and Meet Customer Expectations
Many people believe that passwordless customer authentication is difficult to deploy. Others just want to migrate from their antiquated 2FA systems and go passwordless gradually to stay with customer expectations. Still, others have some passwordless capabilities but want to improve security because there are continuous gaps in their current deployment.
A result of our flexible architecture is an ability to meet the needs of most any workflow. Many customers deploy 1Kosmos BlockID to satisfy both workforce and customer workflows. So as new mandates, regulations or even integrations come to market, like open banking as an example, the 1Kosmos API framework can help organizations quickly adopt and integrate, providing a future proof platform.
As a cloud-based identity provider, BlockID comes with several features. The administration portal provides easy access to the configuration and management of the BlockID platform. Starting with over 50 out-of-the-box integrations and a robust API framework enabling quick and easy integrations into CIAM technologies like Azure, Ping, Okta, and ForgeRock.
1Kosmos BlockID APIs comply with the strictest GDPR, SOC2, and ISO 27001 certification standards for the handling and retention of sensitive data, so you can connect customers to anything you need for strong customer engagement.
Customer Managed. Customer Owned.
During enrollment, information collected from scanned credentials is encrypted and, for the highest level of security, stored in a distributed ledger compliant to the W3C DID standard. As such, they are accessible only via a FIDO2 certified public/private key pair secured in the TPM/Secure Enclave of a device and under sole control of the user via their live biometric selfie, made possible by our innovative LiveID feature.
Without the private key, data cannot be decrypted, accessed or shared. There is no central authority overseeing data access other than the user possessing the private key.
For deployments that will continue to need passwords, customers will ultimately forget their passwords and require a reset. The digital wallet has a password reset feature that provides users a self-service reset option that utilizes user biometrics to ensure the validity of the request.
Since there is no user store and no centralized storage of user information, there is no honeypot of personally identifiable information to secure against the threat of data breach. This improves an organization’s compliance.