Our Advantage

The 1Kosmos Advantage

1Kosmos provides single-platform support for a wide range of authentication methods, providing a level of security and convenience never before possible. This leverages the strengths of our privacyby-design architecture to enable user-managed personal identifiable information and a distributed identity that removes all 3rd party access to data. With 1Kosmos, all data is encrypted end-to-end, sharded and stored in a distributed ledger providing an immutable, tamper-evident record of all access events for complete auditability.

In addition, the 1Kosmos platform is certified to multiple industry standards including NIST 800-63-3, UK DIATF, FIDO2, ISO27001, SOC II Type 2 and ISO/IEC 30107-3 standards, and it undergoes rigorous penetration testing as a matter of routine. This ensures our solutions are based on high-quality code, absent of common security vulnerabilities typical of siloed solutions. It also ensures a high degree of interoperability.

At the high end of the spectrum, with 1Kosmos LiveID organizations can utilize live, verified biometrics hardened against deepfake presentation and injection attacks to achieve certified NIST Authentication Assurance Level 2. This is typically reserved for privilege systems access.

As for other authentication methods, users access any number of systems using a convenient digital wallet containing an unlimited number of access credentials.

For lesser levels of assurance like IAL1 and IAL2, 1Kosmos supports a full range of methods including face and voice match, device biometrics, biometric security key, physical hardware token, TOTP/OTP, push, passkey, magic link, and even user ID /password. Further, authentication can be performed via a fully brandable mobile app, appless, and web browser. For systems that can’t go passwordless organizations often choose an automated self-service password reset via verified biometrics.

Security, cost and user-experience concerns are driving organizations to modernize multifactor authentication with advanced biometrics. By combining identity
verification with passwordless authentication, 1Kosmos enables the highest level of authentication assurance available and provides single-platform support for legacy environments to enable an enterprise wide passwordless strategy.

1Kosmos Advanced MFA

The 1Kosmos platform helps organizations transform how they currently manage identity and access requirements to provide secure remote access. 1Kosmos delivers identity-based passwordless access to users, ensuring that only authorized workers can access devices, systems, data or applications regardless of where they are based.

MFA for Remote Access, Zero Trust Network Access

Organizations will authenticate users without usernames, passwords, and one-time codes. Instead, users can authenticate with their identity. After deploying 1Kosmos, employees utilize a biometric passwordless experience and completely remove usernames and passwords. Our approach not only secures remote employees but also eliminates all password-based attacks.

Because 1Kosmos combines identity verification with the issue of a cryptographically secured digital wallet, our solutions support a zero-trust authentication strategy. 1Kosmos proofs the user’s identity up to IAL2 per the NIST 800-63-3 guidelines.

MFA for Privileged Account Login

1Kosmos allows PAM (priviledge access management) solutions to identify who accesses sensitive systems and applications, whether the privileged user is on-premise or working remotely. In a single platform, 1Kosmos combines indisputable NIST-certified digital identity proofing with advanced non-spoofable biometrics for passwordless authentication. In addition, the 1Kosmos platform is FIDO2 and ISO/IEC 30107-3 standards for biometric passwordless access.

The privileged user experience is greatly improved since 1Kosmos allows your administrators and DevOps users to authenticate with LiveID via their smartphone, laptop, or workstation in seconds, without passwords, with high assurance (AAL2) to remotely access key systems and applications wherever they are deployed.

MFA for SaaS, Webapp, Client/Server Application Login

1Kosmos easily integrates into SaaS and web applications and complies with the strictest GDPR, SOC2, ISO 27001 certification standards for handling and retention of sensitive data. In addition, 1Kosmos can also integrate into systems via industry authentication standards such as OAuth, OIDC, SAML, and FIDO and offers legacy support via RADIUS.

MFA for SSO Login

1Kosmos modernizes MFA to improve the security of your SSO environment by eliminating password-based attacks and meeting zero trust access requirements.

What 1Kosmos brings to SSO is a more secure access environment by eliminating password-based attacks and meeting zero trust access requirements. Our identity-based authentication ties a proofed and verified identity to the access request. Meaning the user’s biometric is the authentication method. By implementing 1Kosmos users will login into their Windows, Mac, or Unix desktop MFA for SSO Login with a passwordless experience using real biometrics.

The authentication will verify, with high assurance, that the user is who they claim to be. The 1Kosmos architecture delivers an immutable audit trail and meets the Zero Trust requirements for user authentication. 1Kosmos elevates your SSO deployment so organizations will know exactly who is accessing the network meeting zero trust access standards that are otherwise unattainable.

Mobile Authenticator

1Kosmos MFA and password reset functionality is available through our SDK and is easily integrated/embedded into any custom app. Whether you are using the 1Kosmos app or an integration, you can implement a mobile-first MFA passwordless experience, including the advanced biometric LiveID feature.

1Kosmos complies with the strictest GDPR, SOC2, ISO 27001 certification standards for handling and retention of sensitive data. In addition, 1Kosmos can also integrate into systems via industry authentication standards such as OAuth, OIDC, SAML, and FIDO and offers legacy support via RADIUS.

Once integrated, organizations will eliminate passwords and add advanced biometrics for authentication or other MFA factors as the business and use cases require.