Microsoft Entra ID is a big step forward to secure accounts. 1Kosmos fills the gaps.

1Kosmos gives organizations using Entra ID a safe and secure way to get new users and new organizations rapid access to digital services without flooding the Service Desk with requests for account opening and password reset.

Through a powerful self-service identity verification workflow and a passwordless MFA credential, user can scan a QR code or click a smart link to reset passwords or initiate their onboarding journey.

You set the identity assurance levels for different users and systems based on business needs. 1Kosmos does the rest, providing a consistent passwordless MFA experience across Active Directory, Windows, Mac, iOS, Android, Linux, Unix, plus legacy systems.

Supported Capabilities

Complement and extend Microsoft Windows, Active Directory File Service and Entra ID.
Self-Service User Onboarding

Self-Service User Onboarding

Enroll once and authenticate anytime / anywhere using live facial biometrics at the most restricted access points.
Read More
Verified Identity Backing Entra ID

Verified Identity Backing Entra ID

Ease employee onboarding and deliver high assurance login suitable for the most privileged access.
Read More
Password Reset via Live Biometrics

Password Reset via Live Biometrics

For applications that cannot go passwordless, enable convenient self service password reset.
Read More
External Authentication Method (EAM)

External Authentication Method (EAM)

Use 1Kosmos as a second factor / external multi-factor authenticator for all resources behind ADFS or Entra ID.
Read More
Passwordless MFA for More Environments

Passwordless MFA for More Environments

Replace password-based logins with a convenient passwordless biometric login for Windows 8.1 and higher, VPN, Mac, Linux, and more.
Read More
Interoperability and Extensibility 

Interoperability and Extensibility 

Integrate effortlessly using an SDK, 50 out-of-the-box connectors, and open API framework for Entra, Active Directory, and more.
Authentication Resiliency 

Authentication Resiliency 

Leverage 1Kosmos as the single authenticator to cover all use cases and still have the Microsoft Authenticator as a backup. 
Upgrade to Decentralized Identity

Upgrade to Decentralized Identity

Go passwordless on day 1 by eliminating username and password when users transition to new systems.
Read More
Passwordless Access for Restricted Environments

Passwordless Access for Restricted Environments

Enable phishing-resistant passwordless MFA for restricted environments such as clean rooms, service desks, labs, and more.
Read More
Remote Desktop Access

Remote Desktop Access

Eliminate password-based logins for remote desktops and virtual machines that are left unprotected by legacy multi-factor authentication.
Read More

Why 1Kosmos

1Kosmos solves the “Trust on First Use” problem which happens when users transition to new systems and must provide a username and password. This is a problem because any time a password is leveraged, the user’s true identity cannot be known.

The outdated, but familiar approach also creates a complicated and costly mix of people, processes, and Identity and Access Management (IAM) technology to support a perpetual cat-and-mouse game with red versus blue teams vying to prevent and gain access to knowledge, inherence, and possession factors.

But mostly, it has left organizations reeling from social engineering, phishing, and increasingly deepfake attacks on account credentials. At the same time, hackers have become adept at push bombing and SIM swaps to defeat multi-factor authentication (MFA).

The idea behind 1Kosmos is to not only eliminate passwords from the user interface, but to:

• Replace the user ID/password with a decentralized digital identity
• Make this identity as private and independent as users themselves
• Use this identity for passwordless MFA into any online service

In place of the user ID and password, 1Kosmos creates a much more durable artifact on enrollment that leverages Decentralized Identity (DCI), which serves not only as a unique identifier for an individual, but also as their digital wallet.

Unique Characteristics and Advantages

Public-Private Key Encryption

Public-Private Key Encryption

Ensures all data related to an identity remains confidential, tamper-proof, and accessible only upon user consent. 
Off-the-shelf APIs and a Software Development Kit (SDK)

Off-the-shelf APIs and a Software Development Kit (SDK)

Connect with any system or easily embed into mobile apps. 
Verifiable Credentials

Verifiable Credentials

Digital attestations about a holder such as a qualification, certification, level of authority, etc.
Decentralized Private Ledger (i.e., Blockchain)

Decentralized Private Ledger (i.e., Blockchain)

Shards and stores data, eliminating user data lakes (AKA honeypots) and creating a transparent immutable log where every entry is time-stamped and linked to ensure and prove data integrity (i.e., tamper evidence). 
Smart Rules and Protocols

Smart Rules and Protocols

Manage data and enable peer-to-peer network interactions without human administration, eliminating the need for a middleman to access user data for user-managed privacy (users have sole control of their data). 
Identity Backed Biometrics

Identity Backed Biometrics

Certified against deepfake presentation and injection attacks (ISO/IEC 30107-3) and verified to various levels of identity assurance up to NIST (National Institute of Standards and Technology) Identity and Authentication Assurance Level 2 (IAL2 / AAL2) by Kantara.
Flexible Deployment Options

Flexible Deployment Options

Ensure broad coverage for technologies and user cases. This includes over 50 out of the box connectors and an API framework to provide passwordless security for more use cases beyond Entra coverage up to and including on-prem active directory.

Contact us.

Please use this form to reach out today. You are closer to bringing identity-based authentication to Microsoft Entra ID than you think!