Microsoft Entra ID is a big step forward to secure accounts. 1Kosmos fills the gaps.

1Kosmos gives organizations using Entra ID a safe and secure way to get new users and new organizations rapid access to digital services without flooding the Service Desk with requests for account opening and password reset.

Through a powerful self-service identity verification workflow and a passwordless MFA credential, user can scan a QR code or click a smart link to reset passwords or initiate their onboarding journey.

You set the identity assurance levels for different users and systems based on business needs. 1Kosmos does the rest, providing a consistent passwordless MFA experience across Active Directory, Windows, Mac, iOS, Android, Linux, Unix, plus legacy systems.

Supported Capabilities

Complement and extend Microsoft Windows, Active Directory File Service and Entra ID.

Why 1Kosmos

1Kosmos solves the “Trust on First Use” problem which happens when users transition to new systems and must provide a username and password. This is a problem because any time a password is leveraged, the user’s true identity cannot be known.

The outdated, but familiar approach also creates a complicated and costly mix of people, processes, and Identity and Access Management (IAM) technology to support a perpetual cat-and-mouse game with red versus blue teams vying to prevent and gain access to knowledge, inherence, and possession factors.

But mostly, it has left organizations reeling from social engineering, phishing, and increasingly deepfake attacks on account credentials. At the same time, hackers have become adept at push bombing and SIM swaps to defeat multi-factor authentication (MFA).

The idea behind 1Kosmos is to not only eliminate passwords from the user interface, but to:

Replace the user ID/password with a decentralized digital identity
Make this identity as private and independent as users themselves
Use this identity for passwordless MFA into any online service

In place of the user ID and password, 1Kosmos creates a much more durable artifact on enrollment that leverages Decentralized Identity (DCI), which serves not only as a unique identifier for an individual, but also as their digital wallet.

Unique Characteristics and Advantages

Public-Private Key Encryption

Public-Private Key Encryption

Ensures all data related to an identity remains confidential, tamper-proof, and accessible only upon user consent. 
Off-the-shelf APIs and a Software Development Kit (SDK)

Off-the-shelf APIs and a Software Development Kit (SDK)

Connect with any system or easily embed into mobile apps. 
Verifiable Credentials

Verifiable Credentials

Digital attestations about a holder such as a qualification, certification, level of authority, etc.
Decentralized Private Ledger (i.e., Blockchain)

Decentralized Private Ledger (i.e., Blockchain)

Shards and stores data, eliminating user data lakes (AKA honeypots) and creating a transparent immutable log where every entry is time-stamped and linked to ensure and prove data integrity (i.e., tamper evidence). 
Smart Rules and Protocols

Smart Rules and Protocols

Manage data and enable peer-to-peer network interactions without human administration, eliminating the need for a middleman to access user data for user-managed privacy (users have sole control of their data). 
Identity Backed Biometrics

Identity Backed Biometrics

Certified against deepfake presentation and injection attacks (ISO/IEC 30107-3) and verified to various levels of identity assurance up to NIST (National Institute of Standards and Technology) Identity and Authentication Assurance Level 2 (IAL2 / AAL2) by Kantara.
Flexible Deployment Options

Flexible Deployment Options

Ensure broad coverage for technologies and user cases. This includes over 50 out of the box connectors and an API framework to provide passwordless security for more use cases beyond Entra coverage up to and including on-prem active directory.