The Challenge

Windows Hello™ provides user access to Windows 10 and newer devices using facial recognition, fingerprint scan, or a personal information number. To eliminate passwords and the security vulnerabilities that come with them, most organizations will need a more comprehensive approach that addresses:

  • Previous versions of Windows and WHfB unsupported hardware
  • Virtual desktops and domain controllers
  • Linux, Unix and Mac Operating systems.

With BlockID users login with a biometric tied to a proofed and verified identity, ensuring the user is who they claim to be. And because it’s delivered with a distributed identity architecture certified by NIST, FIDO, and iBeta, it puts an immutable, private and reusable user identity at the core of your Zero Trust security for strong and continuous authentication.

Learn More
Phishing Proof

Phishing Proof

1Kosmos BlockID eliminates passwords and identifies users with high assurance to defeat identity-based ransomware, phishing and data breach. This doesn’t simply hide passwords, it eliminates passwords. Users never know or see their credentials and as a result, the credentials cannot be hacked.
Trust On First Use (TOFU)

Trust On First Use (TOFU)

1Kosmos BlockID eliminates the “Trust on First Use” (TOFU) gap created when users transition to new systems and are required to provide a user name and password. With BlockID the user’s identity gets bound to their credential – it’s not simply tied to a device – verifying identity at each and every access request.

The BlockID Key-Differentiators

Logging into Windows Operating Systems

Support previous generations of Windows as well as Linux, Unix, and Mac OS

BlockID supports biometrics, but does not require a username and password with each new login to a new system or a new terminal. It also supports a wide variety of hardware and operating systems including Mac and Unix/Linux ecosystems.

The support for various operating systems and hardware configurations will also help close the security gap contractors can inject. Since it can be difficult to manage a contractor's system configuration. By implementing BlockID a contractor would log in to critical applications without needing a password from day one.

Using Built-in Biometrics

Overcome the business limitations of device biometrics

  • Built-in biometrics do not work on the first login to any new workstation. The “fallback” mechanism is - you guessed it a username and password.
  • Built-in biometrics do not work on remote machines (RDP, VDI, Citrix, Domain Controllers). This leaves high risk systems exposed and hackers know this.
  • When combined with 1Kosmos BlockID, WHfB can be extended to other web-based logins via our Universal Web Login Connector

Meeting Zero Trust Standards

Accelerate progress toward a Zero Trust Architecture

The “Identity Pillar” of Zero Trust is undeniably the most important one. Once you have identified the user, everything else becomes easier. 1Kosmos BlockID uses real biometrics to undeniably prove who is accessing your systems.

This real biometric can easily be matched to a citizen, customer, or corporate identity, so you know with assurance that someone else is not gaining access to your network.

Check out this excerpt from our recent webinar with Ernst & Young and Forrester about the real meaning of Identity for Zero Trust.

Extending Windows Hello Deployments

Combine WHfB and 1Kosmos BlockID because they are better together

1Kosmos BlockID combines the Windows Hello authentication experience with a WebAUTHn capable server. Integration is as easy as adding several lines of code to the target system’s web page.

The BlockID Universal Web Login allows any non-federated login-capable system to go passwordless with no app redesign. This means Windows Hello can now be used to authenticate users into applications and services that previously were unavailable.