The Business Challenge
The Zero Trust security model strives to re-establish trust in users and devices through authentication and continuous monitoring of each access attempt.
Among the many elements of zero trust, verifying identity arguably lies at the core because while understanding what access is being requested, where the system is located, when the user needs access, and perhaps most fundamentally why, the access request starts with the login. When the login is secured to prevent unauthorized access, all that follows becomes more manageable.
At enrollment and depending on the needs of the business / roles, 1Kosmos BlockID Workforce can quickly and easily be identity-proof users at various levels of identity asssuance. Their live biometric is scanned and matched to government, telecom, banking, and / or corporate credentials.
From that point forward, authentication via their biometric matches a live biometric to the one captured at enrollment. This includes a liveness test to eliminate any attempt at facial spoofing. Ultimately, the user becomes the authenticator, eliminating passwords and user stores to minimize threats from email phishing, insider account takeover, and password-based brute force attacks.
The BlockID Advantage
User biometrics are verified and matched to the identity proofed at enrollment each time, every time
Over and above a simple card scan, our solutions support a TouchID, FaceID or LiveID. LiveID is matched to the image on a credential scanned at enrollment, for example, the photo on a driver’s license or a passport, used to initially verify a likeness and a live selfie also captured at enrollment.
We do this to verify that the biometric traits of an individual each time they request access matches the test performed during the enrollment process.
This does not require any new hardware at the edge.
1Kosmos BlockID identity based authentication authenticates users into your environment with cryptographic proof that they are who they say they are, with an immutable audit trail
1Kosmos BlockID provides identity based authentication by proofing a user’s identity and reaching IAL2 per the NIST 800-63- 3 guidelines and binding that to the user’s account. This makes credential sharing and identity impersonation impossible. The cost of deploying 2FA and MFA solutions that require hardware is also eliminated. The 1Kosmos BlockID app installed on the user’s smartphone will be the primary means for user authentication.
The 1Kosmos BlockID platform is a flexible and customizable platform, so you’ll be able to deploy a zero trust authentication framework that meets the unique needs of your diverse application ecosystem.
Easy to use QR codes and support across mobile and desktop simplify passwordless access across systems
Organizations pursuing a zero trust strategy need to eliminate passwords, and they need to achieve user adoption. The larger and more distributed the workforce, the harder the challenge.
Users generally like biometric authentication because it’s quick and easy. But, for many it’s also new so we allow it to be phased in through the use of a QR code placed alongside the traditional user id and password on their login page. This provides a convenient option to log in using the QR and biometrics or the traditional way using their credentials.
We support biometric authentication via our mobile app, without the app using our “app-less authentication” capability, and via the built-in FIDO-compliant capabilities of existing smartphones, laptops, and desktops.