Affirmed Identity™ - Zero Trust Passwordless Push Authentication

We help Organizations

authenticate users and monitor sessions

to secure boarders and meet regulatory requirements


AffirmedID

Authentication is not a destination it's a journey

of

3-Factor Continuously Monitored Authentication



Reasons to consider AffirmedID authentication services.

MFA Required

Effective January 31, 2025, PCI DSS joined HIPAA in making Multi-Factor Authentication (MFA) a regulatory requirement.

Each follow NIST guidelines stipulating that MFA include two (2) distinct factors from: something you know, have, or are.

Organizations who handle “payment card information (PCI)” or “protected health information (PHI)” must comply.

With the AffirmedID service, you get seamless 3-factor authentication meeting all regulatory and ZTA requirements.

Zero Trust Architecture

Government agencies and businesses in finance, healthcare, and technology are increasingly requiring ZTA compliance.

ZTA calls for continuous monitoring of users, applications and devices.

For users this call to action means continuous monitoring of the authenticated session, or 'Continuous Authentication Monitoring'.

AffirmedID incorporates continuous authentication monitoring while complying with all privacy regulations, including GDPR and CPRA.


The Future of Authentication

As a Service or On Premise

Three distinct factors for every authentication ceremony.

Continuous authentication monitoring originating at the authenticator.

Authenticator tightly coupled with its identity service enhances phishing resistance.

Consistent passwordless MFA UX across all authenticator devices.

Compliance with all regulatory requirements.

End-to-end encryption, in-flight and at rest, protects authentication content, improves session integrity.

FIDO2 account portability within and across brands.

Raising the bar through innovation

Unique patented user identity methods require no stored credentials.

Integration of authentication over out-of-band, encrypted, OAuth 2 circuits.

Attention to detail applied throughout development of microservice design.

Implements SSO (Single-Sign On), SAML (Security Assertion Markup Language), OIDC (OpenID Connect), and OAuth 2.0.

The exclusivity of FIDO2 with the portability of Passkey.

SIEM over Syslog using CEF ensures integration with industry leaders.


Compliance Table

A Factor is a claim that a relying party can verify.

Authenticator Distinct Authentication Factors Continuous Authentication Monitoring MFA PCI DSS ZTA
FIDO22 1/21 0 No No No
Passkey2 1/21 0 No No No
Passwordless Push 1 0 No No No
WorldApp 1 1 factor No2 No No
Password +
any of above
2 0 Yes Yes Yes
AffirmedID Service 3 3 factors Yes Yes Yes
Authentication Factors: Something you are, something you know, and something you have.
Continuous Authentication Factors: Your location, your proximity to devices, and your behaviors.
Thoroughly vet claims of MFA support. Often they assume the use of additional third party factors.
1. The second factor is dependent on whether the implementation verifies the indication that a biometric or PIN verification occurred during the ceremony (CTAP2).
2. While the use of the WebAuthN option UV (User Verification) may enhance the authentication ceremony, neither NIST, PCI DSS nor ZTA recognize it as a distinct factor.




Seamlessly Bridging AffirmedID to the IAM Landscape

An ongoing integration project adding ZT compliant Identity Service to every IAM

Availability: Now

Protocols: SAML, OIDC, OAuth 2

An error has occurred. This application may no longer respond until reloaded. Reload 🗙