We help Organizations
authenticate users and monitor sessions
to secure boarders and meet regulatory requirements
AffirmedID
Authentication is not a destination it's a journey
of
3-Factor Continuously Monitored Authentication
Reasons to consider AffirmedID authentication services.
MFA Required
Effective January 31, 2025, PCI DSS joined HIPAA in making Multi-Factor Authentication (MFA) a regulatory requirement.
Each follow NIST guidelines stipulating that MFA include two (2) distinct factors from: something you know, have, or are.
Organizations who handle “payment card information (PCI)” or “protected health information (PHI)” must comply.
With the AffirmedID service, you get seamless 3-factor authentication meeting all regulatory and ZTA requirements.
Zero Trust Architecture
Government agencies and businesses in finance, healthcare, and technology are increasingly requiring ZTA compliance.
ZTA calls for continuous monitoring of users, applications and devices.
For users this call to action means continuous monitoring of the authenticated session, or 'Continuous Authentication Monitoring'.
AffirmedID incorporates continuous authentication monitoring while complying with all privacy regulations, including GDPR and CPRA.
The Future of Authentication
As a Service or On Premise
Three distinct factors for every authentication ceremony.
Continuous authentication monitoring originating at the authenticator.
Authenticator tightly coupled with its identity service enhances phishing resistance.
Consistent passwordless MFA UX across all authenticator devices.
Compliance with all regulatory requirements.
End-to-end encryption, in-flight and at rest, protects authentication content, improves session integrity.
FIDO2 account portability within and across brands.
Raising the bar through innovation
Unique patented user identity methods require no stored credentials.
Integration of authentication over out-of-band, encrypted, OAuth 2 circuits.
Attention to detail applied throughout development of microservice design.
Implements SSO (Single-Sign On), SAML (Security Assertion Markup Language), OIDC (OpenID Connect), and OAuth 2.0.
The exclusivity of FIDO2 with the portability of Passkey.
SIEM over Syslog using CEF ensures integration with industry leaders.
Compliance Table
A Factor is a claim that a relying party can verify.
| Authenticator | Distinct Authentication Factors | Continuous Authentication Monitoring | MFA | PCI DSS | ZTA |
|---|---|---|---|---|---|
| FIDO22 | 1/21 | 0 | No | No | No |
| Passkey2 | 1/21 | 0 | No | No | No |
| Passwordless Push | 1 | 0 | No | No | No |
| WorldApp | 1 | 1 factor | No2 | No | No |
| Password + any of above |
2 | 0 | Yes | Yes | Yes |
| AffirmedID Service | 3 | 3 factors | Yes | Yes | Yes |
| Authentication Factors: Something you are, something you know, and something you have. Continuous Authentication Factors: Your location, your proximity to devices, and your behaviors. Thoroughly vet claims of MFA support. Often they assume the use of additional third party factors. | |||||
| 1. The second factor is dependent on whether the implementation verifies the indication that a biometric or PIN verification occurred during the ceremony (CTAP2). | |||||
| 2. While the use of the WebAuthN option UV (User Verification) may enhance the authentication ceremony, neither NIST, PCI DSS nor ZTA recognize it as a distinct factor. | |||||
Seamlessly Bridging AffirmedID to the IAM Landscape
An ongoing integration project adding ZT compliant Identity Service to every IAM
Availability: Now
Protocols: SAML, OIDC, OAuth 2