Affirmed Identity™ - Zero Trust Passwordless Push Authentication

AffirmedID

reinventing

Authentication as a Service

With a tagline exemplifying the need

Authentication is not a destination; it’s a journey!




AffirmedID

A new federated authentication service delivers an easy-to-deploy and maintain IAM-friendly cloud service with SSO using SAML or OIDC. As easy to use as mobile payment, Its integrated authenticator app facilitates FIDO2 authentication that seamlessly bridges the gap from ceremony to automated session monitoring with full user transparency.



NIST compliant MFA authentication includes two forms of user identity verification cryptographically asserted to the cloud service on behalf of the relying party. Patented behavioral identity techniques with location and proximity kept internal to the app are the basis for continuous authentication, allowing seamless session monitoring. This solution offers cost-effective, unmatched session security. Subscribe now to put these benefits to work for you.

Subscribe Now

Authentication as a Service

AaaS must establish, protect, and affirm the user’s identity not as a singular event but as a continuum from login to log out.




A robust AaaS must establish, protect, and continuously affirm the user's identity, not just once but throughout, from login to logout. It involves continuously evaluating the risks associated with authenticated sessions and enforcing appropriate security policies, thereby establishing and maintaining trust in ongoing user identity and authorizations.

Defined

Continuous Authentication

MFA is working! MFA bypass via session hijacking is one of the top three cyberattack vectors. Session security should be top of mind along with Continuous Authentication and Session Monitoring.



The rapid rise of session hijacking has experts recommending continuous monitoring of authenticated sessions as the most effective defense. Its use can prevent or substantially reduce the impact of a hijacked session. When based on continuous authentication originating from a device in the user’s possession, the likelihood of early detection and avoidance are substantially improved.

Defined

MFA

Organizations and their remote users are best served by low-friction, user-friendly multi-factor authentication. Shareholders, investors, and the board are equally appreciative.




Verifying two forms of identity as a precondition for FIDO2 cryptographic assertions in a phishing resistant mobile-centric environment ensures MFA compliance with NIST 800-63B-4.

Defined

Authentication, a Seamless Experience

Each link in the chain of the authentication journey must seamlessly link to the next from identity verification to session monitoring and logout.




In essence, the AaaS authentication journey should feel and operate like a fluid and integrated process, where each step builds upon the previous one to establish, maintain, and affirm the user's identity and session security. This seamless approach is a hallmark of AffirmedID Authentication as a Service.

Defined

The User Experience

A difficult, problem prone, complex user experience is counterproductive and where authentication and access controls are concerned it may become a security risk too.



Organizations face significant challenges when it comes to authentication and user experience. Nearly two-thirds of surveyed companies (64%) cite challenges with user experience as a major pain point in their authentication processes. UX problems not only cause user frustration and dissatisfaction, but also obstruct work, increase costs, and may compromise security if users seek shortcuts to features meant to protect users, systems, and data.

Defined

Deployment

words


words


Support, Maintenancee, and Updates

words


words


Compliance Table

A Factor is a claim that a relying party can verify.

Authenticator Distinct Authentication Factors Continuous Authentication Monitoring MFA PCI DSS ZTA
FIDO2 1/21 No No2 No No
Passkey 1/21 No No2 No No
Passwordless Push 2 No No2 No No
WorldApp 1 No No No No
Password or Biometric +
any of above
2 No Yes Yes No
AffirmedID 2 Yes Yes3 Yes Yes
Authentication Factors: Something you are, something you know, and something you have.
Continuous Authentication Factors: Your location, your proximity to devices, and your behaviors.
Thoroughly vet claims of MFA support. Often they assume the use of additional third party factors.
1. Caution, the second factor is conditional and when provided must be independently verifiable, even in the case where the Verified (UV) flag is used. Refer to MFA above.
2. WARNING! NIST SP 800-63B-4 specifically calls for use of 2 distinct and individually verifiable factors, not the default case for either of these. Refer to MFA above.
3. AffirmedID requires two (2) forms of user identity proofs, refer to MFA above.




Seamlessly Bridging AffirmedID to the IAM Landscape

An ongoing integration project adding ZT compliant Identity Service to every IAM

Availability: Now

Protocols: SAML, OIDC, OAuth 2

An error has occurred. This application may no longer respond until reloaded. Reload 🗙