Products, Services, and Pricing
Page last revised on: February 3, 2025
AffirmedID Pricing and Availability
Foundational
Hosted AaaS services at $1 per user per month.
Modern 3-Factor Authenticator App.
Friction Free Push Authenticator
Federated Cloud Identity Service
Tenant Dashboard, Streamlined Setup and Maintenance
Dedicated Authenticator to Cloud Connection
Single Sign-On (SSO) Enterprise and Web
Multiple IAM SSO Web Integrations
Phishing Resistant FIDO2
MiTM Attack Prevention
Help Desk and Service Ticket
Privacy Rights Compliance (GDPR, CCPA, et.al.)
Complies with PCI DSS, HIPAA, and CMMC Requirements
Comprehensive
Hosted services at $3 per user per month
Everything in Foundational
Enterprise SSO SAML 2 and OIDC Support
Continuous Authentication Monitoring
Multiple SIEM Integrations
Wazuh Integration
Open Source-Available Membership
Autonomous
Self-Hosted AaaS, starting at $15,000 per year.
On-premises (in-house) Self Hosted AaaS
Enhanced Data Governance and Compliance
Deep Customization and Integration
Scalability and Performance at Enterprise Level
Long-Term Cost Optimization
Strategic Control and Innovation
No Upfront Investment Requirements
Vendor Lock-in Avoidance
Regulatory Compliance (PCI DSS and HIPAA)
Pre-built or Build Your Own Solutions
Open Source ASP.Net Core and Maui Projects
What is 'Authentication as a Service'
Authentication as a service (AaaS) treats authentication as a whole meaning that all aspects of user and device identity verification are combined into a unit of work. By doing so the challenges of authentication are reduced to authorization, identity management, etc.
Historically, authentication was divided into individual parts, a device part, a knowledge entry part, and a biometric part. These are applied with scant attention to details or uniformity. Sometimes a single part is used, while at others multiple parts are involved. When multiple parts are used, they are often not independent and are separated by both space and time regarding input and verification. Times have changed and, in the process, have obsoleted the piecemeal approach to authentication.
MFA is no longer optional for most organizations. While not explicitly required by HIPAA, its use falls under the technical safeguards category and is recommended by HHS. PCI DSS has evolved and now requires MFA for all access to the cardholder data environment (CDE), regardless of the user’s role or location. Cybersecurity Maturity Model Certification (CMMC) at levels 2 and 3 requires MFA. As of January 2025, CMMC compliance is mandatory for organizations that want to do business with the U.S. Department of Defense (DoD) with expectations that other agencies will soon follow DoD leadership. In each of these cases, MFA is defined as two or more independent factors.
The benefits to organizations using a properly configured and compliant AaaS are uniformity, ease of use, compliance, and cost effectiveness. In summary, the direction of authentication is towards unified, service-based solutions like AaaS, driven by the increasing need for strong security and regulatory compliance.