Nok Nok is one of the founding members of FIDO. Both organizations comprise an impressive line-up of authentication experts. Nok Nok’s CEO is Philip Dunkelberger, who co-founded PGP Corp in 2002, buying the PGP technology for $2 million and selling it in June 2010 to Symantec for $300 million. FIDO’s president is Michael Barrett, CISO at PayPal (Ramesh Kesanupalli, the founder of Nok Nok, is FIDO’s vice president).
FIDO (Fast IDentity Online) aims to revolutionize online authentication by developing a new, open and extensible protocol. “The FIDO Alliance is a private sector and industry-driven collaboration to combat the very real challenge of confirming every user’s identity online,” said Barrett. "By giving users choice in the way they authenticate and taking an open-based approach to standards, we can make universal online authentication a reality.”
It is industry’s response to Obama’s National Strategy for Trusted Identities in Cyberspace (NSTIC). At its heart, says Jeremy Grant from NIST, NSTIC “is a call for the private sector to lead in developing open technology standards that will enable a more trusted and secure Identity Ecosystem. The new FIDO Alliance has pledged to do just that.”
“The Alliance,” says FIDO, “plans to change the nature of authentication by developing standards-based specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to easily and securely authenticate users of online services.” The strapline on its website says simply, ‘Forget passwords!’
Nok Nok provides one of the first products conforming to FIDO principles. It is a client/server solution not limited to any particular authentication method. The purpose is to allow the end user to use the facilities already inherent in the device: fingerprint, voice, face-recognition – or indeed any future authentication method. “By creating an authentication infrastructure that leverages existing technologies such as fingerprint scanning and webcams,” commented Barrett, “Nok Nok Labs is giving businesses the opportunity to authenticate anyone, anywhere and on any device.”
It is, added Dunkelberger, more secure yet easier to use, scalable to cope with cloud growth, unifying rather than divisive, and cost-effective by building on and enabling legacy technologies. It will, he says, “provide enterprises, technology providers and their users with an alternative capability to provide simple, secure authentication, and is inclusive of previous technologies.”
| |
Speaking to Infosecurity's Editor, Eleanor Dallaway, ahead of the launch, Phil Dunkelberger described the current authentication landscape as "a vast problem", requiring a sea-change which makes authentication "more secure, and a lot easier." "We need to take pre-existing authentication technology and make it better. It needs to be as good for end users as it is for businesses." Risk-appropriate authentication is key, Dunkelberger told Infosecurity. "Take the friction out of the system for the user and make it easier and more humane". End users are not the only beneficiaries, however, Dunkelberger pointed out. Indeed, he claimed the "eco-system will benefit, with a decline in online shopping cart dumping and lost e-business." Speaking of the magnitude of the launch, Dunkelberger insisted that "fixing authentication on devices alone won't cut it. We're fixing it to cover everything. All big players rely on authentication and they need it to work. We're standing on an idea with the potential to effect hundreds of millions of users. We're at the tipping point of fixing broken authentication". For more information on the launch of Nok Nok Labs and FIDO, please visit the website. |