Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/9/2020
05:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Beyond Identity Joins FIDO Alliance

The FIDO Alliance was formed in July 2012 to address the lack of interoperability among strong authentication technologies.

NEW YORK, July 07, 2020 (GLOBE NEWSWIRE) -- Newly launched passwordless identity management startup Beyond Identity today announced it has joined the FIDO Alliance, a cross-industry coalition developing open, interoperable authentication standards that reduce reliance on passwords with authentication that is more secure, private, and easier to use.

The FIDO Alliance was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The organization is driven by hundreds of global technology leaders across enterprise, payments, telecom, government, and healthcare, all of which help to influence the development of FIDO specifications; establish best practices for deployment of FIDO Authentication; and drive global awareness of the Alliance, its mission, and the FIDO specifications.

“Passwords endure despite being universally reviled for their user unfriendliness and inherent insecurity,” said Tom (TJ) Jermoluk, Co-Founder and CEO of Beyond Identity. “We applaud FIDO’s mission to curtail the use of passwords – the bane of everyone’s existence and a major source of risk for CISOs – and look forward to collaborating with Alliance members on championing the adoption of authentication mechanisms that not only enhance the user’s login experience but bolster enterprise security.”

Founded to eliminate passwords, Beyond Identity exited stealth in April to introduce a revolutionary, passwordless identity management solution. Leveraging and extending inventions from Dr. Taher Elgamal, the “Father of SSL,” and Professor Dr. Martin Hellman, the co-inventor of public-key cryptography (PKC) – headliners of Beyond Identity’s all-star technical advisory board – the company replaces passwords with trusted certificates, originally defined in PKC and ubiquitously deployed within TLS (formerly SSL). This proven, secure, and scalable approach enables Beyond Identity to eliminate passwords, reduce risk for organizations, remove friction for end users, and offer consumers a much more secure alternative to password managers.

“We are excited to welcome our newest associate member, Beyond Identity,” said Andrew Shikiar, Executive Director and CMO of the FIDO Alliance. “The FIDO vision of universal strong authentication promises better security, enhanced privacy, more commerce, and expansion of services throughout digital industries. Beyond Identity’s addition to our Alliance supports our industry goal to make user authentication easier and safer for all parties.”

Unlike other authentication methods and general security products, Beyond Identity increases both usability and security simultaneously. The company’s cloud-native platform provides a secure method of authenticating users and devices without passwords by using the same secure and scalable approach – X.509 certificates – that is already universally deployed with TLS and underpins trillions of dollars in online transactions daily. The solution creates a Chain of Trust™ that includes user and device identity and a real-time snapshot of a device’s security posture, all in an immutable package that is signed by a provably secure certificate. Notably, Beyond Identity supports industry standards like OpenID Connect, SAML, and TLS, and is a member in the development of the FIDO Alliance’s FIDO2 specifications.

About Beyond Identity

Headquartered in New York City, Beyond Identity was founded by industry legends Jim Clark and Tom Jermoluk to eliminate passwords and radically change the way the world logs in, without requiring organizations to radically change their technology stack or processes. Funded by leading investors, including Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA), Beyond Identity’s mission is to empower the next generation of secure digital business by replacing passwords with fundamentally secure X.509-based certificates. This patents-pending approach creates an extended Chain of Trust™ that includes user and device identity and a real-time snapshot of the device’s security posture for adaptive risk-based authentication and authorization. Beyond Identity’s cloud-native solution enables customers to increase business velocity, implement new business models, reduce operating costs, and achieve complete passwordless identity management. Visit www.beyondidentity.com for more information.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
A Patriotic Solution to the Cybersecurity Skills Shortage
Adam Benson, Senior VP, Vrge Strategies,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12777
PUBLISHED: 2020-08-10
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
CVE-2020-12778
PUBLISHED: 2020-08-10
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
CVE-2020-12779
PUBLISHED: 2020-08-10
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
CVE-2020-12780
PUBLISHED: 2020-08-10
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
CVE-2020-12781
PUBLISHED: 2020-08-10
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.