Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/21/2020
12:20 PM
Dark Reading
Dark Reading
Products and Releases
100%
0%

Nok Nok Simplifies Integration, Enhances Customer Experience & Extends Reach of Passwordless Authentication

Nok Nok Labs, the leader in passwordless authentication, today announced the latest version of the Nok Nok™ S3 Authentication Suite (Nok Nok S3 Suite), including Adaptive Policy features that simplify a customer’s ability to integrate into third-party risk systems, which manage and streamline auditing processes, and help meet PSD2 SCA compliance requirements.

Also included in this release is Nok Nok™ Quick Authentication, a feature that accelerates the authentication process by reducing the number of network connections required, thereby improving the customer experience. Finally, Nok Nok has expanded smart watch support from Apple Watch to WearOS. Leveraging feedback from customers in banking, telco and eCommerce, these new features enable customers to save on time, complexity and costs while providing passwordless authentication that is fast and frictionless for their consumer’s device of choice.

We have all seen that in 2020 online behaviors have shifted to become more reliant on remote work, shopping and banking. The “front-door” to all of these digital services is the security process we call “authentication”. To compensate for the antiquated first line of defense of passwords, companies have added layers of security that have grown bloated, expensive and easy to compromise, as well as caused a significant source of friction for customers. The inconvenience for companies and consumers has been compounded, while compromising security or privacy.

Organizations worldwide demand solutions that remove the complexity associated with authenticating a user. In order to address security policy and regulations globally, authentication solutions need to go beyond these “old school” access processes, so that companies can really “know who is there.” Nok Nok’s customers and partners have seen how the Nok Nok S3 Suite enables enterprises to remove the barriers that lead to cart abandonment, phishing attacks and friction, while providing consumers with the ability to get online and transact knowing their information is protected.

"The new Quick Authentication capability gives organizations the ability to significantly reduce network traffic. Quick Authentication provides both security and speed for end-users,” said Ron van Wezel, Senior Analyst at Aite Group. “Additionally this new Nok Nok release allows merchants to use 3DS delegated authentication, avoiding the need for step-up, even for high-risk transactions — a feature all merchants will benefit from, especially during the current remote environment.”

New in S3 Suite:

  • Adaptive Policy support to simplify the configuration of authentication policies e.g. for PSD2 SCA and simplified integration with existing risk signals.
    Streamlined implementation of 3DS Delegated Authentication through our EMV3DS Data support.
  • Ease of integration for regulatory compliance as there is no custom code required anymore for risk assessment. E.g, Policy to address SCA requirements can be created without writing any custom code.
  • Transparent and simplified migration from native TouchID/FaceID to two factor FIDO Authenticator.
  • Nok Nok™ Quick Authentication which enhances user experience for high latency networks (e.g. rural areas, smart watches, …) and reduced network & system load.
  • Support for WearOS, following the introduction of Nok Nok’s FIDO-based authentication for Smart Watches in 2019.

“The introduction of new technology to address the authentication needs of companies wrestling with regulatory and integration complexity while still meeting the needs of consumers is not new to Nok Nok,” said Naga Nagarajan, Vice President of Engineering of Nok Nok Labs. “We are pleased to roll out today more capabilities that continue to meet the authentication requirements of our most security conscious customers. The Nok Nok S3 Suite continues to ease and speed the path to passwordless with the right policy options and integrations regardless of the device."

This new version of the Nok Nok S3 Suite will be available in July 2020.
To learn more about Nok Nok S3 Suite or to try a free demo, please visit:
https://www.noknok.com/products/s3-authentication-suite.

About Nok Nok
Nok Nok is the trusted leader in passwordless consumer authentication. Delivering the most innovative authentication solutions in the market today, Nok Nok empowers global organizations to improve the user experience to access digital services, while meeting the most advanced privacy and regulatory requirements. The Nok Nok™ S3 Authentication Suite integrates into existing security environments to deliver a cost-effective, future-proof and standards-based authentication solution. Headquartered in Silicon Valley, California, the company has delivered unique inventions and innovations that are protected by a robust global patent portfolio. As a founder of the FIDO Alliance and inventor of FIDO specifications, Nok Nok is the expert in deploying standards-based authentication, and its industry leading customers and partners include BBVA, DDS, Inc., Ericsson, Fujitsu Limited, Hitachi, Intuit, Lenovo, MTRIX GmbH, NTT DATA, NTT DOCOMO, OneSpan, SoftBank, Standard Bank, and T-Mobile.
For more information, visit www.noknok.com.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Average Cost of a Data Breach: $3.86 Million
Jai Vijayan, Contributing Writer,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16847
PUBLISHED: 2020-08-04
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVE-2020-15135
PUBLISHED: 2020-08-04
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF...
CVE-2020-13522
PUBLISHED: 2020-08-04
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.
CVE-2020-15943
PUBLISHED: 2020-08-04
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an attack...
CVE-2020-15944
PUBLISHED: 2020-08-04
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticated.