With recent, high-profile data breaches at Target, CNN, Neiman Marcus, Adobe and others, it is clear that current online authentication is failing the needs of both online services and their customers. The need in the market for a unified and simple solution to allow for a more secure yet simpler experience is growing with every new security incident. It is in response to this that Nok Nok Labs has created the S3 Suite, meeting the need for an authentication infrastructure that allows users to leverage the different capabilities they possess on the devices in their hands, but also providing the assurances around security required by online services such as payments, healthcare and banking.
"What we're providing now meets the needs of the modern computing ecosystem," said Phillip Dunkelberger, President and CEO of Nok Nok Labs. "For the first time, Internet Services are able to deliver cost-effective strong authentication leveraging any device their customers may have."
The need for a more modern authentication infrastructure was recognized by a group of six companies, including Nok Nok Labs, back in February 2013 when the FIDO Alliance was launched. Over the past year, the FIDO Alliance has seen incredible momentum, growing to nearly 100 members including some of the most significant players in technology, IT security and financial services such as Google, MasterCard, Microsoft, PayPal and many more. Earlier this week, the FIDO Alliance announced the first public review of their specifications. Over the next 18 months, Nok Nok Labs expects to see between 200 and 400 million FIDO-enabled devices in the market.
The S3 Suite enables the next generation of authentication for Internet-scale applications and services. While improving the user experience and unifying authentication silos, the S3 Suite reduces the cost and complexity of authentication infrastructure. With a flexible and extensible architecture, the S3 Suite provides risk-appropriate authentication capabilities for a wide range of applications.
The S3 Suite consists of:
-- The NNL(TM) Multifactor Authentication Server (MFAS), which provides a unified, flexible authentication infrastructure that enables user-friendly strong authentication for any device, any authenticator and any application.
-- The NNL(TM) Multifactor Authentication Client (MFAC) Mobile Edition with support for Android and iOS devices, which enables users to authenticate to any application using the existing security capabilities of their mobile devices. Also includes the Mobile App SDK and Authenticator Specific Module (ASM) SDK.
-- The NNL(TM) Multifactor Authentication Client (MFAC) Desktop Edition, with support for Windows 7 and Windows 8, provides user-friendly strong authentication to any application by unleashing the existing security capabilities of billions of desktops and mobile devices.
MFAS is the world's first FIDO Ready server to support FIDO's passwordless mode (using the Universal Authentication Framework protocol). MFAS is also the only server in the market to support both passwordless (using the Universal Authentication Framework protocol) and password augmentation (using the Universal Second Factor protocol) modes.
With MFAC, Nok Nok Labs has taken an innovative approach to authentication rooted in secure hardware. MFAC takes advantage of the embedded secure hardware capabilities on available on devices to protect cryptographic key material, cryptographic operations and other client functions. This approach fortifies the client against malware.
By deploying the S3 Suite, Relying Parties, such as mobile payments apps or e-commerce websites will be able to seamlessly add support for new and innovative methods of authentication, while ensuring that aged or broken authenticators can be quickly removed from circulation. The extensible Server framework also means that the Nok Nok(TM) solution will integrate into the existing IT architecture, so that existing investment in Authentication, Identity & Access Management (IAM) and Federation solutions can be leveraged to reduce operational cost and complexity.
"Truly effective authentication technologies must be designed for strong security and ease-of-use," says Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group. "Balancing these two design objectives has been difficult in the past so solutions were skewed toward highly secure complex authentication or simple insecure authentication - a lose-lose proposition. The solution that Nok Nok Labs has developed on top of FIDO finally bridges this gap, offering a secure yet easy-to-use authentication method. Given today's threat landscape, this is exactly what's needed."
In addition to the significant product development work that has taken place to release the S3 Suite, Nok Nok Labs has also been focused on driving technology partnerships to ensure that FIDO Ready(TM) capability will be available throughout the device ecosystem. These partnerships include Agnitio, CrucialTec, FingerPrint Cards, GoTrust, Infineon, Lenovo, NXP Semiconductors, PlugUp, Synaptics and Trustonic.
For more information on the S3 suite, register at for our upcoming webinar on February 20th at 08:30 PST / 11:30 EST / 16:30 GMT at http://go.noknok.com/webinar-s3-introduction.html
About Nok Nok Labs
Nok Nok Labs, Inc., based in Palo Alto, CA, was founded to transform online authentication for modern computing. The company is backed by a team of security industry veterans from PGP, Netscape, Oracle, PayPal and Phoenix that have deep experience in building Internet scale security protocols and products. The company's ambition is to enable end-to-end trust across the web using authentication methods that are natural to end-users and provide strong proof of identity. For more information, visit www.noknok.com.