Beyond Identity Enables Any Business to Eliminate Authentication Friction and Account Takeover Fraud
New Beyond Identity Secure Customers Provides First Zero-Friction Passwordless MFA for Native and Web Applications, Delivering a Fast, Fundamentally Secure Customer Authentication Experience
NEW YORK, September 29, 2021 – Passwordless multi-factor authentication (MFA) provider Beyond Identity today announced general availability of Secure Customers, a new solution that enables any company to eliminate the threat of customer account takeovers and accelerate new account conversions with the fastest cross-platform passwordless MFA available. Since its founding, Beyond Identity has expanded from securing workforces to enabling DevOps teams to eliminate supply chain risks. Now, Secure Customers provides software development kits (SDKs) that enable companies to embed Beyond Identity’s zero-friction passwordless authentication capabilities across both native and web applications leveraging the same proven technology and cloud-native platform as Beyond Identity’s other products.
Today, more than 60% of data breaches are caused by stolen credentials, and 2020 saw an incredible 292% jump in account takeover fraud. While businesses can mandate additional security controls for employees such as unified endpoint management (UEM) and MFA, mandates for customers are problematic since UEM is impractical and customers are highly sensitive to friction. Authentication is the front door to the products and services impacting 100% of acquired customers, but research found that 86% of visitors fail to complete registration because it’s too taxing, and 50% will drop off after a single bad experience. Against the current competitive environment where 86% of companies are relying on customer experience as their main differentiator, the stakes for getting authentication right are higher than ever. Making matters worse, criminals have found multiple ways to circumvent technologies like MFA.
“As long as passwords continue to exist – no matter how they are hidden or ‘secured’ – criminals have an open door into applications, customer accounts, and databases,” said TJ Jermoluk, Co-Founder and CEO of Beyond Identity. “The only way to fully protect customers from account takeover attacks is to eradicate the password completely from both the user experience and application database. Customer relationships are built on trust, so being able to offer customers this unprecedented level of security and ease of use will drive long-term loyalty.”
Continuing the momentum of Beyond Identity’s successful passwordless MFA for securing the workforce, Secure Customers is about protecting the lifeblood of a business – customers. The solution is a cross-platform passwordless authentication product that allows a business to offer consumers a frictionless authentication experience without passwords, second devices, or separate application downloads for native mobile and web applications. Developers have multiple implementation methods, including incorporating Beyond Identity’s MFA technology within applications or integrating with identity providers such as Auth0, ForgeRock, and Keycloak. The SDKs are currently available in Swift, Kotlin, and JavaScript with additional languages slated to be added shortly. With open standards support, robust documentation, and dedicated developer support, integration is simple with minimal engineering resources needed.
The solution leverages the same secure approach that powers all of Beyond Identity’s solutions – public/private key cryptography and X.509 certificates with no certificate management. Private keys are securely stored in the TPM or secure enclave on the customer’s mobile device or PC. This creates a unique, tamper-proof credential and a cryptographically verifiable identity that is bound to a device and cannot be moved or copied. For a business, it completely eliminates the need for passwords, assuring consumers the highest level of security and privacy.
The unique benefits of Secure Customers include:
- Zero-friction passwordless MFA compliant with PSD2 Strong Customer Authentication (SCA) standards using two strong factors – something you are and something you own – without requiring one-time passcodes, push notifications, magic links, or second devices on any application.
- Eliminates account takeover fraud as passwords are completely deprecated from use and storage.
- The ability to capture real-time user and device risk signals from the exact authenticating device to enable adaptive, risk-based authentication.
- Tamper-proof credentials that customers own and control backed by private keys that can never leave the local device’s TPM.
- A collection of SDKs in popular development languages, SSO integrations, robust documentation, and code samples to simplify integration and accelerate time-to-market.
- Cross-platform support with native and web applications, and credential migration support between applications.
- Standards-based passwordless authentication powered by a cloud-native platform to support elastic scalability and flexible extensibility with existing application tooling.
About Beyond Identity
Beyond Identity provides the most secure authentication platform in the world. Breaking down barriers between cybersecurity, identity, and device management, Beyond Identity fundamentally changes the way the world logs in – eliminating passwords and providing users with a frictionless, multi-factor login experience. Beyond passwordless, the company provides the zero-trust access needed to secure hybrid work environments, where tightly controlling which users and which devices are accessing critical cloud resources has become essential. The advanced platform collects dozens of user and device risk signals during each login – enabling customers to enforce continuous, risk-based access control. The innovative architecture replaces passwords with the proven asymmetric cryptography that underpins TLS and protects trillions of dollars in transactions daily. Customers turn to Beyond Identity to stop cyberattacks, protect their most critical data, and meet compliance requirements.
The company was founded by Jim Clark and TJ Jermoluk, who helped ignite the commercial internet with Netscape and @Home Network. The dynamic duo assembled an all-star team and created the world’s most advanced passwordless identity platform, at a time when digital transformation is impacting every business and cyberattacks have become a top risk. The company has raised $105 million from premier investors Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA). Beyond Identity is headquartered in New York City with offices in Boston, Dallas, Miami, and London. Visit www.beyondidentity.com for more information.
All product and company names herein may be trademarks of their respective owners.
Contact:
Claire Mutty
CHEN PR for Beyond Identity
cmutty@chenpr.com
781-672-3113