Actu
Beyond Identity launches Secure Customers
September 2021 by Emmanuelle Lamandé
Beyond Identity announced general availability of Secure Customers, a new solution that enables any company to eliminate the threat of customer account takeovers and accelerate new account conversions with the fastest cross-platform passwordless MFA available.
Continuing the momentum of Beyond Identity’s successful passwordless MFA for securing the workforce, Secure Customers is about protecting the lifeblood of a business – customers. The solution is a cross-platform passwordless authentication product that allows a business to offer consumers a frictionless authentication experience without passwords, second devices, or separate application downloads for native mobile and web applications. Developers have multiple implementation methods, including incorporating Beyond Identity’s MFA technology within applications or integrating with identity providers such as Auth0, ForgeRock, and Keycloak. The SDKs are currently available in Swift, Kotlin, and JavaScript with additional languages slated to be added shortly. With open standards support, robust documentation, and dedicated developer support, integration is simple with minimal engineering resources needed.
The solution leverages the same secure approach that powers all of Beyond Identity’s solutions — public/private key cryptography and X.509 certificates with no certificate management. Private keys are securely stored in the TPM or secure enclave on the customer’s mobile device or PC. This creates a unique, tamper-proof credential and a cryptographically verifiable identity that is bound to a device and cannot be moved or copied. For a business, it completely eliminates the need for passwords, assuring consumers the highest level of security and privacy.
The benefits of Secure Customers include:
– Zero-friction passwordless MFA compliant with PSD2 Strong Customer Authentication (SCA) standards using two strong factors — something you are and something you own — without requiring one-time passcodes, push notifications, magic links, or second devices on any application.
– Eliminates account takeover fraud as passwords are completely deprecated from use and storage.
– The ability to capture real-time user and device risk signals from the exact authenticating device to enable adaptive, risk-based authentication.
– Tamper-proof credentials that customers own and control backed by private keys that can never leave the local device’s TPM.
– A collection of SDKs in popular development languages, SSO integrations, robust documentation, and code samples to simplify integration and accelerate time-to-market.
– Cross-platform support with native and web applications, and credential migration support between applications.
– Standards-based passwordless authentication powered by a cloud-native platform to support elastic scalability and flexible extensibility with existing application tooling.
