Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/13/2021
11:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Beyond Identity Integration With Auth0 Enables Completely Passwordless Authentication

Beyond Identity now available on Auth0 Marketplace to eliminate user friction and credential-based attacks.

NEW YORK, April 13, 2021 (GLOBE NEWSWIRE) -- Passwordless identity management provider Beyond Identity today announced its availability on Auth0 Marketplace, a catalog of trusted technology integrations, to extend the functionality of Auth0’s identity management platform. This integration enables developers and companies using Auth0 to provide passwordless authentication for their customers and workforces to protect against credential-based attacks while eliminating user friction. The announcement was made on the inaugural ‘Identity Management Day,’ an annual awareness event hosted by the Identity Defined Security Alliance (IDSA) in partnership with the National Cyber Security Alliance (NCSA).

Beyond Identity has introduced a revolutionary, passwordless identity management solution. The company replaces passwords with trusted certificates, originally defined in public-key cryptography and ubiquitously deployed within TLS (formerly SSL). With certificate management built-in, this proven, secure, and scalable approach enables Beyond Identity to eliminate passwords, reduce risk for organizations, and remove friction for end users.

“Passwords are the single largest root cause of fraud from account takeover attacks. Unfortunately, traditional two-factor/multi-factor authentication solutions that rely on passwords are simply insecure Band-Aids that also create significant friction in the user experience and cause customers to drop off or abandon financial transactions,” explained Tom (TJ) Jermoluk, Co-Founder and CEO of Beyond Identity. “The integration between Beyond Identity and Auth0’s identity management platform helps companies achieve a much simpler and more streamlined login experience. Beyond Identity provides secure authentication – completely eliminating passwords and ensuring devices are secure at the time of login. This powerful capability reduces a significant source of risk and can stop account takeover attacks in their tracks.”

“It has been really exciting to work with Beyond Identity on a newly-built partner integration for the launch of Auth0 Marketplace. This best-in-class solution adds an integral layer to our platform that provides our customers with greater choice and flexibility,” said Bill Lapcevic, VP of Business Development at Auth0. “After speaking with many customers, we have identified the types of integrations that matter to them, and we are so thrilled to have Beyond Identity as a vetted and valuable vendor in Auth0 Marketplace.”

The integration helps drive customer identity and access management (CIAM) initiatives by empowering users with the flexibility to securely manage their own identities. It allows developers to:

  • Reduce user friction with passwordless authentication for their end users across any applications configured in Auth0.
  • Deliver strong customer authentication without requiring the user to pick up a second device, fetch a one-time code, or respond to push notifications.
  • Gain visibility into the fine-grained device posture for every authenticating device.
  • Set policies, including step-up authentication, based on user and device attributes.
  • Achieve rapid time to value through codeless, configuration-based integration using industry standard protocols (OIDC, OAuth 2.0).

IT departments, developers, and support teams also benefit since removing passwords significantly reduces help desk calls. Additionally, Beyond Identity is compliant with PSD2 Strong Customer Authentication (SCA) requirements so companies can provide passwordless multi-factor authentication (MFA) without adding steps for users.

Additional details on Beyond Identity’s integration with Auth0 can be found here.

About Beyond Identity
Headquartered in New York City, Beyond Identity was founded by industry legends Jim Clark and Tom Jermoluk to eliminate passwords and radically change the way the world logs in, without requiring organizations to radically change their technology stack or processes. Funded by leading investors, including Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA), Beyond Identity’s mission is to empower the next generation of secure digital business by replacing passwords with fundamentally secure X.509-based certificates. This patents-pending approach creates an extended Chain of Trust™ that includes user and device identity and a real-time snapshot of the device’s security posture for adaptive risk-based authentication and authorization. Beyond Identity’s cloud-native solution enables customers to increase business velocity, implement new business models, reduce operating costs, and achieve complete passwordless identity management. Visit www.beyondidentity.com for more information.

About Auth0
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0’s simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.

All product and company names herein may be trademarks of their respective owners.

Contact:
Claire Mutty
CHEN PR for Beyond Identity
[email protected]
781-672-3113

 
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-35210
PUBLISHED: 2021-06-23
Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end.
CVE-2021-27649
PUBLISHED: 2021-06-23
Use after free vulnerability in file transfer protocol component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2021-29084
PUBLISHED: 2021-06-23
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2021-29085
PUBLISHED: 2021-06-23
Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2021-29086
PUBLISHED: 2021-06-23
Exposure of sensitive information to an unauthorized actor vulnerability in webapi component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to obtain sensitive information via unspecified vectors.