FIDO2 L2 Authentication with Precision’s InnaITKey

InnaITKey A highly secure solution that innovatively combines PKI and Biometric to provide Passwordless Identity Authentication, Transaction Authorization and Signing. InnaITKey is a FIDO2 L2 certified biometric device which can be used for FIDO enabled authentication services including Microsoft Azure active directory.

Authenticator Certification Level 2 (L2) evaluates FIDO Authenticator protection against basic, scalable attacks.

As an associate member of the FIDO Alliance, Precision is a part of FIDO’s initiative to standardize the authentication industry. Our FIDO authenticator is at Level 2, with which we have integrated our state-of-the art on the go biometric authentication device to enable a seamless and secure identity authentication and protection for users.

Today, organizations need flexibility and high-level security in the authentication methods. For example, many organizations rely solely on passwords to authenticate their employees on confidential/critical work such as data management, server management, financial approval systems, etc. In parallel other industries like BFSI invest heavily on OTP authentication for their customers transactions and authorization. With FIDO certification, an enterprise can leverage on the global standards and advantages of FIDO with an additional security layer and process offered by Precision’s InnaITKey. This not only increases the security level but also reduces unnecessary expenses.

Full FIDO capabilities are part of the Precision’s InnaITKey framework. This means organisations can implement passwordless authentication to enhance the customer experience by replacing static passwords with modern capabilities such as biometrics, while also protecting their mobile apps against phishing, man-in-the-middle, and replay attacks.

FIDO-certified authentication methods are supported out-of-the box as they come to market. Owing to standardization, applications can work with any of the user’s devices and operating systems. This gives organizations and service providers a plethora of choices on how they want to approach customer authentication.

Problems that InnaITKey solves:

defence/Federal Institution

The organisation finds it challenging to identify its legitimate user with absolute certainty

OTP method

Any existing OTP method using mobile number for authentication or transaction approval is not secure and incurs recurring costs

Zero-trust

Users are unable to ensure that they are connected to the authentic institution (may be prey to Phishing attack). Need to implement ‘zero-trust’

Devices

Users use multiple devices like Mobile phones, Laptops and Desktops

Possibilities

Possibilities of Man-in-the-Middle attack

User signature

Every transaction is not accompanied by a unique user signature

Password

Password fatigue owing to the need to remember many passwords

Securely

Keys need to securely stay on device

Cryptography

Need for secure communication based on public key cryptography

Securely

Biometrics need to be securely stored and should never leave the device

FIDO2 - Advantages

MITIGATE

MITIGATE
Data breach & risk

DEPLOY

DEPLOY
FIDO-enabled services to a
rapidly growing addressable market

LOW-FRICTION

LOW-FRICTION
User experience = more
site visitors, brand affinity,
employee productivity