InnaITKey A highly secure solution that innovatively combines PKI and Biometric to provide Passwordless Identity Authentication, Transaction Authorization and Signing. InnaITKey is a FIDO2 L2 certified biometric device which can be used for FIDO enabled authentication services including Microsoft Azure active directory.
Authenticator Certification Level 2 (L2) evaluates FIDO Authenticator protection against basic, scalable attacks.
As an associate member of the FIDO Alliance, Precision is a part of FIDO’s initiative to standardize the authentication industry. Our FIDO authenticator is at Level 2, with which we have integrated our state-of-the art on the go biometric authentication device to enable a seamless and secure identity authentication and protection for users. Additionally, we have FIDO2L2 certified Touch based and NFC based devices.
Today, organizations need flexibility and high-level security in the authentication methods. For example, many organizations rely solely on passwords to authenticate their employees on confidential/critical work such as data management, server management, financial approval systems, etc. In parallel other industries like BFSI invest heavily on OTP authentication for their customers transactions and authorization. With FIDO certification, an enterprise can leverage on the global standards and advantages of FIDO with an additional security layer and process offered by Precision’s InnaITKey. This not only increases the security level but also reduces unnecessary expenses.
Full FIDO capabilities are part of the Precision’s InnaITKey framework. This means organisations can implement passwordless authentication to enhance the customer experience by replacing static passwords with modern capabilities such as biometrics, while also protecting their mobile apps against phishing, man-in-the-middle, and replay attacks.
FIDO-certified authentication methods are supported out-of-the box as they come to market. Owing to standardization, applications can work with any of the user’s devices and operating systems. This gives organizations and service providers a plethora of choices on how they want to approach customer authentication.
The organisation finds it challenging to identify its legitimate user with absolute certainty
Any existing OTP method using mobile number for authentication or transaction approval is not secure and incurs recurring costs
Users are unable to ensure that they are connected to the authentic institution (may be prey to Phishing attack). Need to implement ‘zero-trust’
Users use multiple devices like Mobile phones, Laptops and Desktops
Possibilities of Man-in-the-Middle attack
Every transaction is not accompanied by a unique user signature
Password fatigue owing to the need to remember many passwords
Keys need to securely stay on device
Need for secure communication based on public key cryptography
Biometrics need to be securely stored and should never leave the device
Data breach & risk
FIDO-enabled services to a
rapidly growing addressable market
User experience = more
site visitors, brand affinity,