Ping Identity, Yubico, and EntryPoint Team Up to Bring Zero Trust to FIDO2 with Derived FIDO2 Credentials

Ping Identity, Yubico, and EntryPoint Team Up to Bring Zero Trust to FIDO2 with Derived FIDO2 Credentials

The no-code solution offers phishing-resistant authenticators, identity proofing, and centralized identity management for the US Federal Government

Ping Identity , the intelligent identity solution for the enterprise, Yubico, the leading provider of hardware authentication security keys, and EntryPoint, a premier credential management platform, partnered on a joint solution that enables phishing-resistant Derived FIDO2 Credentials (DFCs) along with identity proofing and centralized identity management.

“Phishing-resistant MFA is an immediate priority for enterprises and is now a specific requirement for the U.S. government,” said Andre Durand, CEO and founder of Ping Identity. “By incorporating enterprise-grade federation and access controls into this joint solution, organizations can easily use Derived FIDO2 Credentials to enhance the security of virtually any individual or asset — regardless of location.”

Read More:  NPD: US B2B Technology Forecast Reveals Reseller Revenue And Unit Sales Growth Expected For 2022

The standards-based solution works off-the-shelf with no custom coding required, including:

  • Yubico’s YubiKey 5 Series and YubiKey 5 FIPS Series: phishing-resistant, hardware-based  authentication security keys that support FIDO2
  • EntryPoint‘s credential management system of identity proofing and binding capabilities
  • Ping Identity‘s authentication authority with federated identity and centralized identity management and policy enforcement

The solution allows organizations to establish and prove organizational attestation of FIDO2 hardware tokens, allowing them to better protect themselves against multi-factor authentication (MFA) exploits.

By enabling organizational attestation with FIDO2 security keys, the solution applies the Zero Trust concept of “trust nothing, verify everything” to FIDO2-based MFA. This minimizes the risk of cyber attackers using outside credentials to penetrate a business network — a common vulnerability known to be exploited by nation-state threat actors.

Read More: SalesTechStar Interview With Adam Steinhaus, Head Of Sales At Boosted.Ai

“Proof-of-possession isn’t enough,” said Eric Hildre, president of EntryPoint, Inc . “With the addition of our identity binding capabilities, organizations can now confirm that the Derived FIDO2 Credential is in use by the intended user and not a malicious actor.”

“Recently, OMB Memo M-22-09 was released citing FIDO2 and WebAuthn, as well as PIV, as approved phishing-resistant credentials that meet the EO requirements,” said Jeff Frederick, Director, Solutions Engineering at Yubico. “This partnership supports these government regulations and enables agencies to trust and verify that the FIDO2 security keys in their environment could only have come from their authorized supply chain, and nowhere else.”

Write in to psen@itechseries.com to learn more about our exclusive editorial packages and programs.