Forms group to create Web ID standards

Nok Nok Labs has launched a system that will enable end users to take advantage of authentication and security technology they may already have but don’t use.

The company’s Unified Authentication Infrastructure will leverage existing technologies such as fingerprint sensors, webcams, Trusted Platform Module chips or voice biometrics to enable stronger and easier login with laptops, mobile devices and PCs. The system will be live on PayPal enabling customers to use different authentication technologies.

“By creating an authentication infrastructure that leverages existing technologies such as fingerprint scanning and webcams, Nok Nok Labs is giving businesses the opportunity to authenticate anyone, anywhere and on any device,” said Michael Barrett, chief information security officer at PayPal. “Given the billions of connected Internet devices and future growth of online commerce, PayPal sees a critical need to implement strong yet flexible authentication solutions.

The premise is relatively simple. Nok Nok Labs is providing a back end that uses a consumer’s existing technology to better secure identities. If a laptop has a fingerprint scanner and the particular Web site has the Nok Nok Labs back end it will recognize the technology, says Phillip Dunkelberger, CEO at the company.

The individual will be asked for the usual user name and password if an account already exists but will then be asked if they want to use the fingerprint sensor in the future. The user will swipe their fingerprint two to three times and then will be registered, storing the user’s biometric data on their device not at the site. When the individual returns to the site they will then be able to use their fingerprint to login.

The use will be similar with a mobile device. If the backend system is in the specific app, voice or face biometrics can be enabled for access to data. The app will ask the individual if they want to use either face or voice biometrics for access and will then enroll. After successful enrollment that biometric modality can then be used for subsequent logins.

Dunkelberger says Nok Nok Labs will deliver a new product that aims to deliver a four-pronged solution:

* Secure yet easy to use
* Scalable to solve enterprise needs and problems,
* Unifies existing technologies, and not another divisive point product,
* Cost efficient by building on and legacy technologies

Founder and Chief Alliance Officer, Ramesh Kesanupalli started the vision behind Nok Nok Labs. He worked together with the Chief Information Security Officer of PayPal, Michael Barrett. Taher Elgamal, the “Father of SSL,” joined the efforts of Kesanupalli and Barrett, providing the critical “glue” to bring together the right people to crystallize the vision for the company.

Kesanupalli, Elgamal and Barrett recognized the limits of today’s authentication technology and brought together payments companies, authentication providers and device manufacturers to deliver an innovative world-class approach and solution.

Board members include Richard A. Clarke, former head of counter-terrorism for the GHW Bush and Clinton administrations and current CEO of Good Harbor Consulting, and Barrett from PayPal.

In response to a lack of open standards in authentication, Nok Nok Labs has allied with other industry leaders such as PayPal, Lenovo, Validity, Agnitio and Infineon to establish the FIDO Alliance, a non-profit corporation organized to address market needs and requirements.

The FIDO Alliance is developing an industry open standard to address the lack of interoperability of existing authentication solutions as well as the problems users face with multiple usernames and passwords.

This new open standard for strong authentication – FIDO — will enable any web site or cloud application to interface with a variety of existing and future FIDO-enabled devices and technologies that the user has available for online security.