Badge Inc., the award-winning privacy company enabling Identity without Secrets
, has announced a partnership with Cisco Duo to revolutionise Multi-factor Authentication (MFA) with the industry’s first hardware-independent roaming MFA solution. With this unique integration, Duo and Badge are setting new standards for what’s possible in secure, efficient, and user-friendly identity and authentication solutions.
MFA is an important security tool to combat unauthorised account access, however, it is not infallible. Traditional hardware-based MFA is high friction, can disrupt operations, and the resulting employee workarounds significantly increase the attack surface for security breaches.
Additionally, the two-factor authentication (2FA) market is becoming increasingly commoditised with the service now being included in popular applications from large technology providers . Per year, 16 billion authentications pass through Cisco’s Duo Authenticator product the vast majority of which are virtual and remote desktop authentications requiring users to be in possession of a second device which is not always available or allowed depending on the environment. This has created a large, unsolved market need that Badge is uniquely positioned to address.
Badge enables Cisco Duo to unlock new identity and authentication use cases while reducing friction and enabling seamless, password-less enrolment using verifiable credentials (VCs). Badge leverages the initial identity verification (IDV) enrolment, and from there the user can authenticate to access this credential anywhere, anytime, on any device. There is no need for repeat IDVs throughout the user lifetime journey, which reduces user frustration and increases cost-effectiveness for Cisco Duo.
“With Badge’s novel privacy-preserving authentication, Cisco Duo users can access any device or application without storing user secrets or private keys,” stated Dr. Tina P Srivastava, Co-founder of Badge. “This eliminates the friction and cost burdens associated with traditional MFA methods like tokens and repeated phone re-registration. Additionally, by removing reliance on physical devices and insecure account recovery processes, Badge and Duo are raising the bar, making it harder for attackers to gain unauthorised access.”
As Cisco Duo posted in their blog announcing the new Badge and Duo integration, when users are in device-not-present situations, like when a mobile phone required for an MFA push is lost, broken, or unavailable, the fallback is usually a phishable, high friction account recovery process.
Not only is this bad for the user experience, but it’s bad for security too – as account recovery is increasingly becoming the front door for attackers and phishing. Recent high-profile attacks in healthcare and entertainment demonstrate this growing threat. In the piece, “Badge Integration with Cisco Duo Delivers Ultimate Hardware-less MFA Experience,” Cisco Duo’s blog points out that Badge eliminates disruptions and the need for account recovery, significantly reducing the risk of fraud.
“Duo can also operate as a certified passkey provider leveraging Badge – extending the password-less capabilities of Duo,” said Ginger Leishman, Technology Partnerships Manager, Cisco Duo. “Unlike other passkey models, the Badge integration with Duo does not require users to cede trust of their key trees or login credentials to a centralised authority.”
She also expanded on how Duo users leveraging the Badge passkey implementation benefit from a trust model where users can establish key provenance and maintain control over their authentication keys, enhancing security and privacy. Again, with Badge, users enrolls once, and may access their passkeys on any device (including across Apple, Microsoft and Google ecosystems).
With today’s announcement, Cisco is the latest member of Badge’s partner network, which also includes marquee identity partners, Okta/Auth0, Radiant Logic and Ping Identity.
An interview with Dr. Tina P Srivastava, will be published on Irish Tech News tomorrow.
See more stories here.
