In today’s enterprise, employees are tasked with authenticating to a variety of endpoints and applications, using several approximations of identity. Identity and Access Management systems (IAMs) are designed to manage employees’ access and authentication to these applications and services. In other words, IAMs ensure that the right people are provided the right access, at the right time.
When it comes to management of access and identity, we are witnessing certain trends that are transforming authentication in the enterprise to a more secure and more convenient model. These trends include (but are not limited to): increasing use of biometrics for authentication; authentication that persists, eliminating transactional requirements for validation; and use of trusted mobile or wearable devices to make authentication easier for users. So how are today’s IAMs capitalizing on these trends and working with companies to improve authentication in the enterprise?
PingID and the Nymi Band: A Proof of Concept
Nymi’s SDK allows various organizations (including IAM providers) to build integrations with the Nymi Band and its core technology. As an example of this, Ping Identity - a leading provider of identity and access management platforms - has recently piloted the Nymi Band with its existing PingID system, and discussed the combined solution in depth in their latest blog post.
How does the solution work? First, a user biometrically authenticates to their Nymi Band using Nymi’s HeartID™ (or Apple’s Touch ID®). PingID’s app will learn from the Nymi Band that the user is both present and authenticated, and, based on this query, PingID then reports that the user was successfully authenticated, and access is granted to the requested enterprise application. The PingID server will report back to PingFederate that the authentication was successful. This is all made possible through a simple integration using Nymi’s free SDK.
This use of the Nymi Band demonstrates how authentication can be both secure, and convenient for end users and enterprises. It ensures that the intended user is validated with something they know (a password), something they have (phone, and Nymi Band), and something they are (their unique biometric). In this example, authentication is also local, preventing against potential attacks or breaches that often target cloud-based systems.
Nymi has built its SDK with partnerships and pilots in mind. We are currently working with IAMs and various other types of partners to expand the Nymi Ecosystem, and simplify access control for enterprises and their employees.