Bringing 1Kosmos Passwordless Security to AWS Cognito
I am very excited to announce that 1Kosmos is an official AWS Cognito Passwordless MFA partner.
Amazon Cognito places the utmost importance on online account security. To bolster the protection of account holders, starting in 2024, Amazon Cognito made it a goal to expand its multi-factor authentication (MFA) requirements, ultimately partnering with 1Kosmos to help the Amazon Cognito team reach its customer security initiatives.
A Better MFA
It’s no secret that MFA significantly augments the security of web and mobile applications by necessitating additional identification methods beyond just a password. By implementing various forms of MFA organizations can effectively mitigate the risks associated with user account takeovers, phishing attacks, and password breaches.
To take things a step further, users can elevate their account security through biometric authentication features like TouchID (fingerprint), FaceID and LiveID (a 1Kosmos architectural advantage). Additionally, it offers one-time passwords (OTP) through SMS and email, time-based one-time passwords (TOTP) via a linked mobile authenticator, and push notifications. This flexibility empowers Amazon customers to select the MFA methods that best align with the requirements of their application ecosystem.
User Experience is Important
The team at Amazon Cognito places delivering a seamless user experience high on its list of requirements, and that is why partnering with 1Kosmos was a perfect fit. The 1Kosmos MFA capabilities provide a diverse array of authentication choices to accommodate a broad spectrum of users and devices, all with a similar user experience. The 1Kosmos BlockID and Amazon Cognito partnership strikes the right balance between security and usability when developing customer-facing applications.
Easy Access to Passwordless
1Kosmos is a trusted AWS Partner and AWS Marketplace Seller offering BlockID and passwordless MFA solutions to elevate online account security. The platform boasts FIDO2 and NIST 800-63-3 certifications, further affirming its reliability. Amazon Cognito customers can easily deploy and directly acquire BlockID through the AWS Marketplace, enabling the implementation of a phishing-resistant passwordless MFA solution.
Identity Verification
An optional capability of the 1Kosmos platform, 1Kosmos BlockID provides organizations an automated and cryptographically secure way to verify a virtually unlimited array of identity details including government issued ID, education qualifications, healthcare data, financial account details, and other third-party machine-readable personal information while respecting an individual’s privacy. This provides progressively higher levels of identity assurance for authentication and digitally transforms a broad range of business processes such as worker or contractor onboarding, new customer account origination, and provisioning of digital services.
Combination of Verification and Authentication
This capability of the BlockID cloud service has been meticulously crafted to combat identity impersonation, thwart account takeovers, and prevent fraudulent activities, all while offering a user-friendly and frictionless login experience.
1Kosmos BlockID leverages identity-based verification to transparently authenticate users, effectively shielding against account compromises and fraudulent activities. The result of implementing BlockID identity verification with the integration of Amazon Cognito enables organizations to have a higher level of assurance for the users they have under management.
Privacy by Design
The 1Kosmos decentralized private blockchain technology empowers individuals with exclusive access and full control over their personally identifiable information, ensuring a privacy-centric design. This approach allows end users to review and authorize or decline the sharing of their data with online services they want to utilize. All personally identifiable information (PII) undergoes end-to-end encryption, guaranteeing that it remains shielded from exposure. Users can directly grant or deny sharing requests to the applications they connect with, without any involvement of third-party intermediaries, such as external public key servers or messaging hosts, ensuring that their data, keys, and plain text messages remain inaccessible to these entities.
More About 1Kosmos
Our platform encrypts and securely stores biometrics and ID data within a private, permissioned blockchain, safeguarding user data against potential breaches. BlockID is not only certified to NIST Identity Assurance Level 2 but also compliant with Level 3, showcasing a steadfast commitment to upholding and advancing identity assurance and regulatory compliance.
BlockID also further supports identity governance through the following features:
- Biometric-based Authentication: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through credential triangulation and identity verification.
- Identity Proofing: BlockID provides tamper evident and trustworthy digital verification of identity – anywhere, anytime and on any device with over 99% accuracy.
- Privacy by Design: Embedding privacy into the design of our ecosystem is a core principle of 1Kosmos. We protect personally identifiable information in a distributed identity architecture, and the encrypted data is only accessible by the user.
- Distributed Ledger: 1Kosmos protects personally identifiable information in a private and permissioned blockchain, encrypts digital identities, and is only accessible by the user. The distributed properties ensure no databases to breach or honeypots for hackers to target.
- Interoperability: BlockID can readily integrate with existing infrastructure through its 50+ out-of-the-box integrations or via API/SDK.
- Industry Certifications: Certified-to and exceeds requirements of NIST 800-63-3, FIDO2, UK DIATF and iBeta ISO/IEC 30107-3 specifications.
To learn more about the relationship please see the press release here and the AWS Partner Network blog here.
