“These new capabilities will offer greater integration flexibility for our customers that will enable them to integrate our S3 Suite with the use of their own APIs for handling encryption operations and also the use of external, hardware-based key vaults for storing sensitive information.” – Rolf Lindemann, Vice President of Products, Nok Nok
On that latter point, the S3 Server now supports the ability to send push notifications and email-based One Time Passcodes through what Nok Nok calls an ‘external backend secrets store’, allowing developers to connect the systems of third party MFA vendors. Support for OpenID Connect, meanwhile, means that the S3 Authentication Suite can now be integrated as an authentication provider with other identity and access management systems such as Azure B2C and ForgeRock.
The S3 Suite now also features a ‘pluggable connection framework’ that is designed to help customers move beyond vulnerable database connections based on usernames and passwords. Security-conscious IT administrators may also appreciate that Registration and Authentication rules have been streamlined into a single ruleset.
Another new feature lets clients store cryptographic keys from the S3 Sever in their own standalone Hardware Security Modules, or in cloud-based HSM infrastructure. And new support for payment transaction confirmation in Web Applications means that customers using PSD2-SCA workflows will be able to take advantage of dynamic linking to ensure that fraudsters aren’t able to alter details of FIDO-authenticated transactions.
“Through continued innovations that stay ahead of changing threat environments, Nok Nok continues to raise the bar above the modern authentication standards we helped to create,” commented Nok Nok Labs Products VP Rolf Lindemann. “These new capabilities will offer greater integration flexibility for our customers that will enable them to integrate our S3 Suite with the use of their own APIs for handling encryption operations and also the use of external, hardware-based key vaults for storing sensitive information.”
Nok Nok’s announcement of the latest upgrade to its flagship authentication platform comes after the company teamed up with CompoSecure last autumn to develop Arculus, a FIDO-compliant virtual key solution aimed at enabling secure access to digital services and apps.