Okta has developed an anti-phishing mechanism that is designed to help ensure that ‘stolen’ biometrics can’t be used for authentication. Dubbed ‘Advanced Phishing Resistance for FastPass’ – FastPass being Okta’s biometric login system – the solution essentially binds a user’s face or fingerprint data to their personal device, meaning that biometric authentication can only be done using a particular smartphone, for example. FastPass itself is in a beta preview phase, and is expected to launch in early 2023.
“What that means is if someone puts up a fake phishing site and tricks you into pushing your fingerprint into the fake page, it’s no use to them,” said Okta co-founder and CEO Todd McKinnon in an exclusive interview with Protocol. “They can’t use that to then log in as you.”
Okta also announced a series of new features as part of its no-code Okta Workflows solution designed to enable automated responses to security issues. Included in these features are pre-built security templates that allow for the tweaking of workflows to suit a security teams’ specific needs.
In March of 2022, Okta joined the likes of high-profile companies Samsung and NVIDIA in becoming a victim of the hacking group Lapsus$. The attack saw Okta’s backend systems attacked, with screenshots of Okta’s internal Slack channels posted online as proof.