PALO ALTO, Calif., Dec. 7, 2017 /PRNewswire/ — Nok Nok Labs, a pioneer and leader in next-generation authentication and a founder of the FIDO (Fast Identity Online) Alliance, announced today the first implementation of a FIDO UAF 1.1 product. NTT DOCOMO, INC., a valued partner of Nok Nok Labs and a long-time adopter of the Nok Nok™ S3 Authentication Suite, leverages the Nok Nok Authentication Server to support its’ UAF 1.1 implementation on Android 8.0 devices.
Aspects of the UAF 1.1 FIDO specification detail how key attestation for handsets running Android 8.0 can be accomplished. “Key attestation can be vital to solving a core problem with internet security – specifically, how to tell a real device from a virtual machine that a bad actor could use to mount scalable attacks,” said Rajiv Dholakia, VP Products at Nok Nok Labs. “Nok Nok Labs pioneered the concept of key attestation in FIDO authentication. We have worked with hardware and OEM partners such as Lenovo and Samsung, and operating system partners such as Google to leverage hardware-based key attestation over a standards-based mechanism to deliver the best possible security to our customers.”
Key attestation delivers assurances about the security profile of the cryptographic keys. When the attestation key is hardware-based, it can mitigate against a wide range of scalable attacks on authentication protocols. Relying parties can now leverage strong, standards-based authentication directly within their mobile application based on key attestation capabilities on any new Android 8.0 device using the Nok Nok AppSDK. Customers of the Nok Nok™ S3 Authentication Suite can take advantage of these enhancements without any changes to their applications. When using the Nok Nok solution, customers will receive the best security along with significant savings in both time and cost versus complex native API implementations.
“Key attestation is a vital component of a strong identity chain. It is the way we provide strong, cryptographic proof of the clear provenance and security of the method of authentication,” said Dr. Rolf Lindemann, Senior Director of Technology at Nok Nok Labs, and the editor and main author of the UAF 1.1 specification. “With the new capabilities of UAF 1.1, a developer need not wonder if a device manufacturer provides support for standards-based authentication natively on their latest device. They can leverage the Nok Nok solution to assure strong security on any new device with Android 8.0.”
“We are proud