Daon

Guest Post by Paul Kenny, Chief Technical Architect, EMEA/APAC

Heeding the FBI is wise, but misreading the Bureau can be disastrous. And never has this been truer than in the context of the FBI’s recent Private Industry Notification on Multi-Factor Authentication (MFA).

A cursory look at this notification (or worse, a glance at some of the newspaper headlines it’s been generating) might well lead you to believe—quite mistakenly—that MFA is a vulnerable and unreliable security framework.

In truth, the FBI is saying nearly the exact opposite—that MFA is a necessary and wildly effective means of preventing upwards of 99.9% of all cyberattacks, but that not all MFA is created equal, and that the very best security framework is an "advanced" MFA implementation that utilizes the strongest authentication factors such as physiological and behavioral biometrics.

In fact, when the FBI reports to have “observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks,” it is referencing the very attacks that an advanced, biometric-based MFA platform (like IdentityX) is designed specifically to prevent.

To help illustrate this point, let’s quickly walk through the attack types listed in the FBI’s notification to see how IdentityX protects against them:

In this seventh episode in the Daon Podcast Series, we welcome our new President of Emerging Markets, John Sanders. John reflects on his career and previous roles as Chief Technology Officer for the Transportation Security Administration (TSA) and Chief Operating Officer and Acting Commissioner for U.S. Customs and Border Protection (CBP), and what he believes is the future of Daon.

Check out more from our new podcast series and hear from various Daon leaders on the latest trends and hot topics driving the identity industry.

Learn about the benefits of Polarify, Daon's joint venture with Sumitomo Mitsui Financial Group/Sumitomo Mitsui Banking Corporation and NTT Data

THE CHALLENGE

Japanese service providers wanted to offer a better experience to their customers, both in customer registration for new services, i.e. digital onboarding or e-KYC and when accessing services or approving transactions. If every service provider developed their own solutions, that would introduce even more friction for customers and costly duplication of effort.

THE SOLUTION 

Sumitomo Mitsui Financial Group/Sumitomo Mitsui Banking Corporation, one of Japan’s largest financial groups, along with its technology partners NTT Data asked Daon to bring its technology and expertise to a new joint venture. The result is Polarify: a service that delivers cross channel secure and convenient biometric authentication and e-KYC for streamlined digital onboarding.

THE MARKET REACTION

Polarify quickly became an attractive alternative by offering best-of-breed biometric authentication and onboarding capabilities as a service within the Japan market. With Daon as its partner, Polarify delivers a future-proofed solution for customers, who include not just banks, but also some of the world’s most prestigious ecommerce and insurance companies, including Japan’s largest life insurance company.

THE E-KYC AND TRUSTED AUTHENTICATION OPPORTUNITY

Recent revisions to the Japanese Act on Prevention of Transfer of Criminal Proceeds (APTCP) and other Know Your Customer (KYC) regulations enabled Japanese companies to go digital with their customer KYC procedures and particularly to leverage facial biometrics to enable the integrity of e-KYC. Not only that, in a single process, end users can be registered in an e-KYC process and setup for trusted authentication– a market leading business innovation from Polarify that benefits all sides, while still complying with Japan’s strict regulatory requirements.

Download the full case study here.