Sift, the Digital Trust & Safety solution provider, has announced that it has acquired Keyless, a pioneer in passwordless and multi-factor authentication.
Keyless’ zero-knowledge cryptography and privacy-preserving biometric authentication tech has been designed to eliminate account takeover (ATO) fraud because of “weak or stolen passwords, phishing, and credential reuse, while allowing users to log into websites and apps simply by looking into their device’s camera.”
Keyless’ tech addresses the Strong Authentication Compliance requirements of PSD2, is FIDO Certified, and assists online companies with meeting the requirements of GDPR. Sift will provide Keyless products “to regulated businesses and online merchants around the world,” the update noted.
With account takeover attacks reaching new heights during the COVID-19 outbreak, businesses have been dealing with “ongoing, evolving threat from cybercriminals using large-scale automation to launch massive ATO attacks to steal stored account value, payment information, and other personal data.”
Keyless’ biometric-based authentication “eliminates a primary vector of ATO attacks by solving the root problem: passwords.” Adding to the ATO prevention capabilities in Sift Account Defense, Keyless offers “account security for any business that is ready to embrace a passwordless customer experience through multi-factor authentication that seamlessly allows users to log in to sites and apps from any device.”
Keyless’ tech aims to free up businesses or companies from storing and managing passwords, the update noted. Instead of tying a user’s biometric factor to a password, Keyless’ SDKs “allow businesses to deploy biometric logins interoperably on their websites and apps as the primary authentication mechanism, or integrate the Keyless authenticator app into the login experience.” In either deployment, users can “simply look into the camera on their smartphone or computer to authenticate, with a consistent experience across devices,” the update explained.
Marc Olesen, President & CEO of Sift, stated:
“Protecting businesses from fraud while reducing customer friction is the foundation of a Digital Trust & Safety strategy. Keyless has created a truly innovative product that provides better account security with less friction for users, and meets the qualifications for regional regulations like PSD2. We’re so excited to bring the Keyless team to Sift and for our customers to benefit from their incredible technology and expertise.”
As mentioned in the update, Keyless puts privacy at the center of the experience by authenticating users “without storing their biometric or cryptographic information on their device or in any central location—and by leveraging advanced privacy-preserving, multi-party computation protocols.” The Keyless network does “not have access to the biometrics, and therefore no one but the user has access to it,” the announcement clarified.
Andrea Carmignani, CEO and Co-founder of Keyless, remarked:
“Our mission at Keyless is to provide people and organizations with a passwordless future, where the user is the key. Joining Sift will allow us to reach businesses around the world, stop account takeover attacks at scale, and ensure that users can authenticate seamlessly across devices with nothing more than a glance at their device’s camera.”
Andrew Shikiar, Executive Director and CMO of the FIDO Alliance, an open industry association focused on providing open and free authentication standards, added:
“Keyless has developed a novel and secure approach that leverages FIDO’s protocols to make authentication easier for consumers. I look forward to seeing Sift and Keyless drive adoption of this standards-based technology that both businesses and consumers desperately need to thwart the growing number of account takeover attacks.”