Transform digital security by eliminating all credential-based threats altogether
Circle Security, a decentralized, threat prevention platform announced the availability of its Credential-Free Authentication solution on the Auth0 Marketplace, a catalog of trusted technology integrations to extend the functionality of Okta Customer Identity Cloud powered by Auth0. The solution radically improves security for Okta customers by helping eliminate the threat surface associated with all credential-driven attacks.
Circle helps organizations shift left from “Detect & Respond” to a “Prevention-first” cybersecurity strategy. Circle for Auth0 includes:
1. Continuous frictionless Credential-free authentication of a single unique user across multiple devices, browsers, sessions and contexts without the need for a VPN, 3rd party cookies, usernames or passwords. Circle delivers unrivaled credential-free authentication by combining:
– Something you have – an authorized device
– Something you are – biometric authentication, and
– Something you do – continuous cryptographic signing
2. Delegated MFA + Identity Verification
Based on the context and policies set by Auth0 Marketplace actions or the application, Circle can trigger a Human-in-the-Loop delegated MFA as a step-up zero-trust authentication when needed for high-risk use cases, contexts, and user behaviors
Circle’s foundational decentralized architecture means that the Circle for Auth0 solution delivers the following benefits for Okta customers:
– Zero cloud attack surface
– No threat surface resulting from credential-driven attacks such as phishing, social engineering & credential compromise
– No single point of failure for the system
– Frictionless experience via complete alignment with customer’s existing user flows
– Fast and zero code deployment with easy calls to Circle’s API or as a turnkey solution
Circle Security complements Okta Customer Identity Cloud powered by Auth0’s extensible identity, and the ease in which customers can seamlessly integrate adjacent technologies to facilitate the successful execution of larger projects such as digital transformation, threat detection, compliance, and customer conversion.
For Credential-free Authentication, Circle integrates with the Auth0 API to get the user details and session tokens from multiple applications – these tokens are stored in secured capsules. The access to these capsules can be provided by cryptographically binding 2 user parameters which are authorized device signature and user biometrics. On every authentication, the secure capsule refreshes its token by interacting with Auth0 APIs.
For Delegated MFA + Identity Verification, Circle integrates with Auth0 Actions to identify user activity and based on that triggers a delegated step-up re-authentication. For example, when a user performs a specific risky action such as an unusual banking transaction as defined in Auth0 actions, Circle can trigger a Human-in-the-loop re-authentication. In this case, Circle locks down the user and sends authentication codes to a pre-configured group of people (Circle-of-Trust) who will unlock the user over a secured channel after verification.
Read More: CIO Influence Interview with Chris Lubasch, Chief Data Officer & RVP DACH at Snowplow
In both use cases, the key highlights are –
- Authentication is carried out credential-free by combining user biometrics and device signatures
- The tokens and details generated by Auth0 will be saved in Secure Capsules on the endpoint
- Any type of step-up re-authentication is triggered with a user action that would either require additional verification from the user or from another person with the context
Our differentiation from our competitors –
- Zero cloud attack surface
- No threat surface resulting from credential-driven attacks such as phishing, social engineering & credential compromise
- No single point of failure for the system
- Frictionless experience via complete alignment with customer’s existing user flows 5. Fast and zero code deployment with easy calls to Circle’s API or as a turnkey solution
“At Circle we are on a mission to ELIMINATE the world’s exposure to cyber threats. Our foundational technology built on a unique decentralized architecture helps developers and enterprises shift their cybersecurity strategy from Detect & Respond to Prevent & Eliminate,” said Phani Nagarjuna, Founder & CEO of Circle Security. “With the availability of Circle for Auth0, our fully integrated joint offering with Okta Customer Identity Cloud powered by Auth0, now on Auth0 Marketplace, several of Okta’s customers can enjoy the benefits of zero credential-driven data breaches and zero identity impersonation vulnerabilities delivered by Circle’s credential-free data access solutions within their Auth0 Marketplace implementations.”
“The addition of Circle Security to Auth0 Marketplace adds greater breadth to our platform and gives customers even more extensibility and flexibility when designing the identity platform of their dreams,” said Cassio Sampaio, Senior Vice President of Product, Customer Identity at Okta. “We have identified the integrations that matter to our customers and are excited to have Circle Security as a valued best-in-class technology in the ever-growing Auth0 Marketplace.”
Read More: CIO Influence Interview with Rich Nanda, Principal at Deloitte
[To participate in our interview series, please write to us at sghosh@martechseries.com]