Nearly 1 out of 3 data breaches involved phishing last year and phishing attacks in total increased by 65%. Trend Micro expects Business Email Compromise (BEC) attacks (phishing) to result in $9 billion of losses for businesses in 2018. IDEE’s Web Login prevents phishing because there are no credentials to be phished.
With account takeover, an attacker could change the password to lock the user out and then perform fraudulent actions such as making payments. With IDEE, it is impossible to hijack a user account without physical access to the user device and the strong factor used to protect access to the device. There are no credentials stored on servers or known to the user that attackers can obtain or phish.
65% of data breaches was a result of identity theft, followed by account access with 17%. With IDEE, the user’s identity is tied to a physical device under their control and using a strong factor of authentication to protect it. The identity cannot be extracted and/or used without the user’s authorization on the physical device.
New online accounts created from stolen identities can cause devastating damages to companies and individuals. When a user uses IDEE’s Instant Sign-Up or Instant Checkout to sign-up for a service provider, the existing KYC is cryptographically signed and sent from the data provider to the service provider. Thus, the service provider can be sure that this new account is created from a trustworthy source by a real user
In 2018, more than 30 billion malicious login attempts were registered, amounting to more than 43% of all login attempts. With IDEE’s Web Login, these “credential stuffing” attacks are not possible since credentials stolen from other past breaches cannot be used.
Entering credentials manually opens your system to threats such as Malware recording the input. Attacks such as formjacking and keylogging increased and formjacking surpassed ransomware and cryptojacking as the top threat in 2018. With IDEE there is no manual data entry, no usernames and no passwords, so no Malware can record your login credentials.
Costs from insider-related threats increased by 15% from 2018 to 2019 to up to 7.9 million € per year per company. With IDEE even administrators don’t know your login credentials, so they cannot leak credentials.
Most systems can be easily bypassed with admin privileges. With IDEE’s admin bypass protection, service providers can check if the request was really initiated by the user. Attackers with admin privileges on IDEE’s servers cannot bypass, alter and / or influence access to a user account.
80% of breaches involve compromised and weak credentials,
Without passwords, there are no weak passwords and they cannot be compromised.
52% of users use the same password for multiple services. This increases the chances of a breach exponentially. With IDEE, the user doesn’t have a password and as a result, no password to be reused. The user authentication factors cannot be duplicated or replayed.
69% of employees share their passwords with others. This increases the chances of phishing and makes employee accountability impossible. With IDEE, login credentials cannot be shared with another person and cannot be stolen.
According to Microsoft, customers can cut their risk of account compromise by 99% by enabling MFA. With IDEE every authentication uses at least 2 factors e.g. biometric and possession of your phone. This ensures strong authentication with every interaction. When logging in with a QR code, it is additionally guaranteed that the user is actually in front of the device.
Unlike other authentication solutions IDEE provides a verifiable assurance of the authenticated user to the service provider as part of the authentication response. This is an additional assurance to the service provider of the integrity, non-repudiation and provenance of the authentication.
More than 1.16 billion email addresses and passwords were exposed in 2019. With IDEE, login credentials aren’t stored centrally. This means login credentials cannot be stolen from the service providers server even if there’s a breach. This also means that login credentials do not need to be changed when a breach happens.
Every communication is protected with end-to-end encryption, so eavesdropping is not possible.
OTPs and SMS codes can be phished through attacks such as real time phishing, hijacked and/or stolen from the service providers backend. With IDEE there are no shared secrets, tokens and SMS codes as used by other identity providers to patch passwords.
IDEE leverages public key cryptography and hardware-based trusted execution environment such as secure element/secure enclave and trusted platform module to establish and secure the user identity and authentication factors.
With IDEE, users can log out from their services remotely. This prevents unintended information disclosure and increases security.