Okta and Veridium work together to seamlessly and securely authenticate employees and customers using biometrics, including native (face or fingerprint), 4Fingers TouchlessID, and third-party biometrics, on their mobile devices. When a user successfully authenticates via the Veridium platform, Okta then authorizes their access requests according to defined policies, including deciding which use cases require step-up authentication (for example, those involving the transfer of sensitive information). The secure MFA-backed solution lets users easily and regularly authenticate to apps (cloud, on-prem, and other systems) and secures transactions at scale.
- Companies with employees who work remotely and handle sensitive information are at constant risk of credential-based attacks like phishing
- Enterprises need to increase security for employees, customers, and transactions without negatively impacting the user experience
- They need flexible security tools that let them standardize strong authentication across diverse environments, including employees using their own devices
- Enterprises in highly regulated sectors like finance, healthcare, and government are often required to employ rigorous security protocols around user access
The Okta + Veridium integration combines the leader in identity and access management with frictionless mobile-first biometrics to enable secure passwordless authentication
Okta and Veridium work together to provide customers with digital passwordless multi-factor authentication (MFA) and a seamless, customizable user experience, backed by leading-edge biometric security
Customers and employees can easily enroll on their own devices for a convenient single sign-on (SSO) experience to sensitive assets
Enterprises can reduce risk from credential theft, and comply with government or industry regulations like multi-factor authentication requirements
Enterprises reduce overall cost of ownership and increase efficiency with no additional hardware requirements
Keep the user experience smooth and secure
When authorized users request access to a sensitive service, Okta and Veridium work together to seamlessly and securely authenticate them. An initial access request for a resource first goes to Okta for authorization. Okta redirects the request to Veridium, letting users capture and authenticate using their biometrics, including native (face or fingerprint), 4Fingers TouchlessID, and third-party biometrics, on their mobile devices. Once the user successfully authenticates via the Veridium platform, Okta can authorize the access request according to defined policies.
Provide convenient, secure bring-your-own-device (BYOD) access for employees
Employees benefit from a secure sign-on process that uses their biometrics to let them easily and regularly authenticate to cloud apps like Office 365, legacy apps and systems, Citrix Workspace, and more. The secure MFA solution eliminates password headaches, improves employee productivity, and meets strict compliance requirements for highly regulated industries.
Reduce risk with secure transactions
Strong customer authentication (SCA) capabilities secure transactions at scale, helping companies minimize the footprint for credential-based attacks, identify and eliminate internal and external threats, and otherwise reduce risk and meet Revised Payment Service Directive (PSD2) compliance requirements and compliance challenges. Okta policies define which applications require additional authentication (for example, those involving the transfer of sensitive information), and can require step-up MFA through Veridium. This authentication challenge can override user preferences, for example requiring fingerprint ID even if a user prefers FaceID, and Veridium can destroy stored files after the transaction (e.g. fingerprint imagery), for additional security. When an account is deactivated within Okta, that user’s access can be automatically revoked by the VeridiumID server.
Deliver zero-trust security for the enterprise and a seamless experience for employees and customers
- Deploy passwordless sign-on that delivers on the promise of zero-trust by enabling mobile-first biometric authentication
- Securely enable a BYOD workplace for employees
- Improve workforce productivity via convenient, secure access to cloud apps, Citrix Workspace, and more
- Deliver a smooth customer sign-on experience that builds confidence in your transaction security, and inspires long-term loyalty and advocacy
- Ensure compliance for highly regulated industries like finance, healthcare, and government
- OIDC OpenID Connect is an extension to the OAuth standard that provides for exchanging Authentication data between an identity provider (IdP) and a service provider (SP) and does not require credentials to be passed from the Identity Provider to the application.
- SAML Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP) that does not require credentials to be passed to the service provider.
- SWA Secure Web Authentication is a Single Sign On (SSO) system developed by Okta to provide SSO for apps that don't support proprietary federated sign-on methods, SAML or OIDC.
- Attribute Sourcing
- Create Creates or links a user in the application when assigning the app to a user in Okta.
- Update Okta updates a user's attributes in the app when the app is assigned. Future attribute changes made to the Okta user profile will automatically overwrite the corresponding attribute value in the app.
- Deactivate Deactivates a user's account in the app when it is unassigned in Okta or their Okta account is deactivated. Accounts can be reactivated if the app is reassigned to a user in Okta.
- Sync Password Push either the users Okta password or a randomly generated password to the app. This feature is not required for all federated applications as user authentication takes place in Okta, however some apps still require a password.
- Group Push Push existing Okta groups and their memberships to the application. Groups can then be managed in Okta and changes are reflected in the application.
- Group Linking Link Okta groups to existing groups in the application. Simplifies onboarding an app for Okta provisioning where the app already has groups configured.
- Schema Discovery Import the user attribute schema from the application and reflect it in the Okta app user profile. Allows Okta to use custom attributes you have configured in the application that were not included in the basic app schema.
- Attribute Mastering The application can be defined as the source of truth for a full user profile or as the source of truth for specific attributes on a user profile.
- Attribute Writeback When the application is used as a profile master it is possible to define specific attributes to be sourced from another location and written back to the app. For example the user profile may come from Active Directory with phone number sourced from another app and written back to Active Directory.