The Identity Assurance Gap

Most cybersecurity breaches—often cited at over 90%—depend on compromised credentials. Even landmark incidents like SolarWinds, widely described as a software supply-chain attack, ultimately hinged on the misuse of a single employee’s credentials, impacting more than 18,000 organizations worldwide. While authentication has improved significantly since then, only a small fraction of login ceremonies implement true multi-factor assurance, and virtually none protect the session after authentication succeeds. As a result, despite meaningful progress, a large and costly identity risk gap still persists.

Security-First Identity, Unsurpassed Ease of Use

Auth is a single, security-first identity app that delivers FIDO2 authentication, integrated credentialless identity verification, and continuous monitoring as part of a complete solution—while supporting and contributing to federated identity. It fully satisfies NIST Multi-Factor Authentication requirements and flexibly enhances passkeys, passwordless push, and similar methods without compromising assurance. Auth is a mobile app built for organizations that require more than point-in-time authentication.

Key Contributions to Ensuring Trustworthy Identity

Auth verifies the user, proves their presence, and continuously assures their identity throughout the session, without relying on passwords or fragile point-in-time checks.

Auth provides:

• Phishing-resistant authentication with verified identity, satisfying NIST MFA requirements while strengthening passkeys and passwordless flows
• Credentialless identity verification using PIN-augmented behavioral signals; no documents, no shared secrets
• Continuous in-session assurance, monitoring behavioral, location, and proximity signals at policy-defined intervals
• Seamless recovery and device migration, restoring access across all federated applications with a single, verified recovery ceremony
• Federation-ready by design, enhancing OIDC and SAML without replacing them

Auth Use Cases

Auth strengthens authentication wherever identity assurance matters—at login and throughout the session.

For Standalone Authentication

Use Auth as a primary, phishing-resistant authenticator.

• FIDO2 authentication
• True MFA compliance (uniquely asserts both Identity and Device possession)
• Continuous identity assurance beyond login

Ideal for: High-risk, regulated, and security-critical access.

To Augment Existing Authenticators

Auth enhances authentication methods already in use, including:

• Passkey, FIDO2, Passwordless push, and others
• Device-bound authenticators (Windows Hello, macOS Touch ID)

Adds:

• Second factor step-up MFA compliance
• Independent identity verification
• Device-bound proximity assurance
• Continuous authentication where none exists

Ideal for:Adding user and device proximity assurance without rearchitecting

---

For Each Use Case Authe Provides

Proximity-Assured Access

When paired with access-device authentication, Auth provides:

• Cryptographic proof the user is physically present
• Reduced risk of remote hijacking and session misuse

Continuous Session Protection

Auth secures what happens after login.

• Ongoing identity validation
• Detection of anomalous behavior
• Step-up or terminate sessions as risk changes

Recovery, Transfer & Federation

Auth supports:

• Secure account recovery and device replacement
• High-assurance identity across federated systems (OIDC, SAML)

---

Bottom line: Auth doesn’t replace your identity stack—it raises its assurance, closes session gaps, and future-proofs authentication leaving the existing stack in place.