nextAuth was present at Infosecurity.nl with a demo booth. Visitors could try out the nextAuth technology for themselves and were in general impressed by the ease-of-use.
From the many visitors stopping by our booth, we learned that organisations still struggle with authenticating their customers and employees; and that phishing is become more and more of a threat. Traditional IT vendors push for classical two-factor solutions, i.e. adding a second factor on top of the existing username/password login. However, organisations do not want to annoy users with additional authentication steps. Some visitors reported that the push back from users was so strong that plans for strengthening authentication had to be rolled back. This struggle for secure and user-friendly authentication is universal across organisations in all sectors. At nextAuth, we are convinced that usability and security do not need to be trade-off. Both need to be taken into account when choosing an appropriate solution.
One Time Passwords (OTPs) remain the most common second factor, although these score poorly on both security and usability. Several other vendors have mobile authentication solutions that automate OTPs through push messages. While this overcomes the inconvenience for the user, the poor security remains. This is especially worrying when switching to mobile-only authentication (passwordless) based on OTPs.
The financial industry is looking for an authentication solution to improve security and offer a seamless user experience. nextAuth offers a solution compliant to PSD2 Strong Customer Authentication for both mobile and web authentication. Apart from the financial industry, suppliers of B2B or B2C applications can leverage the nextAuth technology to simplify and secure the login process.
