RSA has announced expanded phishing-resistant, passwordless capabilities today at Gartner Identity & Access Management Summit 2024. Built to secure financial services organizations, government agencies, healthcare, and other highly-regulated industries from the most frequent and highest-impact attacks, these new RSA capabilities meet the most stringent cybersecurity regulations and are a key asset in developing a Zero Trust security architecture:
The FIDO2 Certified RSA Authenticator App 4.5 for iOS and Android: RSA now makes it easy to deploy FIDO2-Certified device-bound passkeys on users’ mobile devices through RSA Authenticator App 4.5. The new capability, offered through RSA ID Plus, allows organizations to simplify provisioning phishing-resistant MFA, improve the user experience, replace passwords, SMS, and OTP, and accelerate their Zero Trust maturity. RSA Authenticator App 4.5 is now generally available.
Advance Zero Trust maturity with the RSA iShield Key 2 Series: The RSA iShield Key 2 Series, powered by Swissbit, features FIDO2, PIV, HOTP support and a FIPS 140-3 certified cryptographic module. The hardware authenticators meet Executive Order 14028, OMB M-22-09, and OMB M-24-14, and can help the public and private sector simplify and secure credential management. The RSA iShield Key 2 series is available for order now and is currently shipping.
In addition to these product innovations, RSA also helps set the broader passwordless agenda and ensures that the FIDO standard can secure workplace authentication. As a board member of the FIDO Alliance and a member of its Enterprise Deployment Working Group, Government Deployment Working Group, Security & Privacy Requirements Working Group, and others, RSA is committed to advancing FIDO for all use cases and organizations.
“RSA Authenticator App 4.5 and the RSA iShield Key 2 series build on decades of security-first leadership and innovation in authentication,” said RSA CEO Rohit Ghai. “Modern data breaches show that while MFA is essential, it’s not sufficient: organizations need phishing-resistant authentication to protect their operations and defend themselves from advanced threats.”
“Organizations first started using digital passwords in 1961, and after more than 60 years it’s well past time for tech to move on,” said RSA CISO Rob Hughes, who will detail how organizations can reduce their reliance on passwords at a session at the Gartner IAM Summit on December 9 at 11:45 AM. “RSA recently released a global survey showing that 61% of organizations had plans to implement passwordless authentication in the next year. Given how frequently passwords are the cause of data breaches, these new RSA capabilities will help organizations reduce their attack surface and implement the new solutions that modern risks require.”
“As a valued board member of the FIDO Alliance, RSA has helped the organization develop authentication standards suitable for enterprise use – which are now reflected in their FIDO Certified RSA Authenticator App 4.5 for iOS and Android,” said Andrew Shikiar, Executive Director & CEO of FIDO Alliance. “The FIDO Alliance applauds this launch and RSA’s commitment to delivering phishing-resistant, user-friendly FIDO Certified solutions to address the varying requirements for workforce authentication.”
RSA Authenticator App 4.5 and the RSA iShield Key 2 series complement additional ID Plus capabilities that distinguish the solution from the rest of the market, including:
- Cross-environment passwordless support: ID Plus can support a range of passwordless methods across SaaS cloud, hybrid, and legacy on-premises resources
- Secure credential recovery: ID Plus enables users to securely enroll and recover FIDO credentials without having to resort to synced passkeys
- RSA Mobile Lock: An integrated component of the RSA Authenticator App, RSA Mobile Lock scans for potential threats on users’ devices to assure the integrity of the mobile authenticators
- RSA Risk AI: Deployed as part of ID Plus, RSA Risk AI uses machine learning, behavioral analytics, and business context to intuitively determine user risk and simplify authentication