To receive an excerpt of this report, please fill out the following:
Zero Knowledge Authentication & Authorization: Soon the New Normal?
Gary Rowe, CEO and Principal Consulting Analyst
Doug Simmons, Principal Consulting Analyst
Zero Knowledge Authentication and Authorization (ZKA2) can transform how businesses connect, interact, and transact with their customers. ZKA2 empowers faster, easier, and more secure user experiences and is often coupled with intelligent authentication and authorization. ZKA2 can help to execute on a frictionless security strategy critical to engaging customers and citizens.
The foundation of a Zero Knowledge environment is that it assures that no one (sender, receiver, or observer) can misuse private information because by design, it is never revealed. ZKA2 helps weed out many of the potential risks associated with the use of less secure and outdated password-only authentication protocols and the transmission of sensitive identity data, such as Patient Health Information (PHI) or Personal Identifiable Information (PII). ZKA2 helps bolster the security of a person’s online transactions and public cloud accounts by limiting the types of sensitive information used to verify “I am who I say I am”.
There have been significant improvements over the past two years in bringing the concepts of ZKA2 to market. Vendors have invested heavily in developing workable, scalable and desirable solutions with several early solutions being ready-to-deploy. Even if it takes a few years for critical mass to develop surrounding ZKA2, the direction being set, and the value proposition is clear.
This report starts by looking at the building blocks and use cases for ZKA2, then evaluates early ZKA2 approaches and reviews of our vendor/solution short-list. We then conclude with a set of recommendations and next steps.