sb-eu logo
Story image

Okta introduces customisable building blocks for identity verification

03 Apr 2019

Identity services provider Okta has announced the Okta Identity Engine, an upgrade to the Okta Identity Cloud that enables customers to address unlimited identity use cases with Okta.

The Okta Identity Engine is a set of customisable building blocks for every identity experience, breaking apart pre-defined authentication, authorisation and registration flows. Customers can now create dynamic, context-based user journeys, unlocking passwordless experiences, progressive profiling and per-app branding.

Okta expects the Okta Identity Engine to be made available in the second half of 2019.

Identity plays a significant role in nearly every digital trend, taking root in modern security approaches and digital transformation initiatives.

Engineering, digital, IT and security teams have a wide array of different identity use cases across their customer and workforce experiences, and no identity product can be pre-defined to support exactly every use case required.

Organisations require an easy, out-of-the-box way to tailor the basic building blocks of the identity experience, all while maintaining security.

“Every modern application relies on some form of identity and authentication, but not every application will leverage identity in the same way, or have the same requirements,” says Okta chief executive officer and co-founder Todd McKinnon.

“We recognised the opportunity to unlock the foundation of the Okta Identity Cloud to give our customers the chance to wield identity how they see fit — trusting the out-of-the-box security, reliability and scalability that comes with the Okta Identity Cloud.

“The Okta Identity Engine makes an unlimited number of identity use cases possible by making the core functions of Okta fully customisable,” McKinnon says.

Identity building blocks drive unlimited variety of user experiences

The Okta Identity Engine enables organisations to use a number of signals including application, device, network, and intent as context to inform the identity journey of any user, adapting that identity experience accordingly.

For example, one identity journey of a new user interacting with a low-risk application may minimise abandonment during registration by asking for just a name and email address before authorising that user’s access.

Another journey may require additional identity verification steps and enrol a banking customer in multi-factor authentication before authorising access to a high security app.

It’s possible to create unlimited variations by applying different context to policies within the Okta Identity Engine.

Customisation can be done out-of-the-box via the Okta administrator console or with code via Okta REST APIs.

Possible use cases include:

  • Passwordless authentication: Rather than enrolling a password in an authentication sequence, Organisations can use an email magic link to authenticate a user. Organisations can apply a passwordless flow to some applications, but for others, require a stronger factor, such as email, push or WebAuthn.
     
  • Progressive profiling: To prevent users from abandoning a site, enterprises can configure registration for less friction. Administrators can configure initial enrolment to limit additional attribute requirements for a user, while configuring another sequence to require that a user input a home address to access a certain resource. For example, an ecommerce site may want to ask for an email address when a user first engages, but then ask for a home address and phone number before making a purchase.
     
  • Per-app branding: Administrators can configure each sequence with different branding to provide a separate branded experience depending on how a user begins to use its services. For instance, a single hotel loyalty program serving multiple brands can implement per-app branding to customise the look and feel of logins depending on the customer’s hotel choice. This app-specific branding remains consistent through each unique sign-in, email, and push notification workflow.

“Albertsons interacts with over 34 million customers a week, providing the products they want, at a fair price, with great customer service,” says Albertsons digital and marketing IT global vice president Ramiya Iyer.

“As one of the largest grocers in the country, we recognise how important it is to adapt and grow, meeting our customers wherever they are. The Okta Identity Engine provides us with a flexible solution to digital identity.”

The Okta Identity Engine will be included in all existing Okta products.

Customers will be able to use the applicable components of the Okta Identity Engine for the Okta products they have licensed.

Okta expects that it will begin upgrading customers in the second half of 2019.

Initial capabilities of the Okta Identity Engine, such as a passwordless user, progressive profiling with required attributes, and per app branding of the Hosted Okta Sign-in Widget are available in beta today.

Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
California's CCPA now enforced worldwide
“The expansive reach of the CCPA and scope of data it covers can make compliance feel daunting to many,” comments ISACA Privacy Group member David Bowden.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Video: 10 Minute IT Jam – F-Secure talks APTs and the Lazarus Group
We spoke to F-Secure's director of detection and response, Matt Lawrence.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More