Startup Nok Nok Labs pitches strong new authentication process

Client/server software is supporting new protocol called OSTP

Nok Nok Labs officially opened its doors today to introduce client/server-based technology proposed as an innovative foundation for flexible, strong multi-factor security that can be used in e-commerce, Web services or the enterprise.

Nok Nok's software, expected out next month, is based on a new authentication protocol developed by an industry group known as the Fast IDentity Online Alliance, or FIDO Alliance for short. This group, backed by PayPal, Lenovo and Infineon as well as Nok Nok Labs, has developed what's called the Online Security Transaction Protocol (OSTP) to be able to go beyond simple user passwords and logins to flexibly bring into play a much stronger multi-factor identity check online before allowing certain types of Web access or secure transactions to occur.

[ ROUNDUP: 12 Must-Watch Security Startups for 2013 

Page 2 of 2

Nok Nok Labs is considered the first vendor to be FIDO-compliant, and the idea is that the FIDO Alliance, set up as a 501(c) nonprofit organization, will govern the OSTP specification and make the intellectual property created available to those who join. "If you join the Alliance, you get the spec for the client," says Dunkelberger, adding that someone could create their own server, if so inclined.

Potentially, the OSTP framework is complex and extensible as it is said to support established infrastructure security authentication protocols that include SAML, OpenID, and OAuth.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

Read more about security in Network World's Security section.