Nok Nok Labs first to provide FIDO-based authentication for smart watches
22 October 2019 16:09 GMT

Nok Nok Labs has announced the “Nok Nok App SDK for Smart Watch,” the industry’s first FIDO-based authentication solution with support for smart watch devices. The Nok Nok App SDK for Smart Watch allows organisations to implement FIDO-based authentication using a silent platform authenticator on smart watch devices. With the introduction of the Nok Nok App SDK for Smart Watch, organisations can provide consumers flexible, easy, and secure access with the advantage of a unified backend authentication infrastructure across all relevant digital channels - mobile applications, mobile web, desktop web and now, smart watches.

Strategic Analytics recently reported that global smart watch shipments grew an impressive 44 percent annually to reach 12 million units in the second quarter of 2019. Smart watch usage for applications beyond fitness has grown to include banking, productivity applications such as Slack, ecommerce such as Apple Pay, as well as home security applications such as NEST. Consumers like how easily accessible information is through their smart watch – via a quick look as opposed to pulling the smartphone out of the pocket and unlocking it. This is especially relevant as modern smart watches can even be used without a smartphone nearby.

"While smartwatches and other wearables are increasingly being utilised to access business information and perform business tasks, few organizations are able to enforce policy controls around these devices, making them one of the most vulnerable of emerging attack vectors," noted Steve Brasen, Research Director with IT industry analyst firm, Enterprise Management Associates (EMA). "The new standards-based controls from Nok Nok Labs are addressing authentication head-on by providing a solution that governs access controls directly on smart watches regardless of whether they are direct-network attached or tethered to a smartphone. Now individuals are able to utilise enterprise applications and view sensitive company data that is centrally managed with policies that ensure only authorised users have access."

Access to sensitive information on a smart watch requires a very distinct user authentication process. Today’s solutions typically store OAuth tokens or other bearer tokens in their smart watch applications. Unfortunately, these tokens provide relatively weak authentication and need to be renewed frequently as they lack strong device binding. With the Nok Nok App SDK for Smart Watch, developers can standardise on FIDO-based authentication infrastructure that lowers their cost and complexity while extending the standards-based approach from mobile applications and mobile web or desktop web applications to include smart watch applications.

“The ability to access sensitive information via a smart watch necessitates a more secure method of authentication that integrates with existing backend security infrastructures,” said Dr. Rolf Lindemann Vice President, Products, of Nok Nok Labs. “Nok Nok, an inventor of FIDO specifications, now brings the same level of security to smart watches with the Nok Nok App SDK for Smart Watch, as it previously did with mobile apps and web browsers.”