Veridium: On the Way to Enable a True Passwordless World

Ismet Geri, CEO of Veridium.
Ismet Geri | Chief Executive Officer | Veridium

In today’s digitized world, it is a must to secure one’s data. Though, the traditional methods of protecting digital devices have become pretty predictable and make them more vulnerable to threats.

Data breaches and use of this data for ransomware are the most common and dangerous threats. Thus, to prevent such catastrophes, several organizations are constantly trying to innovate technologies that would be effective. However, Veridium has already innovated and improved upon the traditional methods and developed a most comprehensive integrated authentication platform.

Veridium is utilizing its technology to lead as a passwordless authentication company.

We, at CIO Look, caught up with Ismet Geri, the Chief Executive Officer of Veridium, to know more about the company and how it helps companies stay compliant with diverse regulations.

The Journey into Authentication

Veridium started in 2016 with a mission to be the original passwordless multi-factor authentication company, realizing that there has to be a better way to authenticate users.

Traditional multi-factor authentication depends on something you know, have, or are. Out of these factors, the “something you know” has been the most prevalent method of authenticating individuals from a sentry requiring a password when allowing someone inside the wire to one’s financial institutions requiring a password to grant the digital access to one’s funds.

Having an extensive background and patents in computer vision and neural network processing, Veridium has envisioned a better way of authentication, which grants a natural way that is more powerful and transparent. The company calls it the path of recognition.

This path of recognition follows not from one or more traditional factors. However, it employs location, behavior, and history to increase trust levels while reducing friction to establish that trust for the end-user.

Veridium ID authentication platform enables organizations to get rid of passwords from their application, websites, and web services, by employing

  • Device-independent biometrics capability
  • AI-driven behavioral analysis
  • Time-dependent anomaly detection
  • Use of rich contextual data points to assign trust levels
  • Supporting and implementing interoperable standards, i.e., FIDO2

Currently, Veridium’s mission is to eliminate passwords, eliminate credential theft, eliminate credential fraud, eliminate synthetic identity fraud, and enable simple, secure, and delightful user experiences.

Astute Leadership

Leading the team of dedicated professionals is Ismet Geri, a cybersecurity and seasoned identity executive expert. He is experienced in building and scaling software vendors’ businesses from start-ups to publicly traded companies. In his previous role, Ismet saw the proliferation of digital transformation projects and realized that Identity is the bedrock for every digital interaction.

Ismet looked around and saw a mishmash of solutions, but they were all missing the true need, the need to provide a friction-free, delightful and secure user experience. Under his leadership, Veridium has invested and created biometric technology so that the user only has to enroll once and then can use their biometrics for authentication from multiple endpoints. (e.g., one could enroll their facial biometric on the phone and can then use it on a tablet or a PC/laptop with a web camera.)

With Veridium vFace, users don’t need expensive or specialized cameras or specific operating systems. Being a big proponent of standards, Ismet also championed support for FIDO-compliant ID badges, enabling password-free, touch-free, tap-and-go experience for modern access, both for physical and logical access. With his vast sales experience and ability to build global sales teams, Ismet leads from the front as Veridium moves into its next chapter of growth.

An Outstanding Approach

Veridium believes that the future of digital interaction should require no credentials. It stands firm on all passwords to be eliminated from user experience and wants identity theft, fraud, and phishing to go the way of the old. It is all possible if there is a shift from authentication into recognition by employing not just the three factors but bringing in rich context around behavior, location, and action. When applied intelligently, there will increase security while elevating the user experience.

Veridium created an identity platform to solve this problem. Its platform is a collection of capabilities that work together to make authentication simple, secure, and most importantly, transparent, and user-friendly. These capabilities are:

  • Supporting a large variety of authenticators and striving to support legacy authenticators, modern authenticators, and of course, its own in-house authenticators. This approach is important because it allows for easy adoption, easy migration, and no rip and replaces. It supports the end-users where they are comfortable.
  • Veridium solutions don’t force a user to require a phone or token. Its app-less methods can provide secure multi-factor authentication without having to download any application. Its approach to user biometrics does not insist on specialized hardware; it can enable a windows hello type experience for all users across all devices and operating systems.
  • Its orchestration engine creates a tailored and secure end-user experience by using a variety of inputs about the user, the endpoint, and the context of the task at hand.
  • Veridium then goes beyond the traditional factors used in Multi-factor authentication, by adding context. This context includes user behavior, past vs. present, device biometrics, how the user and device interact, and user location. It then brings its machine learning capability to bear; analyzing behaviour, user-device interaction, and endpoint sensors to craft a living baseline for anomaly detection.
  • Lastly, it integrates with all existing Identity and access control systems so the customer can preserve their investment in capital, people, training, processes. It enables transparent, simple, secure passwordless access to all applications and web services.

Gaining A Competitive Edge

Veridium’s DNA is passwordless. It has designed its authentication platform to eliminate passwords from the ground up. The company’s straightforward solutions make it a preferred choice amongst its customers.

Veridiums supports a large variety of authenticators as it allows for easy adoption, easy migration, no rip, and replacements, making it comfortable for the end-users. The company understands that the users are equally suffering from app fatigue as much as password and account fatigue. That is why it designed an app-less way for users to have strong passwordless authentication.

The company integrates with all existing Identity and access control systems so the customer can preserve their investment in capital, people, training, processes. It goes beyond the traditional factors used in multi-factor authentication by adding context, which includes,

  • A neural net that studies the behavior of normal user/device and user/application
  • Device biometrics to know the user and device interactions
  • User location
  • Network characteristics

Veridium’s approach to using biometrics does not require specialized hardware. Additionally, it is the only vendor to offer tight integration with Citrix, such that its customers can do strong passwordless authentication into their Citrix storefront and applications without the added complexity of Citrix FAS (Federated Authentication Service).

The Technological Overview

We asked Ismet his opinion on the necessity for businesses to align their offerings with newer technological developments, to which he mentions that technology is embedded into and a part of every aspect of business today. Businesses are continuously seeming to increase their spend on technology, and they have high expectations in return. These expectations go beyond compliance. For a business to be compliant, they need to spend the minimum amount necessary. This also means that there is a disconnect between the business and IT/compliance functions.

For a business to align with technological offering and take full advantage of what technology has to offer, it must do the following

  • Make sure there is an actual understanding of the technology and its benefits, aka avoid the “shiny object” syndrome
  • IT leaders must be empathetic to the “We have done it this way, and it has worked.” argument. They need to show how embracing new development can be productive, delightful, easy, profitable, productive.
  • IT leaders need to grasp what the business is trying to accomplish. They truly need to understand the needs of the business.
  • Once the above alignment is reached, a business is the best set up for an improved focus and alignment on business objectives between IT and Business leaders, increased competitiveness, and more efficient utilization of resources at hand.

Making the Most of the Pandemic Impede

Talking about the impact of the pandemic, Ismet expresses that it has accelerated the pace of digital transformation by 3-5 years. This directly translates into an increased number of digital interactions, and authentication underpins every single digital interaction. With this increase in digital transactions, there is a corresponding increase in fraud and the number of help desk calls.

Businesses want to increase their digital presence, but they do not want to deal with an increase in fraud or want their users to have bad user experiences in the name of security. By eliminating the number one root cause of fraud, aka the Password, the team at Veridium helps businesses service their increasing population of digital users without compromising security or user experience.

Plunging into Future

The future of authentication is tied to the future of how a business will be conducted. Remote work, remote onboarding, remote doctor visits are some examples Veridium has seen lately. In short, as businesses transform, they need ways to provide services to their remote digital-first and, in some cases, digital-only customers in a secure yet easy manner.

Ismet asserts, “We will make recognition a possibility for all digital interactions, making the process of authenticating transparent.”