DENVER and BOSTON, June 25, 2018 — Ping Identity, the leader in Identity Defined Security, today announced major enhancements to PingFederate and PingID SDK that improve the authentication flow and make it easier to natively provide adaptive authentication within consumer-facing mobile applications. These enhancements are designed to help enterprises improve customer engagement, while also maintaining a strong security posture.
The Voice of the Connected User Landscape Data published by 451 Research,, an information technology industry analyst firm, states there is a “steady growth in customer willingness to share personal data for something of value.” Yet, at the same time, customers are experiencing angst about data privacy. This is why it’s important for enterprises to balance personalisation with data security in order to drive customer satisfaction. The latest features in the Ping Identity Platform are designed to address these challenges, by optimising this balance to deliver exceptional customer experiences.
What’s New in PingFederate
The latest version of PingFederate delivers significant feature enhancements in authentication policies and provides additional options for user self-service. The release improves authentication flows with support for email ownership verification, CAPTCHA and more. These capabilities help improve the registration and sign-on experience for customers engaging with your brand across multiple channels and devices.
● Email ownership verification. Formerly, enterprises would identity proof customers by having them speak to a company representative. Now, with the email ownership verification functionality, enterprises can take what was once a manual process and make it available online to provide a frictionless customer experience.
● CAPTCHA for login and self-service. Support of CAPTCHA enables PingFederate to reduce the risk of automated malicious attempts to authenticate, change a password, or recover a user account. This new feature reduces the risk of hackers using brute force to access user accounts and helps to further protect customer identities.
● Storage of connected identity attributes. When an enterprise enables their customers to use social login, such as Google, LinkedIn or Twitter, they can now capture additional attributes from a consumer’s profile on that social platform. Also, enterprises have more options with how additional attributes from a consumer's social profile are stored, including storing all attributes from the social provider and optionally deleting them if a user disconnects from that provider. PingFederate’s support for this feature allows consumers to have more personalised interactions with your enterprise to improve their experience.
● Authentication policy administration. With PingFederate’s newly structured authentication policy administration model, enterprises can support simple and complex use cases for single and multi-branded sites from a single solution. This capability enables enterprises supporting multiple user populations or brands to provide a consistent experience to end users across all interactions.
“PingFederate is unique in that it provides a rich set of templates that can incorporate various workflows into an out-of-the-box user interface,” commented Loren Russon, vice president, product management, Ping Identity. “It also makes CIAM deployments easier by taking features from our previous release and extending consumer authentication and self-service capabilities. This includes integrating logins from social providers, supporting self-service registration and profile management, and much more.”
“With PingFederate's latest release, we’ll be able to provide more self-service options for identity verification, which will improve our customer experience for more than 20,000 agencies—while also securing access to personal information,” said Dr. Adrian Mayers, senior director of information security (CISO), Vertafore.
What’s New in PingID SDK
The latest release of PingID SDK and its new, out-of-the-box integration kit to PingFederate provides authentication feature enhancements and makes it easier for enterprises to natively implement adaptive authentication within customer-facing mobile applications.
Features and functionality include:
● Integration kit supports more authentication methods to reach all users. PingID SDK supports a diverse set of authentication methods such as email and SMS, both fully customisable and multilingual one-time passcodes, with support for voice one-time passcodes coming soon. The result means that customers can easily engage with a brand via authentication methods of choice, on their preferred channels, and in their local language.
● Customisable authentication screens. The new PingFederate PingID SDK integration kit directly makes it easier for PingFederate customers to implement authentication within their consumer-facing mobile application. This integration kit includes customisable user interface templates that make it simpler for enterprises to seamlessly engage with their customers.
● Easier provisioning. With the PingID SDK integration kit, enterprises can automatically create, update and remove users within PingID. The integration kit enables enterprises to synchronise user identities and their profile attributes between PingFederate’s user directory and PingID. The automatic provisioning enhancement improves the customer experience, by reducing the lag between profile creation and user access to their associated resources.
● Device registration with external verification. With support for multiple authorization options, enterprises enable existing active users to verify their identities with an external authorisation option. This provides yet another way for users to seamlessly interact with your brand across multiple devices.
Available this month, the combination of PingFederate with PingID SDK enables enterprises to seamlessly create a secure user experience for their customers. To learn more about these product updates, visit www.pingidentity.com.
About Ping Identity | The Identity Security Company
Ping Identity envisions a digital world powered by identity. As the identity security company, we simplify how the world’s largest organisations prevent security breaches, increase employee and partner productivity and provide personalised customer experiences. Enterprises choose Ping for our identity expertise, open standards leadership, partnership with companies like Microsoft, Amazon and Google, and collaboration with customers like Boeing, Cisco, GE, Kraft Foods, Walgreens and over half of the Fortune 100. The Ping Identity Platform allows enterprises and their users to securely access cloud, mobile and on-premises applications while managing identity and profile data at scale. Architects and developers have flexible options to enhance and extend their existing applications and environments with multi-factor authentication, single sign-on, access management, directory and data governance capabilities. Visit www.pingidentity.com
 Source: 451 Research, Voice of the Connected User Landscape, 2H 2017 (http://go.451research.com/consumers-personal-data.html)
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.