Akamai MFA provides FIDO2 multi-factor authentication without hardware security keys

Akamai Technologies announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication (MFA) without the need to deploy and manage hardware security keys.

Akamai MFA uses a smartphone application that transforms existing smartphones into a hardware security key to deliver a frictionless user experience.

Current MFA approaches that do not use FIDO2 can be easily manipulated and replayed by attackers using phishing or man-in-the-middle attacks.

FIDO2 is the industry standard for delivering secure MFA and is the starting point for passwordless and userless authentication.

To obtain this level of security, enterprises currently need to distribute and manage hardware keys, which adds additional costs and increases complexity.

Akamai MFA is designed to deliver a phish-proof easy-to-use experience for employees using the strongest standards-based authentication method available and via a smartphone application in place of a physical security key.

The solution leverages FIDO2, which provides end-to-end cryptography and a sealed challenge/response flow, allowing enterprises to get the best multi-factor security without additional costs, and provides a simple upgrade path as their authentication needs evolve.

“Standard second factor push notifications are easily compromised unless enterprises deploy and manage hardware security keys, which adds significant complexity,” said Rick McConnell, President and General Manager, Security Technology Group, at Akamai.

“Akamai MFA delivers all of the benefits of FIDO2 standards and uses a phish-proof push on a smartphone that enables enterprises to move to the next-level of MFA security without the need for hardware security keys.”

“When it comes to MFA technologies, push is king; nothing is easier, and adding the phish-proof FIDO2 protection makes it secure,” said Jay Bretzmann Program Director, IDC Security Products.

“Akamai understands the need for low-friction authentication approaches because it’s at the forefront of identity and access technology and increasingly lending expertise to workplace implementations as we all deal with COVID-19 remote employee realities.”

Deployed on the Akamai Intelligent Edge Platform, Akamai MFA can be activated and managed centrally via Enterprise Center with global reach and scale for resilience and performance.

The service integrates with identity providers, including Microsoft Azure AD, Okta, and Akamai’s own Enterprise Application Access.

Additional integrations are supported for Secure Shell (SSH) and Windows Login use cases.