HYPR – True Passwordless MFA

Additional Info

CompanyHYPR
Websitehttp://www.hypr.com
Company size (employees)100 to 499
Headquarters RegionNorth America

Overview

HYPR fixes the way the world logs in by eliminating the trade-off between security assurance and frictionless, consumer-grade experience. HYPR’s passwordless multi-factor authentication (PMFA) provides organizations with the strongest level of access protection while delivering the frictionless user experience they’ve come to expect in their lives as consumers. HYPR’s phishing-resistant PMFA platform complies with security and data privacy regulations and conforms to FIDO standards from end to end. FIDO-based
authentication is considered the gold standard by CISA and plays a central role in Zero Trust architectures.

HYPR delivers True Passwordless MFA for both the workforce (WF) and for customers, also known as strong customer authentication (SCA). For modern CISOs, CIOs, COOs, IAM, IS and IT leaders, the cost-benefit ratio is key because it presents your organization with a level of efficiency, cost savings, and ease of use that was previously unachievable.This “completeness of vision” product offering covers all use cases and ensures the highest levels of phishing resistant security across all user populations including to customers, employees, partners, and contractors.

HYPR has a proven track record with deployments in some of the most demanding and secured organizations in the world including finance and banking, critical infrastructure, government, nonprofit and much more. At HYPR, we understand organizations must address attack vectors to protect both workforce and consumer users. Evolve beyond legacy MFA and outdated security models. Let’s fix the way the world logs in.

How we are different

(a) Complete elimination of shared secrets- HYPR completely eliminates passwords and other shared secrets with its passwordless authentication approach. A private key is stored in the TPM on a user’s device while a public key is securely stored in the HYPR cloud. Authentication is initiated by the user and executed via challenge and signature, with passwordless MFA into desktops, VPN and SSO. As a result, there is no compromisable push to the device, no passwords, no one-time
passwords (OTPs), no SMS — no shared secrets that can be breached, hacked or phished.
(b) Secure, device-centric MFA: HYPR turns an ordinary smartphone into a secure FIDO authenticator. Users confirm their identity through secure on-device methods such as Touch ID or Face ID. The process is inherently multi-factor as it involves both something you possess (the smartphone) and something you are (the biometric verifier). It also works with smartcardssecurity keys and other FIDO-compliant authenticators as alternative or supplemental options. HYPR fundamentally changes the economics of an attack as a successful attack requires the defeat of each and every device rather than a single, centralized credential database.
(c) Eliminate push attacks, phishing and account takeover by putting the user in control - Every login is initiated by the user and starts on their own device. This means every login is a deliberate, conscious act, is phishing-resistant, and leverages the device’s security. There are no back-end shared secrets or fallbacks to a password. This stands in contrast to traditional MFA, which is easily bypassed, easily phished, can confuse users and leads to push fatigue attacks.