Nok Nok Labs’ (NNL™) Multifactor Authentication Server (MFAS) is a next-generation authentication framework designed not only to serve the needs of today’s users, devices, and applications but also to better respond to current and emerging threats. Unlike current proprietary solutions, MFAS is a standards-based platform that leverages an open authentication ecosystem. From mobile apps to consumer internet applications to federation systems to internal enterprise applications, MFAS simplifies and streamlines authentication.

MFAS integrates into your infrastructure and offloads the authentication function. It complements federation by providing “first-mile authentication” – authenticating the user at the point of entry to the online service. MFAS integrates with popular federation systems, providing strong authentication for SAML and OpenID-based infrastructure. MFAS can also integrate with risk-scoring engines, triggering additional authentication actions when anomalies are detected.

Learn More >

Any application. Any device. Any authenticator.


MFAS redefines authentication as we know it. MFAS allows you to support any FIDO ReadyTM authentication method on any device for any application. With MFAS, you can respond to new requirements, new use cases, and new threats by simply changing policy configurations. MFAS takes care of the rest. By combining industry standards with an innovative plug-in architecture, MFAS brings unprecedented flexibility and scalability to your authentication infrastructure.


With MFAS, you can serve the needs of all your applications, devices, and users from a single platform. MFAS unifies authentication silos and minimizes redundancy. It reduces the cost and complexity of authentication, allowing users to authenticate with their existing device. It makes authentication simple – not just for users, but for organizations too.

Learn more >


MFAS plugs into your applications and lets you choose which authentication method is suitable for each device, user, session, and transaction. MFAS can even integrate with your risk engine and dynamically vary authentication factors for each transaction, based on the risk involved. For riskier transactions, you can use step-up authentication by adding and combining factors for greater security.

Evaluate >


MFAS uses proven public-key cryptography standards for greater security. This mitigates many kinds of threats, such as phishing and dictionary attacks, by reducing the need for users to remember secrets such as passwords. It also eliminates the need to store passwords and other secrets on servers. Instead, secrets are stored in the user’s devices, where they can be protected by secure hardware. This design makes it difficult for attackers to perpetrate large-scale attacks and substantially reduces or eliminates entire classes of threats. MFAS segments risk so that successful attacks in one application do not affect other applications, thereby limiting the spread of attacks. Its architecture allows you to quickly respond to entire categories of attacks by easily switching out authentication methods.


MFAS is a FIDO Ready server built using standards created by the Fast IDentity Online (FIDO) Alliance. A growing number of device OEMs are building support for FIDO into their devices and authentication mechanisms, enabling off-the-shelf interoperability with FIDO Ready servers. This FIDO ecosystem manages upgrades, builds support for new authentication technologies and devices, tests for compatibility implementations, and reviews the security of FIDO systems. Nok Nok Labs’ MFAS is the only product in the marketplace that has achieved both the password-replacement and password-augmentation modalities of FIDO, letting you benefit from the innovation of the entire FIDO ecosystem with virtually no effort.