Ping Identity completes Keyless acquisition

Ping Identity completed its acquisition of Keyless, adding privacy-preserving biometric authentication and re-verification to address AI-powered spoofing and fraud.

The company said the transaction strengthened its identity platform and expanded access to device-independent, cryptographically protected biometric authentication and re-verification to help counter increasingly sophisticated AI-driven attacks.

Keyless' Zero-Knowledge Biometrics re-verified the originally verified person with a single glance and performed re-verification in under 300 milliseconds, using cryptographic techniques that ensured biometric data was never stored in a retrievable or reconstructable form and removing the need for a dedicated device.

The organizations combined capabilities across customer, workforce, and B2B identity use cases; Keyless technology bound a user to one or more devices and could re-verify different users on a shared device, enabling re-verification where traditional Multifactor Authentication (MFA) could fall short.

“AI is accelerating identity-based attacks. Authentication must be resilient and simple to use, while simultaneously ensuring the originally verified user is who they say they are” said Andre Durand, CEO and Founder of Ping Identity. “Joining Ping Identity is a major milestone for our team and technology. Zero-Knowledge Biometrics allow organizations to re-verify the originally verified identity across the entire journey—onboarding, access, step up, and recovery—without ever exposing biometric data. Together with Ping, we can deliver that level of protection at a global scale.” said Andrea Carmignani, CEO and Co-Founder of Keyless.

Keyless technology was made available to customers, financial terms of the transaction were not disclosed, and the companies said the combined capabilities would support continuous identity assurance across the identity lifecycle, prevent account takeover and fraud with camera-based re-verification, deliver passwordless MFA and Single Sign-On (SSO), provide re-verification in under 300 milliseconds, protect account creation and recovery, and support General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), eIDAS 2.0 and PSD3 compliance.