A new decentralized identity management system from Ping Identity promises fewer headaches and more robust security. Credit: iStock Ping Identity, a Colorado-based IAM software vendor, is making a new product, PingOne Neo, available in a limited early access program. PingOne Neo is designed as a decentralized platform, as opposed to the heavily federated systems commonly in use. It allows for data decentralization, storing credentials and keys on the user’s mobile device, and lets credentials be issued using a wider range of identity proofs, instead of particular government-issued ID.It works something like a wallet, according to the company. End users request a credential from an issuing organization, which is cryptographically signed and verifiable. That credential becomes a part of the user’s “digital wallet,” and works like a ticket into whatever system or application it is designed to access. PingOne Neo also supports other identity standards that are popular in the market, including OpenID, ISO and W3C.ID management technique limits attack surfaceThis identity management technique also improves security by limiting the attack surface for bad actors, according to Ping. Pre-set integrations between the various identity back-ends used for verification represent potential targets for malicious hackers, the company said. Neo proects against this by checking credentials using minimal necessary identification, which means that less sensitive data is stored and transported. “Organizations spend significant time and money obtaining and verifying information from customers and employees, then attempt to determine access, entitlements, and authorizations to remain secure and compliant,” said Ping CEO Andre Durand in a press release. “Neo eliminates the manual resource burden from businesses while empowering individuals with their own data, reducing threats of fraud or identity theft while increasing privacy.” It’s a strong move for Ping, according to IDC Research Vice President Jay Bretzmann, who noted that the company’s embrace of open standards for this type of “digital wallet” bodes well for interoperability and personal control over privately identifiable information.“It’ll be a few years before centralized identity providers … start seeing much of an impact to those businesses,” he said via email. “But in the end, users walk away with a ‘win’ over controlling what personal data gets shared.” Sign-ups for the early access version of PingOne Neo are available here. Related content interview Strong CIO-CISO relations fuel success at Ally CIO Sathish Muthukrishnan and CISO Donna Hart have forged a partnership steeped in Ally’s culture of radical candor that keeps the financial services firm secure and innovative. By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership news Zscaler shuts down exposed system after rumors of a cyberattack Initially dismissing rumors, Zscaler now says it did have a system exposed but nothing important has been accessed. By Shweta Sharma May 09, 2024 3 mins Data Breach Cyberattacks news Palo Alto launches AI-powered solutions to fight AI-generated cyberthreats The suite is powered by Palo Alto’s proprietary solution, Precision AI, which integrates machine learning, deep learning, and generative AI technologies. By Prasanth Aby Thomas May 09, 2024 3 mins Generative AI Security Software news F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover Two high-risk vulnerabilities could allow attackers to gain full administrative control on devices via leaked password hashes. By Lucian Constantin May 08, 2024 5 mins Threat and Vulnerability Management Cloud Security Vulnerabilities PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe