
AffirmID
Introducing AffirmID, a new low code fraud prevention solution that also reduces friction through passwordless login from any device – and native to ForgeRock.
Your biggest challenges – solved

Increases in service registrations
(66% of users walk away if registration is too complex).

Fewer data breaches
(80% of all breaches are due to weak passwords).

Large help desk cost savings
(up to 50% of help desk calls are password resets, costing $70+ each in labor).

Reduces fraud across high-risk transactions
every transaction is authenticated and signed by the customer’s private key).

Inherently unsafe passwordbased authentication wiped out
(potentially saving you millions every year)

Fewer abandoned transactions
(92% of users abandon websites rather than recover/reset passwords).

The easy way to secure your business – and your customer’s loyalty
Enable passwordless verification of your customer identities from any device and digitally sign high-risk transactions with AffirmID.
Secured with PKI


Low annual license fee
Simple self-maintenance


Low code for fast and seamless deployment
Complies with FIDO





Uses public/private key pairs secured by biometrics to authenticate customers and digital transaction signing to prevent fraud.
Secured with PKI

Guaranteed Transaction Integrity
AffirmID prevents message tampering by placing transaction details within the secure JWT.

Online and Offline Use Cases
AffirmID supports multiple use cases from both primary devices (registered) and secondary (unregistered) devices.
Affirm (verb): To declare positively; assert to be true.



“With an aggressive timeline and limited budget, Midships’ unique proposition – underpinned by its accelerators and knowledge of containerized architectures – gave us the confidence to choose them. It was a decision well made.”
- Alfonso Tambunan, CTO, Bank Jago
CASE STUDIES
Trusted by the world's leading organizations
View all case studies


HOW DOES IT WORK?
A safe and secure proven process.
-
When making a high-risk transaction such as a payment, the user first reauthenticates locally to verify their identity.
-
Using their private key, the transaction is signed and sent to the IDAM service.
-
The IDAM service validates the transaction using the associated public key and issues a JWT token containing the payee and amount.
-
Your app sends the new token to the business service for processing.

UNDERSTANDING PKI TECHNOLOGY
The foundations of risk-free transactions and passwordless logins.
When a customer registers, your app generates a unique public/private key pair. The private key is stored on the customer’s device hardware, while the public key is sent to the IDAM platform.

ONLINE, OFFLINE OR OUT OF BOUND
Complete passwordless logins for the easiest user experience
Using PKI, ForgeRock authenticates the customer’s identity using the customer’s public key. QR codes make offline logins simple and straightforward.