Today I’m excited to announce a new product that the Ionic team has been working hard on over the last few months: Ionic Identity Vault. Identity Vault improves frontend security for any of your Ionic apps by making it easy to add secure biometric authentication in minutes, using the latest in native security best practices.
It all started after we met with a number of large enterprise development teams who had the same complaint: “frontend security is painful and we don’t even know if we’re doing it right”. Specifically, what’s the best way to enable secure biometrics like FaceID and TouchID, and how do we safely secure authentication tokens on a device?
That started us on a journey to find the answers that ultimately led to Identity Vault.
What’s at stake when it comes to frontend security?
If a device falls into the wrong hands and an app is left running or a security token is compromised, users could be vulnerable to data loss and unauthorized access to their accounts. That could be really bad for users, and even worse for the integrity of your backend systems and data.
Bottom line: If you’re storing tokens on-device (from any backend auth service), you need to protect your users at the device level. Ionic Identity Vault solves that by providing out-of-the-box enterprise grade frontend storage and session features.
Why Identity Vault?
It turns out that many frontend authentication workflows use unsecure practices like storing tokens unencrypted (such as in LocalStorage) or using weak authentication logic (such as using disparate Cordova plugins) that are easily compromised.
Identity Vault keeps users protected with the latest in multi-layer native security and best practices for storing authentication data on-device. You can boost your app security by adding Vault to any new or existing Ionic apps in minutes.
Identity Vault offers secure enterprise-grade storage out-of-the-box.
What You Get with Identity Vault
Identity Vault is built and supported by Ionic’s native mobile experts. It offers the latest in biometric authentication, using powerful encryption to securely store tokens at-rest. Always-on Session Management safeguards users even when they’re not using the app, combining background screen protection with automatic logout when the app is inactive.
Identity Vault is a subscription service that includes ongoing maintenance and updates to keep your apps secure and compatible with the latest iOS and Android versions. It works on the frontend of your app and is compatible with any backend service provider, such as AWS or Azure.
Identity Vault also brings over a dozen native APIs together under one plugin roof. Built and maintained by the Ionic team, it’s programmed utilizing security APIs and best practices straight from Apple and Google.
Out of the box, you’ll get:
- Native security that protects user data from ever leaving the device
- Safe, private, and encrypted storage of authentication tokens and other sensitive information
- Agnostic backend design works with any authentication provider or custom API
- Always-on Session Management to keep your users protected at all times
- Modular, easy to consume service that integrates with any new or existing Ionic apps
- Ongoing updates and maintenance, backed by Ionic’s mobile experts
- Developer-friendly docs, tutorials, and videos to get you started
- Advisory services and mission-critical support SLAs available
Identity Vault is now available for purchase. If you’d like to learn more about how Identity Vault is helping other enterprises make their apps more secure, reach out to sales to schedule a private demo and get customized pricing based on your needs.
You can also join our Identity Vault webinar where we’ll go over the entire service from top to bottom: