May 7, 2024
Premise Health and Badge Tackle the Threat of Stored Credentials with Badge’s Privacy-Preserving Authentication
SAN FRANCISCO, MAY 7, 2024 – Badge Inc., the award-winning privacy company enabling Identity without Secrets™, today announced integration with Premise Health, the world’s leading direct healthcare provider and one of the largest digital providers in the country, to tackle the threat of stored credentials with privacy-preserving authentication from Badge. Premise Health has over 800 locations, delivering care through its Digital Wellness Center and onsite, nearsite, mobile, and event solutions. Premise Health Chief Information Security Officer (CISO), Joey Johnson, selected Badge as an industry first to enable security, scalability, and ease of use during this time of digital transformation across the healthcare space. Badge ensures the highest level of data privacy and security, clinical efficiencies and enables implementation of global governance strategies at scale.
Badge decreases vulnerable attack surfaces that are the root cause of increasing data breaches. Badge eliminates the need to store personally identifiable information (PII) in the authentication process. Its patented solutions let users derive keys on the fly from their own cryptographically-verified credentials, including biometrics like face or fingerprint – without ever storing those credentials or other secret data. There are no secrets to steal.
Johnson commented: “More than a feature or product, Badge is a paradigm shift that inspired us to rethink our approach by empowering us to pivot identity down to the actual individual, instead of relying on high-target identity stores to safeguard user credentials. With Badge, the opportunity is to not have to directly store any of the biometric information, which supports both our digital transformation journey and compliance with global regulations.”
Data breaches within healthcare are notoriously the worst. In 2023, data breaches in healthcare alone were the most costly for the 13th year running, averaging $11M per attack and impacting over 144 million users in the U.S. Incidents like the United Healthcare ransomware attack, which were exacerbated by manual authentication and account recovery methods, continue to demonstrate the vulnerability of relying on help desks and backend systems to regain access to stored credentials.
In addition to empowering users to control their own access to services and how their data is shared, Badge eliminates complicated workflows for doctors and clinicians, making switching between systems seamless, even when authenticating on shared workstations and on iPads between patient rounds. Healthcare providers frequently move from site to site, room to room, across different computer systems – requiring them to authenticate over and over again. This repeated complexity takes away time from the patient, reduces efficiency for the provider, and makes for a frustrating experience. Badge drives tangible, meaningful metrics in healthcare, from driving down support costs by eliminating password resets and token management, to providing more time between doctors and patients.
“At Premise Health, one of the great things we observed with Badge was the ease-of-integration into key pieces of our existing technology stack. Badge solves a big need without a heavy lift. You don’t have to re-architect workflows. The technology seamlessly plugs into and complements the solutions that we have in our stack,” continued Johnson. Badge provides zero-code integration with open standards like OAUTH 2 OIDC, SAML, FIDO and TLS, and offers out-of-the box partnerships with Ping, Okta/Auth0, Radiant Logic, and others.
“Premise Health is a known innovator and leader in patient care and data privacy,” said Dr. Tina P. Srivastava, Co-founder of Badge. “Their dedication to prioritizing the safety and security of patients and clinicians with Badge is forward-thinking and admirable. The innovative work by Premise Health’s CISO, Joey Johnson, is raising the bar for other healthcare providers by delivering data protection and privacy with previously impossible workflows.”
To learn more about Badge, visit https://www.badgeinc.com/.
About Badge Badge enables privacy-preserving authentication to every application, on any device, without storing user secrets or PII. Badge’s patented technology allows users to derive private keys on the fly using their biometrics and factors of choice without the need for hardware tokens or secrets. Badge was founded by field-tested cryptography PhDs from MIT and is venture-backed by tier 1 investors. Customers and partners include top Fortune companies across healthcare, banking, retail, and services. Learn more at www.badgeinc.com.