FIDO2 / Passkey Authentication Platform

Keyper.

Eliminate authentication risk — by design, not by effort.

No passwords means nothing to steal. No OTPs means nothing to intercept. Keyper is a FIDO2/Passkey-ready Zero Trust identity management platform. Trusted by Taiwan's Ministry of National Defense, major financial institutions, and semiconductor manufacturers. Aligned with NIST SP 800-63B AAL3 and Japan METI SCS.

FIDO2 / WebAuthn Zero Trust Ready SSO / MFA Unified On-Premises Ready Made in Taiwan

Request a Free Demo Download Brochure

7,000/sec

Password attacks per second
Automated brute-force is accelerating

Source: Microsoft Digital Defense Report 2024

83%

Of cloud breaches caused by
stolen or abused credentials

Source: Google Cloud Threat Horizons Report H1 2026

30sec

Time for AiTM attack to
steal a one-time password

Source: CISA Phishing-Resistant MFA Fact Sheet

Critical Risk

"We already have MFA" — but you are not safe

SMS, email, and push-based OTPs are bypassed in under 30 seconds by AiTM (Adversary-in-the-Middle) attacks. Authentication strength is determined by design, not complexity.

Password + OTP (Legacy MFA)

Phishing sites instantly relay OTPs — account compromised in under 30 seconds

Credential-stuffing attacks breach accounts automatically at massive scale

SMS and push notifications are vulnerable to interception, spoofing, and SIM swapping

Password DB exists on the server — one breach exposes every account

Over 50% of passwords are reused — one leak cascades across all systems

NIST and CISA explicitly no longer recommend non-phishing-resistant MFA

Keyper (FIDO2 / Passkey Authentication)

Public-key cryptography — no secrets ever traverse the network

Phishing sites cannot trigger authentication (domain mismatch = key failure)

No password exists to steal — breach of a password DB becomes impossible

Biometric signing on-device — full AiTM and man-in-the-middle immunity

NIST SP 800-63B AAL3 / CISA-recognized "gold standard" phishing-resistant MFA

Fully aligned with METI SCS and Japan MoD RMF authentication requirements

Why Now

Why you cannot afford to delay

Regulatory pressure, escalating attacks, and supply-chain mandates are converging simultaneously. There is no justification for postponing action.

Japan METI SCS — Applies Across the Entire Supply Chain

The same authentication standard is now required from prime contractors down to every subcontractor. A weak authentication link anywhere in your supply chain collapses security everywhere.

NIST SP 800-171 / CMMC Level 2 Compliance Is Mandatory

Defense, aerospace, and government procurement suppliers must fully implement all 110 controls. Keyper covers all 15 authentication-related controls in a single deployment.

Former Employees Still Have Active Access — Right Now

Residual access after project completion or termination is one of the most common breach vectors. Keyper's Kill Switch instantly revokes access the moment it's no longer needed.

Attackers Always Exploit the Weakest Entry Point

No matter how strong your own defenses are, a lower-tier supplier with weak authentication provides a direct path in. Unified protection across your entire supply chain is non-negotiable.

ISO/IEC 27001 Audits Now Require Stronger Authentication Controls

Keyper addresses A.8.2 (Privileged Access Rights) and A.8.3 (Information Access Restriction) — directly satisfying audit requirements with automatically generated evidence.

It's Not If a Breach Occurs — It's When

Post-incident response costs tens of times more than prevention. Hardening your authentication infrastructure today delivers the highest ROI in your security investment portfolio.

Solution

The 4 pillars that eliminate authentication risk by design

Not making passwords "harder" — eliminating them entirely. That is Keyper's foundational approach.

FIDO2 / Passkey Authentication

Public-key cryptography ensures no secrets travel over the network. Fully immune to phishing and AiTM attacks. NIST AAL3 compliant.

Unified EIAM Platform

SSO, MFA, RBAC, IGA (identity governance), and audit logs unified in one platform. Automated lifecycle management from onboarding to offboarding.

Seamless Existing System Integration

Integrates with existing on-premises and cloud systems via SAML 2.0, OIDC, LDAP, OAuth2, and RADIUS. Supports M365, SAP, ERP, and more.

Supply Chain Unified Authentication

Apply uniform security policies from prime contractors to subcontractors. Instant access revocation (Kill Switch) on contract termination or departure. Full CUI protection support.

Features

Keyper Capabilities

01 — Authentication

True Passwordless Authentication
FIDO2 / Biometrics

Supports fingerprint, facial recognition, hardware tokens (FIPS-compliant), and smart cards. Private keys never leave the device — no credentials traverse the network. Phishing, AiTM, and brute-force attacks become structurally impossible. Password reset helpdesk burden is eliminated entirely.

FIDO2 WebAuthn Passkey Biometrics FIPS 140-2 NIST AAL3

Phishing-resistant

Full AiTM immunity

Zero passwords

Device-bound signing

02 — Integration

Flexible System Integration
Single Sign-On (SSO)

Full support for OpenID Connect, SAML 2.0, LDAP, OAuth2, and RADIUS. Integrates with Windows RDP, Linux SSH, macOS, Citrix, VMware Horizon, M365, SAP, ERP, and internal portals — with minimal changes to existing infrastructure. Employees access every system with one identity.

SAML 2.0 OIDC LDAP OAuth2 RADIUS Microsoft 365 SAP

Windows / macOS / Linux

M365 / SAP / ERP

Citrix / VMware

On-prem & Cloud

03 — Governance

Identity Lifecycle Management
& AD Integration (IGA)

Automatic provisioning and deprovisioning via Active Directory and HR system integration — from first day to last. Access rights are modified or revoked instantly on transfer, secondment, or departure. The most common breach vector — lingering accounts of former employees — is structurally eliminated.

Active Directory IGA RBAC Auto-Provisioning Kill Switch

Access on day one

Instant departure revoke

Transfer auto-sync

Least-privilege enforced

04 — Compliance

RBAC, Audit Logging
& Compliance Automation

Least-privilege policies automatically applied by role, department, and risk level. Real-time authentication log visibility and automated audit report generation — covering NIST SP 800-171, CMMC, ISO 27001, and Japan MoD RMF requirements. Compliance evidence is generated automatically, dramatically reducing audit workload.

NIST SP 800-171 CMMC ISO 27001 Audit Logs Real-time Visibility

Real-time auth logs

Auto audit reports

Anomaly detection

Compliance evidence

Compliance

Aligned with major security standards & frameworks

Keyper supports compliance with the world's leading security regulations and certification frameworks — generating evidence automatically.

NIST SP 800-63B

AAL2 / AAL3
Phishing-resistant MFA

NIST SP 800-171

All 15 authentication
controls covered

CMMC Level 2

IA/AC/AU domains
Auto-generated evidence

ISO/IEC 27001

A.5.15 · A.8.2 · A.8.3
Access control coverage

METI SCS

Supply Chain Security
Evaluation System (Japan)

Japan MoD RMF

NIST SP 800-37 Rev.2
Risk Management Framework

FSA Guidelines

2.3.1 Authentication &
Access Management

Healthcare Security GL

MHLW Guidelines
Identity & Access Controls

Proven Track Record

Government · Defense · Finance · Manufacturing — the most demanding environments

Not theoretical. These are live deployments operating under the world's highest security standards.

Government

Taiwan Ministry of National Defense

Unified authentication infrastructure across multiple government ministries. Migrated all personnel — including legacy systems — to FIDO2-based access. Military system authentication substantially hardened.

SSO unified across 30+ agencies

Defense & Aerospace

Defense Industry Supply Chain

Full NIST SP 800-171 compliance across the supply chain. Subcontractor authentication levels elevated to match prime contractor standards — closing the weakest-link vulnerability.

100% NIST SP 800-171 compliant

Semiconductor

Major Semiconductor Manufacturer

Strict access controls applied to design IP. Immediate revocation of access upon employee or contractor departure. Zero Trust realized across factory environments.

Zero residual access after departure

Financial

Bank & Financial Group

Centralized SSO and MFA across multiple business systems. Significantly strengthened employee and customer authentication. Account takeover via phishing completely eliminated post-deployment.

Zero phishing incidents after deployment

Healthcare

Medical Corporation Group

Passwordless login to electronic medical records implemented. Authentication friction for medical staff eliminated while unauthorized access to patient data was fully prevented.

Telecom & Data Center

Telecom Carrier / IDC Server Room

Integrated with Cisco ISE, TACACS, and RADIUS — two-factor authentication and role-based access controls enforced in server rooms. Internal fraud and impersonation fully prevented.

Network access fully visible and controlled

Benefits

8 reasons to choose Keyper

Complete Phishing & AiTM Immunity

FIDO2 public-key cryptography makes authentication physically impossible on phishing sites. Not "working hard to block attacks" — making them structurally impossible.

Unified Identity via SSO

Access every system — on-premises, cloud, or legacy — through a single identity. Reduces management costs and user friction simultaneously.

Instant Access Revocation

AD and HR integration automatically removes access rights at the moment of departure or transfer. Eliminates the most pervasive breach vector — former employee accounts — permanently.

Automated Compliance Evidence

Evidence for NIST, CMMC, ISO 27001, and SCS requirements is generated automatically by the system. Audit workload is dramatically reduced.

Supply Chain Unified Protection

Apply the same security policy from prime contractors to every tier of subcontractor. Keyper provides a unified authentication foundation that crosses organizational boundaries.

Zero Password Reset Overhead

No passwords means no resets. Helpdesk tickets, IT support burden, and user frustration all disappear — freeing your team to focus on what matters.

OS & Network Device Login Integration

Windows, macOS, Linux, Citrix, VMware Horizon, and network devices from Cisco, Fortinet, and Palo Alto — all managed through one unified authentication platform.

On-Premises & Cloud Ready

Deploy alongside your existing Active Directory environment. Consistent authentication policy across hybrid environments — before, during, and after cloud migration.