Zero-friction MFA stops AI-accelerated phishing attacks in real time and advances the shift from fragmented, static access controls to continuous, risk-aware authorization
CrowdStrike has announced the general availability of FalconID, extending the Falcon® platform with zero-friction, phishing-resistant MFA. Identity is the front line of modern attacks, and this release advances CrowdStrike’s Next-Gen Identity Security leadership with real-time, risk-aware protection against AI-accelerated phishing attacks and credential abuse at the point of authentication. With an intelligent security fabric spanning the identity lifecycle, CrowdStrike eliminates friction, increases productivity, and stops breaches.
“Traditional MFA is architecturally broken. Disconnected from real-time risk signals, it’s blind to emerging threats, susceptible to MFA bypass attacks, and creates unnecessary friction,” said Elia Zaitsev, chief technology officer at CrowdStrike. “FalconID accelerates CrowdStrike’s identity security transformation, moving organizations beyond isolated, static access controls to continuous, risk-aware protection that stops breaches without slowing the business.”
AI-Accelerated Identity Threats As adversaries weaponize AI, the risk, scale, and impact of social engineering and credential abuse increase dramatically. Highly convincing campaigns can be launched by nearly anyone, with attackers routinely bypassing traditional MFA through AI-enhanced phishing, MFA fatigue, and session hijacking. At the same time, friction-heavy MFA slows users to the point organizations often disable it entirely. The future of secure access requires protection that’s informed by real-time risk, adapts as conditions change, and doesn’t slow productivity.
“FalconID accelerates CrowdStrike’s identity security transformation, moving organizations beyond isolated, static access controls to continuous, risk-aware protection that stops breaches without slowing the business.”
– Elia Zaitsev, chief technology officer at CrowdStrike
Unified, Zero-Friction MFA Traditional IAM and PAM were designed to manage access, not stop breaches. Even with MFA, they function as isolated, point-in-time controls – adding friction while lacking the real-time security context to stop AI-accelerated phishing attacks. FalconID reimagines authentication as a seamless, risk-informed experience built directly into the Falcon sensor and delivered through the Falcon for Mobile app. Using real-time Falcon platform risk signals, it determines when access is safe and when it’s not, without forcing users through unnecessary steps. FalconID eliminates friction without compromising security, transforming identity and access management at the speed of AI. Falcon® Next-Gen Identity Security already secures the full hybrid identity lifecycle across human, non-human, and AI agent identities – spanning initial access, privileged access, identity threat detection and response (ITDR), and SaaS identity security. With the acquisitions of SGNL and Seraphic, CrowdStrike eliminates standing privileges and continuously secures interactions from the endpoint, through browser sessions, and into the cloud – starting at the point of authentication with FalconID.
Key features and benefits include:
- Security-First Authentication: FalconID continuously evaluates Falcon platform risk signals across identity, endpoint, device, and behavior to determine when access is safe – and when it’s not. When certainty is high, users authenticate transparently. When risk changes, access adapts automatically.
- Zero-Friction, Device-Bound Verification: Eliminates passwords, push notifications, and one-time codes through FIDO2-based biometric authentication that requires verified physical
proximity between the MFA device (mobile) and authentication device (laptop, workstation) to approve access.
- Unified Architecture: Delivered through the Falcon for Mobile app, FalconID verifies the user and device in real time – without redirects, third-party integrations, or bolt-on controls that create protection gaps and slow users down.
· Next-Gen Identity Security Transformation: As the browser becomes the new endpoint, FalconID delivers passwordless browser authentication through Seraphic, extended by SGNL’s Continuous Access Evaluation Protocol (CAEP)-driven enforcement integrated into Falcon® Fusion SOAR. This continuously adapts access, eliminates standing privileges, protects users and interactions from first authentication through execution, and secures downstream systems as risk changes – without slowing users down.
