TL;DR: Identity proofing and passwordless authentication are moving into the security perimeter, while autonomous AI use raises the stakes for verified identity controls, according to 1Kosmos. 1Kosmos says its $57M Series B, bringing total funding to $72M, follows 3x revenue growth, FedRAMP High authorization, NIST 800-63-3 certification, and a Microsoft partnership for external authentication methods.
NHIMG editorial — based on content published by 1Kosmos: $57M Series B funding and the company's digital identity outlook
By the numbers:
- 1Kosmos announced $57M in Series B funding, bringing total funding to $72M.
Questions worth separating out
Q: How should security teams evaluate passwordless authentication in high-risk environments?
A: They should evaluate passwordless on the strength of the identity proofing, device binding, recovery, and step-up controls around it.
Q: Why do identity proofing and authentication need to be governed together?
A: Because authentication only confirms a claimed identity that was created earlier in the lifecycle.
A: They should prioritise stronger verification when account takeover, fraud, or regulated access are material risks.
Practitioner guidance
- Reassess identity proofing strength Validate whether enrollment, recovery, and step-up checks can resist impersonation, replay, and social engineering.
- Map passwordless to assurance outcomes Do not treat passwordless as a standalone programme.
- Review regulated identity dependencies If your programme operates in regulated or public-sector contexts, test whether FedRAMP High and NIST 800-63-3 requirements are reflected in operational design, not just in audit documentation.
What's in the full analysis
1Kosmos' full article covers the funding, partnerships, and product context this post intentionally leaves at the strategic level:
- The investor mix and why founder participation changes the read-through for market confidence
- The company’s stated growth metrics, certifications, and procurement milestones in more detail
- The product and go-to-market expansion plans tied to government, healthcare, and manufacturing
- The specific identity proofing and passwordless capabilities that underpin the funding narrative
👉 Read 1Kosmos' funding update on verified digital identity and passwordless authentication →
Verified digital identity funding: what it means for IAM teams?
Explore further
Verified identity is becoming a core security control, not just an access experience. The funding round signals that buyers now see identity proofing and passwordless authentication as part of security architecture, not a user convenience layer. That matters because fraud resistance and access control are converging in the same control plane. Practitioners should treat identity assurance as a design requirement for both human access and machine-mediated workflows.
A few things that frame the scale:
- 90% of IT leaders say properly managing NHIs is essential for a successful zero-trust implementation, according to Ultimate Guide to NHIs.
- 80% of identity breaches involved compromised non-human identities such as service accounts and API keys.
A question worth separating out:
Q: What is the difference between passwordless authentication and identity proofing?
A: Passwordless authentication changes how a user proves possession at sign-in, while identity proofing establishes who that user is before credentials are issued. One is an access ceremony, the other is a trust foundation. Organisations need both, because removing passwords does not compensate for weak enrollment or recovery processes.
👉 Read our full editorial: 1Kosmos funding signals rising demand for verified digital identity