How does this acquisition compare to recent acquisitions by major competitors such as Duo, Okta, or Ping Identity? | OSPN (Aug 06, 2025) | Candlesense
OSPN

How does this acquisition compare to recent acquisitions by major competitors such as Duo, Okta, or Ping Identity?

Context – OneSpan’s acquisition

  • Target: Nok Nok Labs, a developer of FIDO2‑based, password‑less authentication software.
  • Rationale (as quoted by Victor Limongelli): A “targeted, technology‑driven acquisition with proven product‑market fit” that broadens OneSpan’s authentication reach and strengthens its overall product portfolio.
  • Strategic fit: Complements OneSpan’s core identity‑verification, e‑signature, and fraud‑prevention solutions by adding a modern, password‑less, standards‑based authentication layer that can be bundled with its existing suite for enterprise customers seeking zero‑trust and low‑friction user experiences.

How this compares to recent acquisitions by the three major competitors

Company Recent acquisition (2021‑2024) Deal size* Primary capability added How it aligns with the company’s strategy How it differs from OneSpan’s Nok Nok Labs deal
Cisco (Duo Security) Duo Security (2021) – a cloud‑based identity‑verification and access‑management platform that provides two‑factor authentication, device health checks, and adaptive authentication. ~US $2 billion Strengthened Cisco’s Zero‑Trust Network Access (ZTNA) and broadened its security‑as‑a‑service portfolio. Cisco was buying a complete, widely‑adopted MFA platform to embed into its broader networking and security stack, giving it a front‑line identity‑trust capability that could be cross‑sold with its SASE, firewall, and VPN products. Scale & breadth: Duo is a full‑stack MFA solution with a massive enterprise user base; OneSpan’s purchase is a niche, password‑less technology that will sit under OneSpan’s existing e‑signature and fraud‑prevention suite rather than becoming a standalone access‑control platform.
Okta Auth0 (2023) – a developer‑centric identity platform that provides authentication, authorization, and user‑management APIs, with strong support for social logins, custom rules, and extensible SDKs. ~US $6.5 billion Added a developer‑friendly, API‑first identity layer that expands Okta’s reach into the “identity as code” market and deepens its integration with modern app ecosystems. Okta’s strategy has been to cover the entire identity lifecycle (from workforce to consumer) and to become the de‑facto identity platform for developers building new applications. Auth0 gave Okta a powerful, highly extensible authentication engine that can be embedded anywhere. Target audience & product depth: Auth0 is a broad, programmable identity platform for developers; OneSpan’s acquisition is a focused, standards‑based password‑less component that will augment its existing verification suite rather than create a new developer‑centric identity stack.
Ping Identity SecureAuth (2022) – an on‑premise and cloud‑based adaptive authentication solution that supports risk‑based authentication, step‑up challenges, and a range of credential types (OTP, push, biometrics). Undisclosed (private‑equity‑backed) Bolstered Ping’s adaptive, risk‑based authentication capabilities and gave it a stronger foothold in regulated, high‑security verticals (banking, healthcare). Ping has been building a comprehensive identity‑and‑access management (IAM) suite that can serve both workforce and customer use cases, with a focus on flexible, policy‑driven authentication. SecureAuth added depth in adaptive, contextual authentication. Technology focus: SecureAuth is an adaptive, risk‑engine that still relies on traditional credentials (OTP, push, biometrics) and policy‑based flows. OneSpan’s Nok Nok Labs deal is specifically about FIDO2 password‑less authentication, a different technical direction that emphasizes public‑key cryptography and standards‑based, password‑elimination rather than risk‑based credential challenges.

*Deal sizes are based on publicly reported figures; the OneSpan‑Nok Nok Labs transaction size has not been disclosed in the press release.

Key Comparative Themes

1. Strategic Objective
OneSpan – Add a password‑less, FIDO2 capability that can be packaged with its existing e‑signature and fraud‑prevention solutions, giving customers a modern, low‑friction authentication option while staying within a relatively focused, niche product line.
Duo (Cisco) – Acquire a full‑stack MFA platform to become a cornerstone of Cisco’s Zero‑Trust and Secure Access portfolio, expanding the company’s reach across network, endpoint, and cloud security.
Okta – Buy a developer‑first, API‑centric identity platform (Auth0) to broaden Okta’s identity‑as‑a‑service offering and capture the fast‑growing “identity for apps” market.
Ping – Add an adaptive, risk‑based authentication engine (SecureAuth) to deepen its IAM suite for regulated enterprises and to support more sophisticated, context‑aware security policies.
2. Scale & Market Impact
OneSpan – Acquisition is smaller in scale (Nok Nok Labs is a specialized startup) and primarily enhances a specific product line rather than creating a new, stand‑alone identity platform.
Duo – A ~$2 B deal that instantly added millions of enterprise users and positioned Cisco as a major player in the MFA market.
Okta – A ~$6.5 B acquisition that effectively doubled Okta’s developer‑facing footprint and gave it a dominant position in the “identity for developers” segment.
Ping – A private‑equity‑valued deal that reinforced Ping’s depth in high‑security verticals but did not dramatically change its overall market share.
3. Technology Focus
OneSpan – FIDO2 / password‑less (public‑key, standards‑based) – a technology that eliminates passwords entirely and is increasingly mandated by regulatory bodies and large enterprises seeking frictionless user experiences.
Duo – Multi‑factor authentication (push, OTP, biometrics) + device health – a broader MFA suite that still relies on a “something you know/possess” model.
Okta – OAuth/OIDC, social login, custom rules, extensible SDKs – a programmable identity layer that can support any credential type, including password‑less, but is not itself a dedicated FIDO2 engine.
Ping – Risk‑based, adaptive authentication – focuses on contextual risk signals and step‑up challenges rather than on the password‑elimination paradigm.
4. Integration Path
OneSpan – Will likely embed FIDO2 SDKs into its existing verification workflows (e‑signature, digital identity, fraud‑prevention) and offer a combined “password‑less + e‑signature” solution for regulated transactions.
Cisco/Duo – Duo’s technology is being woven into Cisco’s Secure Access Service Edge (SASE), firewall, and VPN products, creating a unified Zero‑Trust experience across network and endpoint.
Okta/Auth0 – Auth0’s APIs are being integrated into Okta’s Identity Cloud, giving customers a single pane of glass for both workforce and consumer identity, with Auth0 serving as the “developer front‑door.”
Ping/SecureAuth – SecureAuth’s adaptive engine is being plugged into Ping’s Identity Cloud to provide richer risk‑assessment capabilities for both workforce and customer use cases.

What the acquisition means for OneSpan’s competitive positioning

  1. Differentiation through password‑less – By adding a FIDO2‑native capability, OneSpan can market a “password‑free” authentication option that many large enterprises (banks, health systems, government) are actively seeking. This differentiates it from Duo’s MFA (which still uses OTP/push) and from Okta’s broader identity platform that does not specialize in password‑elimination.

  2. Complementary to existing strengths – OneSpan already excels in digital transaction security (e‑signatures, fraud detection, remote identity proofing). The Nok Nok Labs technology can be layered on top of those workflows, enabling a single, end‑to‑end verification experience (e.g., a user signs a contract and is simultaneously authenticated via a FIDO2 credential, reducing the need for separate OTP steps).

  3. Targeting a specific market niche – While Duo, Okta, and Ping are building platform‑wide identity and access management suites, OneSpan is sharpening its transaction‑centric, compliance‑heavy offering. The acquisition is less about scaling a massive user base and more about deepening the value of each transaction—a strategy that can be especially compelling for regulated industries that value auditability and low‑friction user experiences.

  4. Potential for cross‑selling – Existing OneSpan customers (e.g., financial institutions using its e‑signature and fraud‑prevention tools) can now be offered a password‑less authentication add‑on, opening up new revenue streams and potentially increasing stickiness of the overall platform.

  5. Competitive pressure – As Duo, Okta, and Ping continue to broaden their authentication capabilities (e.g., Duo adding password‑less push, Okta integrating FIDO2 via Auth0, Ping enhancing adaptive risk), OneSpan must move quickly to monetize and productize the Nok Nok Labs technology to avoid being perceived as a “add‑on” rather than a core differentiator.

Bottom line

  • Scale & breadth: OneSpan’s acquisition is smaller and more focused than the large‑scale deals by Cisco (Duo) and Okta (Auth0).
  • Technology focus: It uniquely brings FIDO2 password‑less authentication to OneSpan’s suite, a capability that is not the primary focus of the Duo, Okta, or Ping acquisitions (which target broader MFA, developer‑centric identity, or adaptive risk).
  • Strategic fit: While the competitors are building platform‑wide IAM ecosystems, OneSpan is deepening its transaction‑security niche, positioning itself as a provider of secure, frictionless, end‑to‑end digital interactions—a compelling differentiator in markets where compliance and user experience are paramount.

In short, OneSpan’s deal is a targeted, technology‑specific bolt‑on that enhances its existing product line, whereas the acquisitions by Duo (Cisco), Okta, and Ping are larger, platform‑building moves aimed at expanding their overall IAM footprints. The success of OneSpan’s strategy will hinge on how effectively it can package and monetize the password‑less capability within its core workflow‑centric solutions, turning a niche advantage into a competitive moat against the broader, more diversified offerings of its rivals.

Other Questions About This News

How will the acquisition of Nok Nok Labs affect OneSpan's revenue growth and margins in the upcoming quarters? Will the acquisition affect OneSpan's current guidance or lead to any revision of its 2025 outlook? Will OneSpan provide any guidance on earnings per share (EPS) and revenue targets for the rest of fiscal 2025 and 2026? How has the stock historically reacted to M&A announcements in this sector—what short‑term price move can be anticipated? What is the expected dilution, if any, from the acquisition—are there new equity issuances or debt financing involved? What is the expected impact of the acquisition on OneSpan's cash flow and capital expenditure plans? What synergies and cost savings are expected from the Nok Nok Labs acquisition, and when will they be realized? How does the market price of OneSpan (OSPN) compare to its peers in the cyber‑security and authentication space? Will the FIDO2 passwordless authentication products generate incremental recurring revenue, and what is the projected TAM for this technology? What is the current short‑interest and institutional ownership for OSPN, and how might that influence price volatility after the news? How might the acquisition influence OneSpan's positioning in the broader identity‑verification market and its competitive moat? What is the expected impact on OneSpan's valuation multiples (P/E, EV/EBITDA) post‑acquisition? What are the key risks and integration challenges associated with the Nok Nok Labs acquisition (e.g., technology integration, customer retention, cultural fit)? Are there any regulatory approvals required for the acquisition, and could they introduce delays or costs?