Identity Verification Closes the Zero Trust Gap

Traditional zero trust models verify devices and credentials, but not the actual person behind them. Cloudflare's new integration with Nametag addresses this blind spot by adding identity-verified onboarding to Cloudflare One. This prevents bad actors from infiltrating companies using stolen or fabricated identities—a rapidly growing threat linked to organized operations running laptop farms.

How the Integration Works

Nametag integrates via OpenID Connect (OIDC) and can be configured as a primary identity provider within Cloudflare Access or chained alongside existing providers like Okta or Microsoft Entra ID. The verification process takes under 30 seconds:

1. User attempts to access onboarding portal protected by Cloudflare Access
2. Cloudflare redirects to Nametag for OIDC authentication
3. User verifies identity by taking a selfie and scanning government-issued photo ID
4. Nametag's Deepfake Defense engine uses advanced cryptography, biometrics, and AI to confirm the user is a real person and the right person
5. Upon successful verification, Nametag returns an ID token to complete the OIDC flow and grant access

The technology is specifically designed to prevent deepfake attacks and presentation attacks (like holding up a printed photo), closing a critical gap that traditional background checks and IdPs cannot address.

Layered Defense Against Insider Threats

This partnership complements Cloudflare's existing insider threat protections, including API-driven data loss prevention (DLP), Remote Browser Isolation (RBI), and shadow IT detection. Organizations can now prevent malicious actors from gaining initial access to corporate resources before they compromise data or intellectual property.

The integration is available now within Cloudflare One's access control policies.