Authenticate safe ID and access control
May 2, 2017
May 2, 2017
By John Kelleher, product owner on Authenticate at Haventec
Our Authenticate product does what its name suggests: it Authenticates users through a new and highly secure system that is passwordless and easy to use.
Authenticate is built on our concept of properly decentralising data security so that organisations can offer safer identity and access control while protecting users’ privacy.
By ‘properly decentralised’ we mean that it does more than keep keys and locks apart – although those elements are essential – we mean we’ve not only killed the ancient idea of passwords, central username/password stores, our system asserts itself in every interaction by making entirely new keys and locks from scratch every time you Authenticate.
As there is no central honeypot of valuable and sensitive data (such as usernames, passwords and permissions), Authenticate helps organisations avoid common data security risks simply because they no longer have attractive central targets that cyber criminals go for.
Ongoing benefits include reduced liability and costs associated with looking after those sensitive records, and less exposure to breach attempts.
Customers or members of organisations that offer Authenticate regain control of their own valuable and sensitive personal information.
An Authenticate organisation simply needs to know the user is legitimate so that it can provide authorisation – say, to access a specific system or record – it doesn’t need to store a lot of sensitive data anymore.
In each instance, Authenticate creates a one-time lock and key which it breaks up using Haventec’s patented algorithm and safely shares the parts to authorised parties. The original key is then destroyed.
When the user Authenticates an interaction, they enter their fragment of the decentralised broken key via a secure app on their pre-approved device by entering a PIN only known to them (no record of the PIN is kept by any party).
We regenerate the key using the decentralised fragments to provide the appropriate level of access at a pre-sanctioned gateway.
The interaction is secure at all times, and the keys and locks are replaced every time.
It’s a simple solution to many big, common challenges for organisations that need to confirm they can trust the people they’re dealing with as well as maintain control of every touch point.
Authenticate efficiently helps individuals build up a personal trust profile based on their safe and legitimate interactions; and by allowing them to secure their own sensitive information on their own devices, Authenticate also removes friction.
It’s simply a safer, more convenient way to manage network trust and security for everyone.