How do I authenticate users?
Proteus Converged Systems is ushering in a new era of simple and secure user authentication. Our patented Protean Credential System (US Patents 9,332,018 and 9,967,261) turns a user’s smartphone into their own personal authenticator for any transaction in the real-world or online. Gone are the days of complicated passwords, massive centralized user data breaches, and one size fits all authentication. Say hello to a user friendly, secure, and unrivaled new approach to authenticating both physical and logical transactions.
Protean Credentials only allow for a single transaction. If you can properly authenticate and complete the transaction requested you earn the right to attempt another transaction. We accomplish this by offering a dynamic system that changes the credential during the transactional process. This means if your credential is stolen a race is created between you and the thief. If you complete another transaction before the thief can the encrypted credential they have becomes worthless. If the thief wins the race their unauthorized access will be exposed as soon as you attempt your next transaction.
User’s shouldn’t be confused by complicated authentication schemes. The Protean Credential System allows users to select or create the methods they would like to use for authentication based on their preferences but within the boundaries set by an administrator. This means a user can create their own challenges like “What is my guilty pleasure?” or “Where did I have my first kiss?”. Everyone has unique and instantly memorable responses to these challenges that are near impossible for the bad guys to know. And if they prefer passwords biometrics or PIN codes they can use those too.
Protean Credentials use strong well known industry standard cryptography to protect a user’s credential data. That data is stored on the user’s smartphone in a form they can’t directly modify. If a bad actor wants to steal millions of user’s data they will have to access millions of devices to collect the encrypted credentials. Next they will need to reverse engineer the millions of keys unique to each of those credentials. And if a user uses their credential after it’s been copied but before it can be used by the bad guys their stolen data becomes useless. At the very least this makes the bad guy’s job much more difficult.
There’s no reason an administrator should be able to see a user’s personal data. Sure, administrators should be able to ensure the integrity of a transaction but they don’t need to know the answer to your secret questions, your password, or your PIN code. The Protean Credential System allows administrators to configure the system and set policies for usage without exposing a user’s private data. And if private data needs to be shared as part of a transaction the user’s permission is asked before it is exposed.
Not all transactions are created equal. There’s a big difference between a $10 and a $10,000 online purchase. Accessing a building lobby is also a lot different than accessing a data center. With Protean Credentials the risk associated with the transaction requested drives the amount of authentication required.
Protean Credentials are designed to be used on any modern smartphone and mobile OS. There is no need for expensive or proprietary specialized hardware. Protean Credentials are also focused only on identity and authentication. Your applications, VPNs, web sites, and PACS still control authorization and will require little to no modification in order to work with the Protean Credential System.
If you are interested in offering simple yet secure authentication for any real world or online transaction in your systems or applications please contact email@example.com for more information.