How it Works

Privakey is a cloud based identity and authentication service. It is used to broker secure authentication transactions between users and the websites, online services, and applications they use. Although Privakey leverages sophisticated asymmetric cryptography and multi-factor authentication principles to ensure secure transactions—users are shielded from the extra steps and complexities typically associated with strong authentication solutions.

The Privakey Authentication Experience

One

Users initiate secure login on Privakey Enabled service, by clicking  Login with Privakey.

Two

The Privakey Service alerts user’s registered devices for approval of  the transaction.

Three

The user approves the request, enters their PIN that only they know, and clicks Submit.

Four

The Privakey Service smoothly redirects the user back to the Privakey Enabled Service.

The Privakey Identity Server

The Privakey Identity Server operates as an Identity Authority to broker authentications between users and the enabled sites and apps they log in to. Much like social login providers, the Privakey Identity Server leverages OpenID Connect to interact with enabled sites’ servers. However, unlike social logins, we do not track or store any sensitive information about our users, ensuring both their privacy and security.

Further, by leveraging OpenID Connect standards, Privakey makes it easy for services to add the “Log in with Privakey” button to their sites and applications. The Privakey Identity Server uses protocols and AES 256 encryption for all communications, leveraging Open ID Connect and RESTful APIs for easy integration with Privakey enabled sites and apps.

The Privakey App

Privakey’s Apps are used to approve logins and other authorizations. During registration users provide their name, e-mail and choose a 4-12 digit PIN. This PIN, which is never stored anywhere, is used to protect and access the private key of a unique asymmetric key pair generated on the device. The corresponding public key is bound to the user and device record in the Privakey Identity Server.

Each Privakey App instance registered to a user’s account can approve their authentications, providing users convenient and strong authentication wherever they’re working. The user’s device functions as something the user has, and the Privakey PIN serves as something the user knows, effectively enabling a simple, two-factor authentication. The Privakey app is available for Windows (8.0 and higher), iOS, Android, and Chrome.

Privakey Enabled Sites & Apps

Our mission is to improve the user experience through consistent, convenient, secure authentication. Privakey offers an improved login for users by configuring the “Log in with Privakey” button on their login screen.

Subscribing to Privakey is easy. Services interested in implementing Privakey simply use our online registration process. Code samples, integration guides and straight forward API’s make integrating Privakey with your application or service simple.