This is just a fancy name for the services that have enabled Privakey. A Relying Party ‘relies’ on Privakey for brokering better authentications. Authentications start and end with Relying Parties.
Google, Apple and Microsoft’s messaging services use push notifications to Privakey Client applications. They provide a discreet channel for secure salt and encryption material distribution.
Privakey’s cloud based service brokers authentication requests originating at Relying Parties. It’s the central hub of a Consistent, Convenient and Secure Authentication.
The Privakey Apps are used by users to authorize authentication requests. The Privakey app transforms the devices a user already owns into a secure authentication token.
The user starts on a relying Party Site and clicks Log In with Privakey.
The Privakey Cloud Server presents a Pending Authentication Page.
Privakey Server calls Out of Band Messaging to Privakey App Devices; payload of notification has info on the request + encrypted decryption material.
The Out of Band Messaging Server delivers the notification.
The Privakey App Instances contact the server in a secure session to validate the request, and, if need be, get more private key description information.
The User Approves the transaction. The user/device specific private key is decrypted or accessed and used to sign a known-array of information.
The signed known-array of information is sent to the Privakey Cloud Server for validation.
If the information is validated, using the public key, then the Privakey Server redirects the browser to a pre-defined URL. The URL includes query values with the specific request.
The Relying Party Service validates the authentication request against the Privakey Cloud Server following OpenID Connect Protocols.
The Relying Party Authenticates the user and provides them with appropriate rights based on the permissions as defined within the Relying Party.