Security

Transparent Security

Privakey has reconceived Secure Authentication by architecting a unique, revolutionary solution from well vetted, tested security principles and standards.

Patent-pending, publicly shared methods and protocols were created to ensure that each transaction, each users’ application instances and data at rest are secure, tamper-resistant and reliable.

Seemless User Experience

Secure authentication does not have to be challenging for users. We believe secure authentication can be easier than maintaining unique, complex passwords.

Although Privakey relies on asymmetric cryptography, patent-pending encryption schemes, and industry-leading identity federation, all of these constructs remain obscured by its User Centric, simple design.

Privakey's Components

Relying Parties

This is just a fancy name for the services that have enabled Privakey. A Relying Party ‘relies’ on Privakey for brokering better authentications. Authentications start and end with Relying Parties.

3rd Party Servers

Google, Apple and Microsoft’s messaging services provide push notifications to Privakey Client applications. They also provide a discreet, Out of Band channel for secure salt and encryption material distribution.

Privakey's Service

Privakey’s cloud based service brokers authentication requests originating at Relying Parties. It’s the central hub of a Consistent, Convenient and Secure Authentication.

Privakey Apps

Available for Android, iOS, Chrome App and Windows,the Privakey Apps are used by users to authorize authentication requests. The Privakey app transforms the devices a user already owns into a secure authentication token.

Creating a Secure Token

Initial Registration

After downloading a Privakey App users create a secure authentication token by simply entering their First Name, Last Name, Email Address and choosing a PIN.

Here is how Privakey turns users' computers and devices into secure tokens:

  • An asymmetric key pair

    An asymmetric key pair is generated on the device. A generated identifier, the public key (1/2 the asymmetric key pair) and user details are securely transmitted to the Privakey server. These form a user profile and a device profile.

  • A PIN

    The PIN is not stored anywhere, but is used to secure the private key (the corresponding other 1/2 of the asymmetric key pair). Different schemes are used on different operating systems.

  • Any of the User's Devices

    On iOS, the PIN accesses an app specific container in the hardware key store. On other devices, the PIN is used with two other elements, one, is delivered in a direct connection from the server to the app, the other is delivered via a 3rd party service, to encrypt the Initial Registration key.

  • null

    Privakey works
    hard in the
    background, so
    users don’t
    have to.

null

Adding a Device

When an existing user adds a device, the process is simpler, but more secure. After downloading the application to their other device, the Privakey app recognizes their user identifier (their email) and prompts their existing, registered device(s) to approve the addition of the new device. The user enters a PIN and the new device is registered.