Security

Privakey is a cloud-based authentication service, built on Open ID Connect and SSAE 16 SOC2 standards. The service operates similar to the social logins that many consumers are familiar with. However, Privakey’s highly secure service allows websites to register and authenticate users securely without passwords. Instead, Privakey uses a PIN, similar to an ATM transaction. The user’s identity is bound to the Privakey registered phone or computer, and a unique public-private key pair is created.

Transparent Security

Privakey has reconceived Secure Authentication by architecting a unique, revolutionary solution from well vetted, tested security principles and standards.

Patent-pending, publicly shared methods and protocols were created to ensure that each transaction, each users’ application instances and data at rest are secure, tamper-resistant and reliable.

Seamless User Experience

Secure authentication does not have to be challenging for users. We believe secure authentication can be easier than maintaining unique, complex passwords.

Although Privakey relies on asymmetric cryptography, patent-pending encryption schemes, and industry-leading identity federation, all of these constructs remain obscured by its User Centric, simple design.

Privakey's Components

Relying Parties

This is just a fancy name for the services that have enabled Privakey. A Relying Party ‘relies’ on Privakey for brokering better authentications. Authentications start and end with Relying Parties.

Third Party Servers

Google, Apple and Microsoft’s messaging services use push notifications to Privakey Client applications. They provide a discreet channel for secure salt and encryption material distribution.

Privakey's Service

Privakey’s cloud based service brokers authentication requests originating at Relying Parties. It’s the central hub of a Consistent, Convenient and Secure Authentication.

Privakey's Apps

The Privakey Apps are used by users to authorize authentication requests. The Privakey app transforms the devices a user already owns into a secure authentication token.

Creating a Secure Token

null

Initial Registration

After downloading a Privakey App users create a secure authentication token by simply entering their First Name, Last Name, Email Address and choosing a PIN.

An asymmetric key pair

An asymmetric key pair is generated on the device. A generated identifier, the public key (1/2 the asymmetric key pair) and user details are securely transmitted to the Privakey server. These form a user profile and a device profile.

A PIN

The PIN is not stored anywhere, but is used to secure the private key (the corresponding other 1/2 of the asymmetric key pair). Different schemes are used on different operating systems.

Any User Device

On iOS, the PIN accesses an app-specific container in the hardware key store. On other devices, the PIN is used with two other elements; one is delivered in a direct connection from the server to the app, the other is delivered via a 3rd party service, to encrypt the Initial Registration key.

null

Add a Device

This is simpler, but more secure. The app will recognize their email and prompt the existing registered device(s). The user enters PIN, the device is registered.
null