 |
|
|
 |
"Proposed [identity theft]
fixes tend to concentrate on the first issue--making personal data
harder to steal--whereas the real problem is the second [preventing
fraudulent transactions]. If we're ever going to manage the risks and
effects of electronic impersonation [identity theft], we
must concentrate on preventing and detecting fraudulent transactions."
|
Solving Identity Theft
~ Bruce Schneier ~
|
|
 |
|
In the late Seventies and early Eighties computer names were maintained
by using handcrafted HOSTS.TXT files. As networks became more interconnected this process became unmanageable.
Everyone knew that something needed to be done. When the
Domain Name System (DNS)
was created everyone saw it as the obvious solution. Similarly, when the solution to cybersecurity authentication emerges,
everyone will say, "Of course, this is how it had to be."
|
|
The future of identity:
Provision a credential to a user's mobile device in a very simple process;
the user then clicks one button on his/her mobile device to sign on to both web based and mobile applications.
All processes are cryptographically secure.
|
|
|
The Trust Nexus
is a technology startup located in Austin, TX.
We have have solved one of the key problems in cybersecurity:
secure mobile identity.
Our technology will enable secure authentication to all types of information systems;
this will eliminate hacking, eliminate phishing, eliminate identity theft and eliminate
fraudulent financial transactions. We truly have a
change the world technology that is simple, effective,
low cost, easy to implement and cryptographically secure.
Touch one button on your mobile device and you are securely signed onto your web/mobile application
or authenticated in a financial transaction.
|
|
The essence of our process is incredibly simple:
Through secure mobile identity,
we completely do away with user names and passwords (and all of their weaknesses).
If a credential is provisioned to a user's mobile device in a
valid institutional process,
then when the user presents the credential (either in person or over the network)
the receiver can be certain that either
the credential and the user are valid or the user gave his/her mobile device and six digit
HEX pin (1/16,777,216) to someone else (biometric data can be integrated into our digital
credentials to eliminate this use case).
|
|
Under the Trust Nexus
it truly does not matter who you are;
what matters are institutional validations
and the ability to verify those validations.
|
|
|
General Overview (six slides):
Click Here
|
|
|
While many of our cryptographic processes are similar to the processes used in
Public Key Infrastructure (PKI),
we avoid the bureaucratic inconveniences and lax security inherent in PKI.
[ref]
[ref]
Under PKI, when a digital certificate is issued the user (or a malicious administrator or someone who can access the user's system)
can simply "share" the cert with anyone. Under the
Trust Nexus it is far less likely that a user will share his/her
mobile device and six digit HEX pin.
|
|
Also, under the Trust Nexus a catastrophic security
breach of the PKI, similar to the
Comodo Security Breach,
would have no ill effects for users. Contrary to the proponents of PKI, a Comodo-like security breach is
always a possibility, especially if you travel to a hostile foreign country or if you are a citizen under an
oppressive regime.
|
|
One of the most important aspects of our technology is that
we secure identity while protecting privacy. Our technology provides a
100% privacy protection. We do not store personal data,
we store dual signed SHA-512 message digests of digital credentials.
We change the mind set of authenticating using personal data; instead,
we verify institutional validations.
|
|
If you are a member of the Secret Moose Lodge of Ottumwa, Iowa,
your identity credential can be validated under the Trust Nexus without
any detailed information about you or your organization being revealed. We simply verify the institutional validation
that was created when your credential was issued.
|
|
Our technology goes beyond secure mobile identity.
It may be difficult to believe, but as a small startup in Austin we have solved the
single sign on problem
[ref].
Our technology also enables a greatly simplified
identity federation process
[ref].
|
|
This is not theoretical; we have a functioning prototype and
everything works.
|
|
|
The Trust Nexus system is simple,
effective, low cost, easy to implement and cryptographically secure.
|
|
We are creating an infrastructure that will support
the rapid growth of mobile-Identity and mobile-Commerce. In order to
establish our infrastructure and generate good will, much of our technology will be licensed for a
nominal fee or given away for free.
Our technology and infrastructure services will be
free to financial institutions worldwide for internal use. Our
technology and infrastructure services will be
free to all government agencies and non-profit organizations
involved with national critical infrastructure.
|
|
The Trust Nexus will not attempt to compete against the dozens of existing players in the identity management space.
We intend to license our authentication technology to all players for a nominal fee; this will insure a rapid and widespread implementation.
|
|
The Trust Nexus
will provide the business model for the success of
NFC.
Once NFC can be used to eliminate fraudulent financial transactions there is a true
"value add" for the technology (it becomes
much more than just a new "high tech" way of doing the same old thing).
|
|
|
The TNX Secure mobile app is
available for preview [Click Here].
|
|
The TNX Secure mobile app is a
digital wallet for managing both identity and financial credentials.
Additionally, this digital wallet enables users to manage their advertising/marketing
preferences and their personal profile (the information about the user that is sent
to third parties).
|
|
The TNX Secure mobile app will be
FREE to consumers.
|
|
The TNX Secure mobile app
DOES NOT require a mobile device with
NFC functionality.
|
|
In addition to an identity infrastructure, the TNX Secure mobile app will have an associated
TNX Advertising Infrastructure for enabling interactions between the mobile
app and Internet based advertising management systems (and new retail POS marketing systems yet to come).
This system will deliver display adds to both desktop
and mobile devices based on a user's defined preferences.
|
|
|
The TNX Secure mobile app implements the
TNX Cryptographic Protocols
[Click Here].
|
|
The TNX Cryptographic Protocols
enable the creation of secure digital credentials on mobile devices.
|
|
As an additional benefit, the TNX Cryptographic Protocols
realize the "Holy Grail" of single sign on
[ref].
|
|
The TNX Cryptographic Protocols
enable secure storage of data on a
user's mobile device AND prevent access to this data if the user's
mobile device is lost or stolen
[seriously, we have solved this problem without needing access to the
secure element of the mobile device].
|
|
We expect the TNX Cryptographic Protocols
to become the world wide standard for securing mobile data.
|
|
|
The NFC Identity Project is in
development [Click Here].
|
|
The NFC Identity Project, is an open source
project for creating a secure authentication system for corporations and government agencies. This system
will be easily pluggable into any identity management system.
|
|
|
