A system is secure if the plans for the system are public,
and the bad actors can still not break in.
Announcing the first open-source platform for secure mobile identity.
This archetype is fundamentally flawed because the management of the data is problematic and there currently is no process for presenting the data that is both secure and consumer friendly. How many times each year is there a major breach of authentication data? How many new authentication architectures have failed due to lack of consumer acceptance?
If the problem of secure authentication is going to be solved there must be a new archetype: Data about the individual's identity does not matter for authentication (very counter-intuitive). What matters is an institutional validation of the individual.
This new archetype presents different questions: Has the digital credential been issued in a valid institutional process? Is the user to whom the credential was issued the only person who can present the credential? Can the institutional validation be verified when the user presents the credential? Is the process consumer friendly?
Secure authentication is not about managing vast amounts of personal data; it is about managing digital credentials that represent valid institutional processes.
The essence of our process is incredibly simple: If a credential is provisioned to a user's mobile device in a valid institutional process, then when the user presents the credential (either in person or over the network) the receiver can be certain that either the credential and the user are valid or the user gave his/her mobile device and six digit HEX pin (1/16,777,216) to someone else.
Brief Demo of the "One Click Sign On"™ process: Click Here
Detailed Overview: Click Here