Security, Exceptional UX, Privacy protection, Easy & Fast Integration, and Cost-Effectiveness.
Smart Two-Way Authentication
One-way user authentication technologies are increasingly vulnerable to phishing and pharming attacks. It’s very dangerous to blindly input our information into any online service before verifying their authenticity.
A more secure way is to provide our information after checking the authenticity of the online service first. So, wherever and whenever trust is most needed, a two-way authentication is the answer.
AutoPassword allows the online service to present the AutoPassword code to the user first, and then requests the user to verify the online service’s authenticity with their smart phone.
Therefore, there’s no chance for a hacker to steal the user's credentials on the user's terminal. Also, there's no possibility of falling victim to a pharming attack because the user can verify the authenticity of the online service first. If both codes match, the user simply touches their fingerprint on the smart phone as a sign of the user's approval. After the fingerprint is placed on the device, the AutoPassword mobile app generates the user's authentication code internally and sends it back to the online service.
AutoPassword does not deny existing user authentication technologies, it just adds the service authentication layer on top of other traditional user authentication technologies including OTP, PKI and FIDO. So, this is the first mutual authentication technology in history to make the user verify the online service with their own eyes.
Context-Based Mutual Multi-Factor Authentication
Besides, we couldn’t generate the AutoPassword code by ourselves. It is generated based on the context values such as the session ID on the service server, IP address on the user’s mobile assigned by a mobile carrier, the Push ID issued by Google and Apple and etc.
Because of that, those values are temporarily generated and used in that context, AutoPassword codes can not be made by one entity, including the AutoPassword cloud service itself.
Feature 2.Exceptional UX
The Ultimate Password Replacement Service Which Verifies the Online Service and the User with a Single Touch
At AutoPassword, we would like to liberate the user from the burden of using traditional user passwords, and make the online service verify their authenticity to the user instead of the user having to verify their credentials to the online service.
Unlike existing authentication technologies which are designed to shift the responsibility of authentication from the online service to the user, AutoPassword is the only technology designed to pass the responsibility from the user to the online service.
It surpasses the user's expectations because it visually displays an automatic AutoPassword, therefore, the user does not need to input a user password as AutoPassword gives them the confidence that the service is authentic.
Replace Various User Passwords with One AutoPassword
One AutoPassword mobile app can cover all online services that are linked to AutoPassword cloud.
If your services are linked with AutoPassword Cloud, then your services help the user not only eliminate the password burden, but also free them from phishing and pharming attacks.
How Users Use AutoPassword
Here is how to register an online service which is linked to AutoPassword cloud on the user’s mobile. If any online services are linked with AutoPassword Cloud, it will show the option for AutoPassword on the login window. The user can then add that online service to their AutoPassword mobile app for logging in.
It needs to register the identification code which is issued by the online service. It is generated on the menu of AutoPassword registration beside the menu of user password change. That user can see the list of all online services inside their mobile app. If the user registers that online service in the AutoPassword mobile app, then it will not ask the user to memorise and type the user password again.
That user can also deactivate the AutoPassword mobile app if they were to loose their smart phone or replace it with a new one. Users can see the menu option to deactivate AutoPassword next to the menu of user password changes.
2-Step Verification for Socia Login
AutoPassword cloud can be used as 2-step verification for both Google and Facebook. If a user registers and logs into the online service with a social login, AutoPassword can be set as the second step verification phase after the social login has been approved by Google or Facebook.
Feature 3.Privacy Protection
AutoPassword Cloud does not collect and store any identifiable information about a user of online services. AutoPassword Cloud works similarly to the relationship between a bank and an OTP manufacturer. An OTP manufacturer does not hold or store any information from the bank user, they just provide an OTP H/W dongle and server to the bank, and from there the bank assigns the OTP authenticator to their customers without letting the OTP manufacturer know who has what H/W dongle.
Like a OTP H/W dongle business, we only use the serial number that is issued by the online service provider when the user registers that online service to the AutoPassword mobile app. This serial number is created and assigned to AutoPassword Cloud by the online service provider.
We do not get any identifiable information about the user of that online service.
Feature 4.Easy & Fast Integration
If your online service decides to link your online service to the AutoPassword Cloud, it only requires 4 simple steps. We provide two kinds of API for AutoPassword Cloud.
The first one is the simplest version, available for entry level developers knowing only HTML scripts.
The second one is called AutoPassword Rest API and can be customised to the login windows fitted well to the online service.
AutoPassword cloud servers are now running on Amazon Web Services so it covers all online services and users on the globe with the fastest speed and availavlity.
In order to fund our technology and service, we have developed two possible strategies: An in-app advertisement model or a monthly subscription program. If we successfully acquire funding, we will be able to defer these two income streams in favour of a completely Ad free user experience.
If you would like to help us achieve this goal then contact us to make a donation. All donations are greatly appreciated.