Say goodbye to passwords and multi-factor authentication codes. Say hello to biometric verification, a decentralized public key infrastructure and customer based cryptographic security keys. Our customer authentication meets regulatory requirements such as strong customer authentication mandated by Payment Service Directives (PSD2).
Passwords provide limited protection for you and your customers, even when coupled with knowledge-based authentication (KBA) and one-time passwords/pins (OTP). When using an ID Crypt Global digital identity for authentication, you are utilising multi-factor authentication, provided by the user holding their mobile device, the unlocking of their identity using their face biometric and the presentation of their unique security key with you. All of this is seamless, with the user receiving a notification on their phone, unlocking it with their face and that’s it.
Each user has a unique cryptographic security key that captures their relationship with you. This is used when they return to your site/service, no need for your customers to present or share personal identifiable data with you, removing many of the challengers of GDPR.
The ID Crypt Global digital identity is locked based on the user biometrics and a unique passphrase. In the case that your customer loses or has their device stolen, their identity remains protected and secure at all times. The device is de-registered and the identity revoked from that device. When the user downloads the ID Crypt Global Vault again, they can recover their identity and identities relating to the relationship they have with you in moments.
User’s must present their cryptographic security key that forms their digital identity with you in order to be authenticated. This is unique to the device they used to access your service. The cryptographic key however can only be presented if the user successfully unlocks their identity by completing a biometric face match. This process ensures a liveness check of the user and matches this against a biometric model taken from their government issued document. The result, every user login is authenticated against a government issued document and the presentation of their own security key with you.
For extreme circumstances, authentication processes may require additional authentication processes be complete. This can include the use of voice/speech biometrics as well as the presentation of a password.