Access and Identity Management Is Broken

We traded privacy for security and got neither.

  • Repetition Guarantees Failure
    The more places our PII. is stored, the less secure it is. Eventually, all of our secrets are revealed.

  • Trust Assigned to Unwilling Parties
    Cell phone companies and email service providers never agreed to protect our identity….Or our privacy.

  • No Receipts
    Application providers grant access based on knowledge based proof but have no way to demonstrate that the user conducted the authentication.

Access and Identity Management relies on the user reciting
PII that is stored in the application provider’s user table.

Daily life demands that we create and remember a new password for almost every single thing we do—reading the news, paying bills, or simply ordering a pizza. The promise of online convenience has been broken by antiquated authentication solutions with unrealistic security best practices.

UNS is different from other access management approaches

UNS TRUST:  UNS Lets You be You

Existing authentication systems are built on trust in central authority. Trust in UNS comes from user-generated private keys in users personal devices.

  • Consolidating credentials in user tables creates an attractive target for hackers.

  • Current systems rely on a 3rd party to provide a user’s identity. Sometimes these parties make mistakes.

  • UNS lets the user be the ultimate authority of their identity. You know who you are. You’re usually right.

UNS authentication lets you prove You are You, providing full control over your identity.

UNS Privacy: Utterly No Surveillance

UNS uses a unique, anonymous identifier for each individual account

  • Existing authentication systems are hostile to privacy because they use data that can connect users across different Services.

  • Access control that relies on email, security questions, and phone numbers makes it easy to link a user’s accounts and online activities across services. This is hostile to privacy and puts every user at risk.

  • Current authentication systems force every user to click “I Agree” for access even though the actual risks are unclear and may not match their preferences.

UNS preserves privacy by issuing a unique identifier for each user account with each Service

UNS Security — Utterly No Spoofing

Cyber attacks rely on tricking users or systems to trust an imposter. UNS authentication uses asymmetric cryptography and out of band communication to stop imposters from gaining access to accounts

  • Existing systems utilize shared secrets and central authorities to identify users. If any system containing those secrets is compromised, an attacker can impersonate the user. UNS minimizes the attack surface because the users secrets never leaves their device.

  • The UNS protocol remains secure over an insecure network, even when messages are stolen, altered, or replayed.

UNS uses out of band communication and asymmetric cryptography to thwart phishing, credential theft, and brute force attacks.

UNS PRACTICALITY — Users Need Simplicity

Existing security protocols require users to learn a wide variety of authentication rituals, including passwords, authenticator apps and ambiguous security questions.

  • Simply scan a barcode with your phone to add a new device to your identity.

  • UNS is supported directly on smartphone apps and in the browser.

  • UNS authentication works seamlessly on any device, from one browser to the next, one device to another, on the web and with native apps.

UNS uses out of band communication and asymmetric cryptography to thwart phishing, credential theft, and brute force attacks.