Federated Identity Without PII
Authentication as Easy as 1, 2, 3
Securely authenticate users without the expense and liability of
maintaining your own method or sharing data with login providers.
No Shared Secrets – No Stolen Credentials – No PII
Surrendering PII for Access
is a recipe for disaster
Repetition Guarantees Failure
The more places our PII. is stored, the less secure it is. Eventually, all of our secrets are revealed.
Trust Assigned to Unwilling Parties
Cell phone companies and email service providers never agreed to protect our identity….Or our privacy.
Application providers grant access based on knowledge-based proof but have no way to demonstrate that the user conducted the authentication.
Liability & Insurance Costs
Over 4,000 known data breaches cost companies over $2 trillion in 2020. 80% of these exposed PII, costing $150 per compromised record. Cyber insurance premiums increased an average of 176% in 2021 and are expected to double again in 2022.
Existing Access and Identity Management solutions assume the user can recall shared secrets
and public identifiers that are stored in the services’ user table.
UNS Federated Identity API offers a user-focused, federated Single Sign On system with the convenience of social logins and the security of digital signatures without sacrificing privacy. UNS is designed around four privacy principles:
- Users control their identity
Trust in UNS derives from encryption keys which users generate on their devices.
- No Personally Identifiable Information
UNS Authentications do not contain username, email address, phone numbers or any other personally identifiable information about the users.
- Chain of Trust
Tickets are digitally signed by all parties to provide an auditable record for every authentication.
- Proof Based Authentication
Services set the required level of attestation for each ticket.
The Universal Name System was designed to put and end to the privacy and security dilemma without sacrificing either.
- UNS is standards based
- All of our code is open source and available for inspection.
- UNS uses no black boxes, no proprietary algorithms, and no secret code.
- Authentications in UNS are verified using JSON Web Token
Our “secret recipe” is an elegant twist of existing technologies to enable services to use best in class cryptographic solutions and an integrated workflow for any attestation type.
- How to agree on an intermediary for authentication
- How to manage key generation and revocation for every service
- How to sync access across user devices without transmitting keys
Here is how it works.
UNS FederatedID delivers a robust privacy and security system specification built around time tested REST-ful APIs and Resource Description Framework schema.
UNS provides the flexibility you need to meet your operational and business requirements.
Try our Wordpress demo or download our Wordpress plugin
Want to learn more? Contact us today