Locke Brown, Co-Founder & CEO and Nolan Smith, Co-Founder & CTOPasswords are generally stored in large centralized databases which increases their vulnerability to theft, and in turn concerns CIOs and security officers. Because of this, organizations often face difficulties in securing themselves from cybersecurity breaches that target passwords and other authentication data. In addition, there are complexities to storing and managing large databases of their customers’ credentials. Existing methods and commercially available authentication solutions almost all rely on passwords being collected and stored on company servers. Consumers’ emails and passwords are a valuable prize for attackers, who can use the data to gain access to other accounts where people have reused passwords.
NuID offers a unique and affordable authentication platform that can be easily integrated into any enterprise identity and access management (IAM) system that removes the need for businesses to store user authentication data. NuID’s user-friendly offering leverages decentralized architecture and zero knowledge cryptography, which enables businesses to authenticate customers or employees without storing passwords and other sensitive authentication data. This means, users’ passwords never leave their devices; there’s no opportunity for man-in-the-middle attacks or mass credential breaches. NuID refers to this model as “trustless” authentication because users don’t need to trust anyone else—including NuID— with their passwords.
Trust is the fundamental parameter to attain sustainable growth in a competitive world. Lack of trust due to security breaches can damage an enterprise’s reputation. With major data breaches making headlines every few weeks, consumers are beginning to take notice, and action. A recent study found that nearly 70% of consumers say they would boycott a business that fails to protect their data. Locke Brown, CEO and co-founder of NuID, argues that “the best way to protect user data is to store as little of it as possible.”
That is the goal of NuID’s trustless authentication: by removing the need for users to trust companies with their passwords, they remove the possibility for that trust to be broken by a credential breach.
To augment its trustless authentication, NuID leverages blockchain technology to create a portable and secure authentication ecosystem
NuID leverages blockchain technology to create a portable and user-owned authentication ecosystem. Rather than relying on a centralized database and authority to manage user identities, the blockchain provides a way for user identities to be immutably stored and protected on a decentralized ledger. Brown says that digital identity is the next major use-case for blockchain: “just as blockchain enabled the first truly user-owned digital money, it is ideally suited to support the next generation of user-owned digital identity.” Using a blockchain also provides important security benefits since data stored on a distributed ledger is nearly impossible to alter.
With its success in offering a cost-effective authentication solution, NuID is looking forward to optimizing and upgrading their offering’s capabilities in 2019. Their product team plans to focus on expanding their integrations with IAM platforms and passwordless authentication factors like biometrics. Finally, in time the goal is to release a light-weight self-service product tier that would enable developers to easily add NuID to their web and mobile apps. “We started with a focus on the enterprise, where credential breaches are the largest and most costly, but our goal is to make trustless authentication the most secure and easiest authentication option for companies of all sizes” concludes Brown.