Another day, another data breach.
That’s what it seems like anyway. Pick the industry and it doesn’t take long to come up with a big name that’s been hit.
Perhaps what is needed is a new way to frame the problem, George Avetisov suggests. Mr. Avetisov is the CEO of HYPR, a company protecting the safety of personal credentials such as biometrics, PINs and passwords on user devices. HYPR’s services are used by Fortune 500 companies to reduce the risk of a mass credential breach.
“Look at the major breaches at Uber and other companies,” Mr. Avetisov began. “The core thread is the centralization of personal data.”
[caption id="attachment_77830" align="alignleft" width="300"]
So while information can be protected with biometrics, passwords and other methods, if all of that information is stored in one place, it is valuable to hackers and is, therefore, a risk.
The costs of maintaining centralized storage are significant too. Password reset costs add up and security measures necessary to maintain an omnichannel experience can hinder the user experience.
The benefits of decentralized authentication are clear, Mr. Avetisov explained. Passwords and biometric data never leave the user’s device, so companies are absolved of the risks associated with storing sensitive information.
While the core concept of decentralized authentication never changes, Mr. Avetisov said HYPR knew they had to design the technology to accommodate different company preferences. The client needs to maintain control if users opt for PINs and passwords. The process should also be seamless without disrupting existing technology.
The solution allows the decentralized client to plug into the customer’s mobile, laptop or desktop device. HYPR’s server links the end user to the system, thereby enabling authentication at the singular device level. The use of a one-time token means credentials less attractive to hackers who want to use them multiple times.
Mr. Avetisov said HYPR tends to look at the Internet of Things through two lenses – connected cars and homes and physical access. In a time when UX is paramount, the challenge becomes authenticating users as they approach homes, cars and ATMs. The normal car already has many different systems and when you wish to add, say, payment capabilities while driving that becomes more challenging – doable, but challenging.
The authentication process has also been made easier by the FIDO Alliance, which offers the world’s largest ecosystem for standards-based, interoperable authentication, Mr. Avetisov said.
“The ecosystem of big players settled on an agreed upon standard. It allowed for a level of interoperability so you didn’t need to manually integrate with all enterprise systems.”
Earlier in December HYPR announced it had received a strategic investment from Mastercard and was included in the new class of Mastercard Start Path, a global initiative to support innovative companies who could reshape commerce’s future. HYPR will work to identify new customers for Mastercard to help deploy a mobile or online biometric authentication solution.
That came weeks after an $8 million Series A round led by RRE Ventures.
Contributors
