A brief introduction to AffirmId
Securing remote access to sensitive information is a necessity for every enterprise. Indeed, the same is true for individuals concerned with security of their personal accounts. Secure access depends in part on establishing a person seeking access is who they claim to be. Seldom is this challenge met as username and password alone are ineffective and often remain so when augmented with a second factor.
One popular method problem avoidance is use of one-time passcode Apps. When seeking access, the user provides a username, a password, and a one-time passcode. The one-time code is produced by an App on their phone. This approach ensures the user supplies something they know, the password, and proof of something they have, the one-time passcode from their phone. But it does not identify the person, it simply affirms the person knows the username and password and one-time code.
AffirmId is a new phone App that meets these challenges doing so in a truly unique way. It recognizes the person using the device thereby allowing it to affirm that person’s identity.
AffirmId verifies user identity first before allowing access to one-time passcodes. If the person using the device is recognized then passcode generation is allowed, otherwise it is not.
AffirmId performs identity verification not by use of credentials such as password, PIN, fingerprint, facial image or the like. Rather it recognizes the human traits of the person in possession of the device. These are referred to as “behavioral biometrics” and they are unique for every person on earth. The automated use in AffirmId is likewise unique. Through this technique the person the phone belongs to becomes the only person who can use AffirmId to produce the needed one-time passcodes.
AffirmId minimizes workflow disruption to a single tap as an indication of intent to authenticate; all else is automated.
AffirmId also provides a no password required experience where username is the something you know, behavioral biometrics are the something you are, and a phone is the something you have.
AffirmId is configured and offered for enterprise use providing enhanced security and user experience seamlessly to those already using Two-Factor Authentication. For those not yet using multi-factor authentication, AffirmId offers the option to leapfrog to no password authentication on day one of multi-factor adoption. And of course, those now using one-time passcodes can upgrade at any time to a no password required authentication without impact to their trusted users. For them it is still AffirmId unchanged.
AffirmId inclusion of passwordless modalities adopt use of industry standards such as those published by the FIDO Alliance and the World Wide Web Consortium (W3C).
The processes and methods of AffirmId are patented and covered by copyright laws. The App is now in beta test and available for use on Android phones. Development of the iPhone version is slated to begin in the fall of 2020.
The methods AffirmId uses for identity recognition are described in documents open for public review and critique. They are the patents that disclose the methodologies used, a set of four patents, three issued and one pending.
Methodologies disclosed in the first patent address authentication from end to end. These methods secure the authentication food chain from relying party within the enterprise to the edge of the security stack including affirmation of identity of the person seeking access. A unique protocol using a three-link triad network architecture, a security token ensuring triad integrity, encryption securing the messaging, and a Personal Identification device assuming identity verification responsibilities of the person seeking access.
The second patent of the set deals exclusively with the methods of a Personal Identifier and expressly those of AffirmId. In it are disclosed how a mobile device, an Android or iPhone, can recognize a person by their human traits. Multiple traits are considered in parallel to arrive at a determination of identity. One example of the novelty is recognition of device possession, detecting when a human has the device in their actual possession. If ignored it becomes impossible from a security point of view to identify with certainty the person in possession. Both active and passive trait sensory inputs are processed by use of artificial intelligence to derive a probability the person in possession of the device is known to be the first user of the AffirmId App.
The third patent of the set expands on the prior patents disclosing methods and techniques uncovered during multiple proof of concept implementations. AffirmId is the final POC allowing others to form their own opinions as to its value.
The fourth patent now pending expands further on prior disclosures focusing primarily on protocol enhancements and bioPIN. The bioPIN is unique to AffirmId. Like other PIN’s, it is a sequence of three or more characters that become the user’s Personal Identification Number. Its uniqueness is in the biometrics of use combined with the character resulting in a 1 in 12.5 million chance of correctly guessing the character. All human traits are measured using similar considerations.
The roots of AffirmId run very deep dating back nearly a decade prior to first patent application. Considerable research combined with proof of concept developments have resulted in a product far advanced beyond other devices and applications of like purpose.
Copyright © 2020, Rick Hallock