Invisible Passwordless Web Authentication
Deployed in Hours (not Months)

MasterKey is an intelligent new approach to creating Passwordless Authentication for websites. It is invisible to users, which makes it 10-100x faster to deploy than other solutions. No backend system changes. No user software or setup. No change management. Your website can go Passwordless overnight with MasterKey.

Simple, Low-Cost Deployment

(10-100x faster than other solutions)

No backend system changes

No client software

No user setup (Change Management)

No Technical Risk – No Security Risk

MasterKey meets the most advanced standards for Zero-Trust networks and Zero-Trust devices.
It implements the WebAuthn/FIDO2 standard without any system development.

Clientless Webserver-Controlled Architecture

MasterKey is Clientless

The genius of MasterKey is that there is no client software for users to download, install and setup, unlike other solutions. Centrally controlled by the webserver, it can be deployed instantly and scaled to any size user base. MasterKey activates the Webserver intelligence to co-create a system based on the unique triangulation formed by the User, Mobile and Webserver. This System secures the original input, storage and recalls of credentials.

New MasterKey Homepage Imagery Clientless Section Encrypted Keyboard

Encrypted Keyboard

When initiated by the user’s mobile, the Webserver harnesses the phone browser to create a once-off Encrypted Keyboard (graphical proxy).  Users enter their credentials once which generates unique encoded cell references. No characters exist locally so even on a compromised zero-trust device or network, nothing can intercept and decipher the credentials. 

Icon 02 BankVault MasterKey Homepage Imagery Encode Encrypt


The credentials, as they enter and flow through the network, are double-encoded-and-encrypted, making it impossible to decipher if intercepted. The data has no context or meaning without all the components of the original triangulation that co-created it.

Icon 03 BankVault MasterKey Homepage Imagery Triangulation

Unique Triangulation

The credentials can only be reconstituted inside the webserver, when the original triangulation is initiated by the user’s mobile, and if WebAuthn is enabled, by the user providing their proof-of-presence.  (Biometric, Screen swipe, PIN, etc.). The experience is simply invisible.

Seamless & Strong

WebSecurity Experience

keyboard icon

No Attack-Surface

99% of cyber-attacks target devices (PCs and Smartphones).The goal is identity theft to take over online accounts and steal money, redirect financial transactions or access private data. Credential input is easily intercepted by keyloggers or Man-in-the-Browser attacks. MasterKey sidesteps the device, providing no attack-surface for hackers to steal credentials. Credentials never hit the device.

Passwordless Authentication

Users gain seamless access and never need to enter credentials again. On mobile/tablets, the system recognizes the user device and simply logs them in. On workstations the user just waves their phone over the screen. Instant secure access. If the WebAuthn option is activated then the user is also prompted to give their Proof-of-Presence

User Experience

Until now, the only solution to credential theft was 2FA. This is a valid option but typically a last resort because it is clumsy for the user, it adds to the support burden, and it can still be defeated by a Man-in-the-Browser attack. The adoption of MasterKey is totally intuitive to users as there’s no pre-requisite setup and its use is seamless. 

Frictionless Multi-Factor Authentication in

MasterKey provides Multi-Factor Authentication in a way that’s completely invisible to the user by enabling 3 levels of identification: ‘something you know’ (credentials) ‘something you have’ (mobile), and ‘something you are’ (biometric scan, screen pattern, local device PIN etc.). Strong security is achieved in 1-invisible-step (not 2 steps).

Warning: Password Manager Users

In absence of company WebSecurity, users often install Password Managers, mistakenly believing that these provide security. But in the process of auto-filling web-forms the encrypted credentials are exposed as clear text, making these vulnerable to malware in the browser (JavaScript).

The Danger Of Not Taking Action

Users are scared of Identity Theft and minimize their engagement with businesses that do not protect them. Companies that care to protect their users are trusted and rewarded with greater engagement. Companies that fail to provide essential WebSecurity fall. Their reputation tanks. Users flee. MasterKey provides strong WebSecurity and involves virtually no expertise and time to deploy. It delivers the ultimate Passwordless experience. Smooth and Intuitive.

You could be running a WebSecure business by the end of the week.
What’s holding you back?

Icon 04 BankVault MasterKey Homepage Imagery Strong WebSecurity

Access to Strong WebSecurity

For any company caring to secure users, MasterKey is a no-brainer.

Icon 05 BankVault MasterKey Homepage Imagery Point Solution

Point Solution
for IAM

For organizations bogged down in ‘Identity and Access Management’  transformations, MasterKey can be implement immediately.

Icon 06 BankVault MasterKey Homepage Imagery Upgrade from Password

WebSecurity 101 for small businesses

A SaaS subscription and simple deployment, involving no barriers, makes MasterKey accessible even to smaller businesses that typically do not have the resources to deploy new Authentication solutions.

Graphic 03 BankVault MasterKey Homepage Imagery Mobile Orange Login



Graphic 03 BankVault MasterKey Homepage Imagery Mobile Orange Login