Passwordless Web Authentication
Seamless for Users | Deployed in Hours
An intelligent new approach to Passwordless Web Authentication that is invisible and frictionless for users. The seamless experience makes it 10-100x faster to deploy than other solutions, requiring . . . . (i) No client software or user setup, (ii) No change management, and (iii) No backend system changes.
Seamless User Experience
No client software or user setup
No change management
No backend system changes
Simple, Low-Cost Deployment
(10-100x faster than other solutions)
MasterKey meets the most advanced standards for Zero-Trust networks and Zero-Trust devices.
It implements the WebAuthn/FIDO2 standard without any system development.
Clientless Webserver-Controlled Architecture
A New Protocol for Authentication and Authorization
The genius of MasterKey is that it requires no client software for users to install or setup. Centrally controlled by the webserver, it is deployed instantly to all users at scale and activates the webserver’s intelligence to co-create a unique triangulation formed between the webserver, user, and their mobile. The system secures the input, storage and recall of credentials and other factors to authenticate users, and authorize transactions.
There are three component technologies: (i) Encrypted Invisible Keyboard, (ii) Passwordless Web Authentication, (iii) MFA in 1-step (not 2 steps).
Encrypted Invisible Keyboard
User credentials are captured (or generated) in a double-encoded and encrypted system.
The webserver harnesses the mobile phone’s browser to create the illusion (graphical proxy) of a keyboard. Cells on the screen generate encoded references that can only be interpreted by the webserver which set it up a moment earlier. No characters exist locally so the information cannot be intercepted and deciphered. Instant onboarding of new users can be facilitated by auto generating credentials so users never see a keyboard.
Passwordless Web Authentication
Credentials captured and stored by the system are retrieved to create the Passwordless experience.
The information that was captured by the Encrypted Invisible Keyboard can only be retrieved and deciphered when all elements of the original triangulation are in place, and initiated by the users mobile.
MFA in 1-Step (not 2 steps)
The credentials can only be reconstituted inside the webserver, when the original triangulation is initiated by the user’s mobile, and if WebAuthn is enabled, by the user providing their proof-of-presence. (Biometric, Screen swipe, PIN, etc.). The experience is simply invisible.
Zero Trust Networks
Zero Trust Devices
Sidestepping the Attack-Surface
99% of cyber-attacks target devices (PCs and Smartphones).The goal is identity theft to take over online accounts and steal money, redirect financial transactions or access private data. Credential are easily intercepted by keyloggers or a Man-in-the-Browser attack. MasterKey sidesteps the device, providing no attack-surface for hackers. Credentials never hit the user device or network.
Zero Trust Networks
MasterKey meets the most advanced expectations of Zero-Trust networks.
Devices capturing information from users are first encoded and the data captured is then double encoded and encrypted with AES-256, Current technology would requires billions of years to decrypt this and would only then reveal context-less meaningless encoded data.
Whether “Cloud Hosted” or “On-Prem”, nothing can intercept and decipher the information flowing through the system.
The protocol ensures that only the webserver, with the security keys it generates, can decipher the information when triangulated with the users mobile, and optionally their proof-of-presence.
At no other point within the system is there enough information to decrypt and decode, other than inside the webserver.
Zero Trust Devices
MasterKey’s security posture assumes every device is already compromised.
The system projects a security protocol that sidesteps any malware or non-malware, allowing users to authenticate themselves or authorize transactions.
It sits comfortably alongside existing monitoring and detection software on users devices without interference.
FIDO2 / WebAuthn
MasterKey is an implementation of the WebAuthn / FIDO2 standard.
It enables organizations to deploy WebAuthn overnight, without any system development or data migration.
The Danger Of Not Taking Action
Users are scared of Identity Theft and minimize their engagement with businesses that do not protect them. Companies that care to protect their users are trusted and rewarded with greater engagement. Companies that fail to provide essential WebSecurity fall. Their reputation tanks. Users flee. MasterKey provides strong WebSecurity and involves virtually no expertise and time to deploy. It delivers the ultimate Passwordless experience. Smooth and Intuitive.
You could be running a WebSecure business by the end of the week.
What’s holding you back?
Access to Strong WebSecurity
For any company caring to secure users, MasterKey is a no-brainer.
Point Solution
for IAM
For organizations bogged down in ‘Identity and Access Management’ transformations, MasterKey can be implement immediately.
WebSecurity 101 for small businesses
A SaaS subscription and simple deployment, involving no barriers, makes MasterKey accessible even to smaller businesses that typically do not have the resources to deploy new Authentication solutions.
