Solving the authentication problem would have an immediate and significant impact on improving cybersecurity worldwide. So has a garage-level tech start-up based in Austin done just that?
The Trust Nexus (https://www.trustnexus.io) claims to have solved the authentication problem without the passkey, ensuring the longevity of passwords that still remain a popular authentication method for users. The company is not following FIDO’s consensus of passkeys over the password. The technology has been notably recognised for ensuring simple passwords become highly secure on trusted systems and that the user’s private key stays securely on the user’s mobile device.
In FIDO Passkeys (Microsoft, Apple and Google) the operating system controls the user’s private key and it can be transferred to other systems through the user’s account. It also means that Microsoft, Apple and Google have access to your private keys (and data metrics on every application you use).
Some of the key aspects of the technology:
- It is open-source and mostly free (they retain the rights to cloud based services).
- It can be run as a closed ecosystem within a corporation or government agency
- Eventually, for three party digital credentials (finance, insurance, government services, etc.) there will be a worldwide identity ecosystem, that surprisingly will not contain any private user data.
Trust Nexus are attempting to form a research consortium that will first perform an in depth technical review and then deploy a POC.National Cybersecurity Center of Excellence: “At the NCCoE, we bring together experts from industry, government, and academia to address the real-world needs of securing complex IT systems and protecting the nation’s critical infrastructure.”https://www.nccoe.nist.gov/They also hope to engage some of the major players in biometrics, which can be integrated into their digital credentials.Their dream scenario is to engage major financial institutions, leading universities and key government agencies; most notably, the