The Nevis Authentication Cloud extends your infrastructure with passwordless authentication and transaction signing services. Our FIDO-certified solution provides the authentication experience that end-users expect today. They can authenticate effortlessly, using only a mobile phone. They can do business online with our intuitive and secure transaction signing solutions that are compliant with industry regulations like PSD2 and GDPR.
Imagine that another company does not take the security of its website as seriously as you do. Someone steals their customers' passwords and starts selling them. Now imagine that some of those customers are also your customers. Is there a chance you would have sleepless nights? Would you need to force all your customers to change their passwords? Would you need to convince the Board that you need to enforce more complex passwords? Would you need to explain to sales the loss of business because mobile visitors will be less likely to complete purchases? Would you need to explain to PR that even though it was not your fault, your users still need to go through the pain and the company needs to issue a statement? And this scenario is probably not half as bad as the one where passwords would get stolen directly from your users.
Now imagine a different scenario where there are no passwords at all on your website. Your security is guaranteed through cryptographic keys. In this scenario, your users authenticate with hardened, tamper-proof, biometric identification. They do not need to remember complicated passwords. They would not need to type 16 digits on mobile phones where they need to switch keyboards 3 times to get them right. Yet you could make sure that they are who they claim to be.
The Nevis Authentication Cloud, including the Nevis Access app, provides you with a service that can enable your customers to sign in without a password, using the security chip on mobile devices, using biometric authentication methods. In terms of security, these two-factor methods are much safer than old, password based ones. Additionally, coupled with state-of-the-art server side technology, this can be used for signing transactions where you need elevated security and a higher degree of certainty that your users are indeed who they claim to be.
You get ease of mind: no stolen passwords, no hacked accounts, no uncertainty about user identity.
Smartphones are an integral part of our lives. We don't go anywhere without them. We carry them wherever we go. We also use them more than we use our laptops. These mobile devices have separate, enclosed, protected spaces, so called trusted execution environments, to store and process sensitive data. Basically the phones' security chips are physically separated from the main chip. So even if a device is stolen, the chip is tamper proof, and the private information cannot be stolen from it. These chips guarantee the security of the biometric recognition so we can easily unlock our phones with a fingerprint or a facial ID. This gives us an opportunity to use it as the best tool to safely and securely authenticate ourselves online.
At Nevis, we have created an access app that can make authentication and digital transactions frictionless. No passwords, no pins, yet every bit compliant with strong customer authentication requirements. Our mobile first solution is hardened to prevent hacking on the device side. It is also convenient to reduce friction and enable your customers to complete every single transaction they start. Quick and easy.
You get ease of use: quick authentication and transaction approvals. No more typing on mobile keyboards, no copy-pasting from emails and text messages.
Your Branded App
Your brand means trust. Trust you have earned with your customers. This is why we have built our access app to be brandable to your specifications. Your logo, your colors and the font of your choice will help you retain that trust. The security features in the app will help you strengthen it.
With all your brand assets, we will customize the Nevis Access app for you. You can then release it in the Apple App Store and Google Play Store so your customers can download it. It will be extending the visibility of your brand onto your customers' mobile devices.
You get branded assets: your brand with the security of a Swiss bank under the hood.
Your Management Console
The management console provides you with an intuitive one-stop shop to manage your users, devices and applications from a central console. From the console, you can create the Access Key you need to integrate passwordless authentication into your application. You can find and delete users and devices as necessary. You can even manage the Figma files required for your custom branded app.
Authentication simply means that we can recognize users' digital identities. There is a way for us to make sure that this person is indeed who she claims to be. In a consumer context, this means we have a way to guarantee that the person signing in to the account is the person who created that account in the first place, and not a bot trying to bruteforce its way in with a dictionary of passwords.
When your users sign up for an account, it is customary to set a password. However, as an alternative, they could also use your access app for authentication to set up their account. They would fill in the sign-up form as usual, but as part of the process, they would also scan a QR code that matches their account to the biometrics on the device. This enables them to do away with passwords from that point on.
In the background, during the sign-up process, your flow is redirected to your Nevis Authentication Cloud instance where the account details are stored and a user specific QR code is generated. The Nevis Access app reads this code, then the user, after selecting a biometric authentication method, is authenticated. This way the private cryptographic key on the device and the public key on the server are paired up to enable passwordless sign-in.
Passwordlessly, this is a 20 second matter, 15 of which is spent on typing the username such as an email address. The scenario is simple. Your customers type their user names on the log-in page. Click the Sign in with my mobile button. Your Nevis Authentication Cloud instance sends a push notification to the users' mobile. They open the notification and authenticate with their chosen biometric methods. If successful, the Nevis Access app confirms their identity and the authentication is successful and they are automatically logged in.
There is just one tiny problem with digital signatures. They are usually generated using a Click to sign button. And anybody can fill in the declared name with any name they please. This makes the validity of the signatures questionable in the court of law, as lawyer Paul Bains learned in 2016. The principle holds in all cases. And the question that trumps all other questions is: how can you prove that the person who initiated the transaction is the right person.
The US Securities and Exchange Commission issued a warning in 2015 to investors about identity theft, urging them to activate two-step verification, if available. That was 5 years ago. Today, hackers are more sophisticated than ever. Identity theft is rampant. And investment houses, crypto brokers, all in all, companies that use outdated technologies risk losing the most important asset they have, the trust of their customers.
Using the Nevis Authentication Cloud and your branded Nevis Access app can help your customers sleep better at night, knowing that only transactions that they have biometrically approved will be carried out by your firm. You can also sleep better because you know that no password, plain text or encrypted, ever has to go through unknown networks. Yet, your transactions bear the clear approval of your clients' signature.
Local governments and councils face administrative obligations that appear small, but yet are often daunting. Reporting a change of address for a single person should only be a few minutes. Except when two families of four turn up and someone in the line fails to bring along proper identification. Multiply this by the total number of people who have to report a change of address, and the time grows exponentially. For example, the oldest Canton in Switzerland, Uri has about 36,000 inhabitants. In 2018, over 2900 people changed addresses according to the Bureau of Statistics. That is 6 working days for the city official for every minute of additional administration; and 6 days' worth of lost productivity for the customers for every minute of waiting to be processed. That is 12 full working days lost for every minute of extra time spent on the identification of people in Uri.
Imagine how much faster, safer and more convenient it would be for citizens and officials if they could establish a secure authentication method and use that for all subsequent transactions. Governments and councils would have a way to ensure that they are dealing with the right person for the right purpose. Citizens could sign their requests biometrically, remotely or in person, as it suits them. Sometimes it's these little things such as speeding up the identification process that can save a lot of time, effort and money when it scales.
What you should know to get started
Nevis Authentication Cloud provides a safe and secure authentication cloud service for your business. Your customers can use their mobile phones and your branded app for the biometric approval of transactions such as logins, transfer of funds, medical records or official documents. No need to remember and type a passwords. No data-breaches on password databases. No compromised accounts.
Nevis Access app: this is a hardened, multifactor, FIDO certified mobile app that is branded to your specs. It can be used for user authentication and transaction signing for high-value, sensitive or high-security transactions, from banking, through investment to healthcare and legally binding transactions.
Nevis Authentication Cloud Management Console: this is your administrative access to your own cloud instance. It helps you add, manage and remove integrations such as single sign-on to all your applications, or transaction signing. It also enables you to look up and delete users and devices.
Nevis Portal: the entry point to access the management console and support services for the Authentication Cloud. You can access it under the Nevis Portal.
Customer Backend or Portal: this is the set of applications that you want to provide protected access to. This may include any number of web applications and legacy systems, such as your existing user directory.
Access Key: once you are logged in to the management console, you can add integrations. Each of these integrations will have its own access key that will enable you to make calls to the API to register users, authenticate them and sign their transactions.
Passwordless authentication: Passwords are false friends. They gently force customers to compromise their security for convenience. They lull customers into a false belief of security. Wikipedia, under the list of data breaches says: "In 2019, a collection of 2.7 billion identity records, consisting of 774 million unique email addresses and 21 million unique passwords, was posted on the web for sale." In contrast, passwordless authentication is based on cryptographic key pairs, and use authentication factors other than what the customer knows. See FIDO below for details.
FIDO certified: FIDO is an open industry association "whose mission is to develop and promote authentication standards that help reduce the world's over-reliance on passwords", Wikipedia. They certify two factor authentication products that replace knowledge-based authentication factors. In essence, passwords, what the users know, are replaced by the other factors. One factor may be what the user has, for instance a mobile device. Another factor could be what the user is, such as biometric attributes like fingerprints or facial patterns. The Nevis Access app is an authentication app that is:
- FIDO certified,
- Hardened and tamper proof, and
- Brandable to your company’s specs.
If you want to get right in to working with our REST API, visit our Nevis Authentication Cloud API Reference Guide.
Was this page helpful?