Foundation of date : November. 17th. 2015SSenStone Inc.

Integrated Authentication Solution

Revolutionized authentication technology

SSenStone Inc.

$4 million

The average total cost of data breach

29% increase

Total cost of data breach

$158

The average cost per lost or stolen record

15% increase

Per capita cost

Costsof Data breach

Don’t believe the blockchain hype

Examining the weaknesses and risks

SSenStone Inc.

Problem

Client Server

Hacker

...**3# information

`

1-Way Static Key Matching

Dynamic Key Matching Algorithm (patent grated) –Supporting multi-factors and multi-channels all at once in a safe manner even if user authentication keys are leaked

`

2-Way Dynamic Key Matching

Source technology, innovation of algorithm

SOLUTION

Establish individual solution in at least 4 institutions Replaced with StonePASS!!!

Transaction

SSenStone Inc. 13

SSenStone Inc.

2-Way Dynamic Key Matching

S ecu ri ty ca rds

ID/PW

Pa ymen t

FIDO

O TP

Tra n sa ct i on O TP

S MS

ATM

Amon g Apps

IoT

Innovation in Business

Supporting various environments

• Cloud• Blockchain• IoT

Converging tech trends

• ID/PW• OTP• Biometric / Behavioral

authentication• Others

Technology Overview

UNIQUENESS

Selective Authentication Factor

ID / PW

OTP

Finger Print

IRIS

Sign

StonePASS allow users to use multiple authentication methods and intensity of authentication at once

16

Usability

Instant account hijacking recognition and control

Defends against phishing, pharming and man-in-the-middle a attacks

SSenStone Inc.

Existing

StonePASSUser account

System detects suspicious activities on real-time basis and notifies users,

who can choose lock / unlocktheir accounts

On

17

User authentication in blockchain environment

User authentication keys can be open to general DB or the blockchain environment (as StonePASS is equipped with a safe algorithm even if user account information (user authentication key).

11

• Real-time 2-way authentication• Simultaneous support in the form of possession-based+knowledge-based,

possession-based+characteristics-based, possession-based+knowledge-based+characteristics-based

• Providing multi-factor & multi-channel in one process• Support for a variety of independent biometric processes

• Flawlessness verified between longitudinal section• Defending MITM attack• Defending replay attack• Defending phishing / pharming attack• No deliver of personal information between communications section

• Safe matching even if user authentication keys are leaked• Support for FIDO certificate• Support for blockchain environment• Support for cloud environment• Providing admin tools for efficient management for authentication key

12

Technology

13

Characteristics

B2C authentication service

One-TimeMulti-Factor

Multi-Channel

AdditionalBusiness Model

14

User authentication

service by telecommunications companies

Biometric FIDO

authentication

Creating portfolio of all authentication service throughout the nation

B2COne ID

authentication

ASP service for B2B authentication platform

User User

Internal work system, groupware, VPN, etc.

Shopping malls, games, payment, finance, etc.

FIDO biometric authentication service

2nd authentication (e.g. OTP, transaction

authentication, SMS authentication)

1st authentication (e.g. ID/PW authentication,

PIN authentication)

Deploying app that SDK is applied to

2User authenticationrequest

3

User verification & authentication (1st & 2nd)

5

Internal service authentication within the group

External serviceprovider

Deploying app that SDK is applied to

2

User authenticationrequest

3

15

As-Is

ServiceProvider P/G

Cardcompany

VAN

.

.

Appcard

ISP

‘Safe click’

SMS

Company for card approval

Credit card authentication

Result

Approvalrequest

Cardinfo

Paymentrequest

Result

Approvalrequest

Result

Authentication+Payment platform (As-Is)

16

Authentication+Payment platform (To-Be)

To-Be P/G fee for service provider VAN fee by credit card company

ServiceProvider

MCASCard

company

Authenticationinfo

Paymentrequest

Credit Card No.

User authentication

Paymentrequest

Approval result Approval result

Paymentrequest

Card app

SDK

17

2016.Apr

2016

2016.Mar

Selected as SparkLabs’ 7th Batch Companies (Private Accelerator)

2016.Feb Confirmed $200K Investment from KIBO (Guarantee for Investment Option)

2015.Dec Established Corporate R&D Centre (KOITA)

2015.Nov Established SSenStone Inc.

Selected K-Champ Lab 3rd Batch Companies (Gyeonggi Center for Creative Economy and Innovation)

Selected as Lotte’s L-Camp (Corporate Accelerator) 1st Batch Companies

Selected to Do Presentation in Korea’s Fintech Center’s 7th Demo Day

Formed MOU with Lotte Card

Completed 1 Patent Registration and Applied for PCT

Completed 2nd Patent Registration Applied for Additional Patent (Related Patent) (PCT Application)

2016.Jun Supply contract with Constitutional Court of Korea (e-court system)

Formed strategic partnership with Irience (Iris Recognition)

2016.May Selected 1Q Lab 3rd Batch Companies (KEB Financial Group)

Registered as Venture Business (KIBO)

Formed MOU with FINOTEK (Signature Recognition), InnoTree and Digital Zone

Completed Security Consulting from Financial Security Institute2016.Jul

18

History

Selected Hanwha Dream Plus 63 (11 Korean Fintech Startups)2016.Aug

2016.Sep

Confirmed as Supplier of user authentication solution for National Health Insurance Service

Confirmed as Supplier of user authentication solution for SBI Saving Bank Application Service

2015

2016.Oct

Selected for GEP 4th Japan program

2016.Nov

2017.Jan

2016.Dec

Selected for FIBC 2017 as a representative of Korean startups.

2017.Feb

Awarded at e-Government Contest

Selected for K-Global 300 as promising ICT start-ups & ventures

Selected for Mass Challenge Awards(Boston)

Won the 2nd prize at the 16th Competitiveness Award of Korean Software Industry (mobile/embedded area) by Korea Software Industry Association

Established strategic alliance with NetMove corporation

2017.Mar

Confirmed as Supplier of user authentication solution for Lotte Members, L-pay, L-point Application Service

Project:Establishment of Authentication System for Integrated Management of Recruiting Organization

StonePASS with GS(Good Software) authentication acquired

19

2017

2016

History

Completed patent application for overseas countries

by Korea Life Insurance Association

(completed in 5 countries in Europe, USA, Singapore, China and Japan

Patent granted in Japan

Patent granted in Singapore

Security consulting for financial institutes from FISC of Japan (by Japanese )

SSenStone Inc.

CEO Changhun YooISO TC 171/SC1 & ISO TC46/SC11 Committee Member

B.Sc from Inha UniversityPrevious Member of the Ship Building Division of Samsung Heavy IndustriesPrevious Manager of Dream To Reality Inc.Previous Vice-President at D2RCGPrevious Head of Cybersecurity Solution at MarkAny Inc.

100 years of experience in cybersecurity

14

Patent titleProduct applied

Filing date Grant dateInternational

patent

User authentication method through virtual keypad StonePASS 2015.11.13 March 3, 2016 PCT application

Strengthened user authentication method in security StonePASS 2016.01.06 April 29, 2016

Completed filing in 5 individual countries,

granted in Singapore/Japan

Strengthened user authentication method in flawlessness and security

StonePASS 2016.04.29September 7, 2016

(Confirmed)Completed filing in 5 individual countries

User device authentication method for use of mobile communications network & data network

StonePASS 2016.07.04 On going

21

Patent

Category Applied on Conducted by Remarks

Evaluation in security July 18, 2016 Lotte Card Completed

Evaluation in security May 3, 2016 Constitutional Court Completed

Consulting in security April 14, 2016 Completed

Evaluation in security June 13, 2016 Hana Card Completed

Mock hacking June 29, 2016 (Top3 player) Hacking failed

Status of evaluation in security and various authentication

Category Applied on Certified by Remarks

GS authentication February 16, 2017 TTA Achieved Grade 1

FIDO authentication August 31, 2016 FIDO AllianceServer/Client (iOS/Android)

certified in UAF

22

Company Profile & History

Awards Date Description Host

KIC START Mass Challenge On going On goingMinistry of Science,

ICT and Future Planning

FIBC (Financial Innovation Business Conference) March 2017Korean representative to participated in the biggest FinTechconference hosted by Finolab, Japan

Finolab (Japan)

K-Global Startup 300 January

2016Selected as Korean Start-up 300

Ministry of Science, ICT and Future

Planning

16th Software Competitiveness Awards of KoreaFebruary

2017Embedded/mobile area (2nd prize)

Korea Software Industry Association

2016 e-Government ContestDecember

2016Electronic Times Award (3rd prize) Electronic Times

Award

23

• Upon log-in to web service, providing authentication or controlling (QR code) the service by combining OTP numbers through server pin and mobile app. Or biometric authentication (e.g. using information of fingerprint or face)

• Creating keys created by combining biometric information + web information + device information and sending them after converting as an OTP

• 1-way knowledge-based + possession-based or possession-based + biometrics-based

• Not able to detect real-time MITM due to 1-way authentication

• No FIDO / UAF biometric authentication supported

VASCO DIGIPASS

DIGIPASS for mobile 24

Business Goals & Market Status

Overseas competitors

Authentication

solution

Authenticationservice

Applied technology

for matching

Conclusion

StonePASS technology

➢ 2-way Dynamic Key Matching Technology

➢ One-time Multi-factor & Multi-channel

➢ Safe algorithm even if keys stored on server are leaked

➢ Easy to apply from authentication, payment and account

management 25

Company name: SSenStone Foundation of date : November. 17th. 2015CEO: Changhun Yoo Phone: 02-569-9668Address: 4F 50, 63-ro, Yeongdeungpo-gu, Seoul, Republic of Korea 07345

Every Authentication has connection with

Thank you