revolutionized authentication technology · formed mou with finotek (signature recognition),...
TRANSCRIPT
Foundation of date : November. 17th. 2015SSenStone Inc.
Integrated Authentication Solution
Revolutionized authentication technology
SSenStone Inc.
$4 million
The average total cost of data breach
29% increase
Total cost of data breach
$158
The average cost per lost or stolen record
15% increase
Per capita cost
Costsof Data breach
Don’t believe the blockchain hype
Examining the weaknesses and risks
SSenStone Inc.
Problem
Client Server
Hacker
...**3# information
`
1-Way Static Key Matching
Dynamic Key Matching Algorithm (patent grated) –Supporting multi-factors and multi-channels all at once in a safe manner even if user authentication keys are leaked
`
2-Way Dynamic Key Matching
Source technology, innovation of algorithm
SOLUTION
Establish individual solution in at least 4 institutions Replaced with StonePASS!!!
Transaction
SSenStone Inc. 13
SSenStone Inc.
2-Way Dynamic Key Matching
S ecu ri ty ca rds
ID/PW
Pa ymen t
FIDO
O TP
Tra n sa ct i on O TP
S MS
ATM
Amon g Apps
IoT
Innovation in Business
Supporting various environments
• Cloud• Blockchain• IoT
Converging tech trends
• ID/PW• OTP• Biometric / Behavioral
authentication• Others
Technology Overview
UNIQUENESS
Selective Authentication Factor
ID / PW
OTP
Finger Print
IRIS
Sign
StonePASS allow users to use multiple authentication methods and intensity of authentication at once
16
Usability
Instant account hijacking recognition and control
Defends against phishing, pharming and man-in-the-middle a attacks
SSenStone Inc.
Existing
StonePASSUser account
System detects suspicious activities on real-time basis and notifies users,
who can choose lock / unlocktheir accounts
On
17
User authentication in blockchain environment
User authentication keys can be open to general DB or the blockchain environment (as StonePASS is equipped with a safe algorithm even if user account information (user authentication key).
11
• Real-time 2-way authentication• Simultaneous support in the form of possession-based+knowledge-based,
possession-based+characteristics-based, possession-based+knowledge-based+characteristics-based
• Providing multi-factor & multi-channel in one process• Support for a variety of independent biometric processes
• Flawlessness verified between longitudinal section• Defending MITM attack• Defending replay attack• Defending phishing / pharming attack• No deliver of personal information between communications section
• Safe matching even if user authentication keys are leaked• Support for FIDO certificate• Support for blockchain environment• Support for cloud environment• Providing admin tools for efficient management for authentication key
12
Technology
13
Characteristics
B2C authentication service
One-TimeMulti-Factor
Multi-Channel
AdditionalBusiness Model
14
User authentication
service by telecommunications companies
Biometric FIDO
authentication
Creating portfolio of all authentication service throughout the nation
B2COne ID
authentication
ASP service for B2B authentication platform
User User
Internal work system, groupware, VPN, etc.
Shopping malls, games, payment, finance, etc.
FIDO biometric authentication service
2nd authentication (e.g. OTP, transaction
authentication, SMS authentication)
1st authentication (e.g. ID/PW authentication,
PIN authentication)
Deploying app that SDK is applied to
2User authenticationrequest
3
User verification & authentication (1st & 2nd)
5
Internal service authentication within the group
External serviceprovider
Deploying app that SDK is applied to
2
User authenticationrequest
3
15
As-Is
ServiceProvider P/G
Cardcompany
VAN
.
.
Appcard
ISP
‘Safe click’
SMS
Company for card approval
Credit card authentication
Result
Approvalrequest
Cardinfo
Paymentrequest
Result
Approvalrequest
Result
Authentication+Payment platform (As-Is)
16
Authentication+Payment platform (To-Be)
To-Be P/G fee for service provider VAN fee by credit card company
ServiceProvider
MCASCard
company
Authenticationinfo
Paymentrequest
Credit Card No.
User authentication
Paymentrequest
Approval result Approval result
Paymentrequest
Card app
SDK
17
2016.Apr
2016
2016.Mar
Selected as SparkLabs’ 7th Batch Companies (Private Accelerator)
2016.Feb Confirmed $200K Investment from KIBO (Guarantee for Investment Option)
2015.Dec Established Corporate R&D Centre (KOITA)
2015.Nov Established SSenStone Inc.
Selected K-Champ Lab 3rd Batch Companies (Gyeonggi Center for Creative Economy and Innovation)
Selected as Lotte’s L-Camp (Corporate Accelerator) 1st Batch Companies
Selected to Do Presentation in Korea’s Fintech Center’s 7th Demo Day
Formed MOU with Lotte Card
Completed 1 Patent Registration and Applied for PCT
Completed 2nd Patent Registration Applied for Additional Patent (Related Patent) (PCT Application)
2016.Jun Supply contract with Constitutional Court of Korea (e-court system)
Formed strategic partnership with Irience (Iris Recognition)
2016.May Selected 1Q Lab 3rd Batch Companies (KEB Financial Group)
Registered as Venture Business (KIBO)
Formed MOU with FINOTEK (Signature Recognition), InnoTree and Digital Zone
Completed Security Consulting from Financial Security Institute2016.Jul
18
History
Selected Hanwha Dream Plus 63 (11 Korean Fintech Startups)2016.Aug
2016.Sep
Confirmed as Supplier of user authentication solution for National Health Insurance Service
Confirmed as Supplier of user authentication solution for SBI Saving Bank Application Service
2015
2016.Oct
Selected for GEP 4th Japan program
2016.Nov
2017.Jan
2016.Dec
Selected for FIBC 2017 as a representative of Korean startups.
2017.Feb
Awarded at e-Government Contest
Selected for K-Global 300 as promising ICT start-ups & ventures
Selected for Mass Challenge Awards(Boston)
Won the 2nd prize at the 16th Competitiveness Award of Korean Software Industry (mobile/embedded area) by Korea Software Industry Association
Established strategic alliance with NetMove corporation
2017.Mar
Confirmed as Supplier of user authentication solution for Lotte Members, L-pay, L-point Application Service
Project:Establishment of Authentication System for Integrated Management of Recruiting Organization
StonePASS with GS(Good Software) authentication acquired
19
2017
2016
History
Completed patent application for overseas countries
by Korea Life Insurance Association
(completed in 5 countries in Europe, USA, Singapore, China and Japan
Patent granted in Japan
Patent granted in Singapore
Security consulting for financial institutes from FISC of Japan (by Japanese )
SSenStone Inc.
CEO Changhun YooISO TC 171/SC1 & ISO TC46/SC11 Committee Member
B.Sc from Inha UniversityPrevious Member of the Ship Building Division of Samsung Heavy IndustriesPrevious Manager of Dream To Reality Inc.Previous Vice-President at D2RCGPrevious Head of Cybersecurity Solution at MarkAny Inc.
100 years of experience in cybersecurity
14
Patent titleProduct applied
Filing date Grant dateInternational
patent
User authentication method through virtual keypad StonePASS 2015.11.13 March 3, 2016 PCT application
Strengthened user authentication method in security StonePASS 2016.01.06 April 29, 2016
Completed filing in 5 individual countries,
granted in Singapore/Japan
Strengthened user authentication method in flawlessness and security
StonePASS 2016.04.29September 7, 2016
(Confirmed)Completed filing in 5 individual countries
User device authentication method for use of mobile communications network & data network
StonePASS 2016.07.04 On going
21
Patent
Category Applied on Conducted by Remarks
Evaluation in security July 18, 2016 Lotte Card Completed
Evaluation in security May 3, 2016 Constitutional Court Completed
Consulting in security April 14, 2016 Completed
Evaluation in security June 13, 2016 Hana Card Completed
Mock hacking June 29, 2016 (Top3 player) Hacking failed
Status of evaluation in security and various authentication
Category Applied on Certified by Remarks
GS authentication February 16, 2017 TTA Achieved Grade 1
FIDO authentication August 31, 2016 FIDO AllianceServer/Client (iOS/Android)
certified in UAF
22
Company Profile & History
Awards Date Description Host
KIC START Mass Challenge On going On goingMinistry of Science,
ICT and Future Planning
FIBC (Financial Innovation Business Conference) March 2017Korean representative to participated in the biggest FinTechconference hosted by Finolab, Japan
Finolab (Japan)
K-Global Startup 300 January
2016Selected as Korean Start-up 300
Ministry of Science, ICT and Future
Planning
16th Software Competitiveness Awards of KoreaFebruary
2017Embedded/mobile area (2nd prize)
Korea Software Industry Association
2016 e-Government ContestDecember
2016Electronic Times Award (3rd prize) Electronic Times
Award
23
• Upon log-in to web service, providing authentication or controlling (QR code) the service by combining OTP numbers through server pin and mobile app. Or biometric authentication (e.g. using information of fingerprint or face)
• Creating keys created by combining biometric information + web information + device information and sending them after converting as an OTP
• 1-way knowledge-based + possession-based or possession-based + biometrics-based
• Not able to detect real-time MITM due to 1-way authentication
• No FIDO / UAF biometric authentication supported
VASCO DIGIPASS
DIGIPASS for mobile 24
Business Goals & Market Status
Overseas competitors
Authentication
solution
Authenticationservice
Applied technology
for matching
Conclusion
StonePASS technology
➢ 2-way Dynamic Key Matching Technology
➢ One-time Multi-factor & Multi-channel
➢ Safe algorithm even if keys stored on server are leaked
➢ Easy to apply from authentication, payment and account
management 25
Company name: SSenStone Foundation of date : November. 17th. 2015CEO: Changhun Yoo Phone: 02-569-9668Address: 4F 50, 63-ro, Yeongdeungpo-gu, Seoul, Republic of Korea 07345
Every Authentication has connection with
Thank you