REMME is introducing a blockchain-based solution for user authentication which protects companies’ data from cyber attacks while eliminating passwords.
It allows businesses to fortify user accounts by eliminating theft and provides secure access to sensitive data. Instead of a password, the user generates a specific SSL certificate for each device. The certificate data is managed on the blockchain, which makes it extremely difficult for hackers to use fake certificates.
No more passwords , no more break-ins. REMME is a solution for making passwords obsolete, thus eliminating the human factor from the authentication process. REMME is designed to facilitate and resolve access management by building the distributed Public Key Infrastructure protocol and a set of DApps on top of it.
We recently sat down with Alex Momot, the CEO of REMME, to have a chat with him about the project as well as seeking his thoughts and insights on the industry.
Hi, Alex. Thanks for joining us today. Can you tell us more about yourself and REMME?
Sure. So I founded REMME three years ago, during a spell when cyber attacks in my homeland were proliferating. A number of major Ukrainian firms had been threatened by successful cyber attacks, and this dynamic was playing out across the rest of the world too, with everything from public utility companies to financial services providers crippled by the intrusions. While some of these attacks were extremely sophisticated in nature, many more were elementary. As is so often the case, both with online security and in the real world, human error was the single biggest cause of failure.
It was evident that if we could eliminate or at least mitigate that point of failure, we could dramatically bolster network security. And with that goal in mind, REMME was born. We started working on our passwordless authentication system in 2015, and by the following year, our efforts had intensified as we recruited security experts and high-level developers with the skills to help turn our vision into reality.
First off, why did you decide to use the blockchain in building REMME?
What was your thought process behind it?
Around 2016, as REMME started getting up to speed, we settled on the blockchain as being the ideal way to distribute SSL/TLS certificates. It was evident that if it was done right, this would be a highly effective way of keeping these out of the reach of attackers. There’s a lot of hype about blockchain, and projects being launched that have no real need for blockchain technology, but one thing that a distributed ledger is ideal for is securing assets, and removing them from centralized databases that are honeypots for attackers.
You don’t need a blockchain if you’re selling bananas – despite what some startups seem to think – but if you’re needing to store certificates in such a way as to prevent them falling into the wrong hands, blockchain is ideal.
Tell us about how you came up with the idea of REMME.
Did you face a problem within the industry or do you think there is a gap in the market for REMME to fill?
As the adage goes, there’s no such thing as absolute security. What there certainly is, however, is scope for dramatic improvement on the solutions that are currently in place. It doesn’t matter how sophisticated the network access software is or how well it’s encrypted: so long as it’s reliant on a human typing in a string of characters they’ve memorized or stored “in a safe place” there is a serious risk of a system breach. Current solutions, despite being made with good intentions, fail to address this critical issue. So yes, I firmly believe that our passwordless authentication system has merit and real use cases, and the businesses who’ve been trialing it, who stem from all sectors, concur.
What do you think is the biggest problem REMME will solve and why is the problem important to solve?
I think there are two problems that we solve here, the first being how to eliminate passwords without introducing a system that is equally flawed and subject to new attack vectors. Just as passwords can be copied, determined attackers can and have found ways to fake such things as facial recognition and fingerprint scans. Taking away the much-maligned password as a means of access is fine, but you need to replace it with an alternative that is not only more secure but also user-friendly.
If the solution you’re introducing is robust but a total nightmare to use, no one’s going to use it. Businesses would rather stick with the status quo than go with a safer but less accessible alternative. The second problem we’re solving is finding a way to harness the benefits of blockchain without being subject to its drawbacks, such as slow transaction confirmation times. We’re working on a solution which is fast, despite its reliance on blockchain technology.
Do you think your solution will make applications like LastPass and Dashlane obsolete and if so, why?
Password managers such as LastPass and Dashlane do have their applications and if used correctly can enhance security. Making passwords stronger is only a stop-gap measure though. Moreover, these sorts of systems can introduce additional flaws, especially when users resort to writing down hard to remember passwords for these platforms. The likes of LastPass, while used by some businesses, are more consumer-oriented solutions. With REMME, we’re trying to help enterprises secure their systems. Their adoption will, in turn, make these platforms safer for their users, be they clients or the general public.
So we’re tackling the problem of passwords from a different perspective from companies such as LastPass. Should REMME rise to become the web’s de facto security solution I’ll be delighted of course, but this isn’t necessary for REMME to add value and to help lower the number of major cyber attacks that are successfully conducted each year globally.
In your opinion, why do you think cybersecurity is not given much attention to by many businesses?
For example, when people talk about developing an application, they talk about costs, the features of the application, how long will it take etc. but they rarely talk about the security features.
Why do you think this happens?
The truth is that security isn’t sexy. It doesn’t sell consumer products. People get off on cool UI and novel features, not on reading about the encryption standards you’re using. As a result, companies are incentivized to focus on style over substance, bigging up the USPs and headline grabbers that characterize their apps, while neglecting the security side of things. There’s also a sense of fatalism in that many developers feel that since they’re powerless to completely eliminate the possibility of a system breach, they’re resigned to doing what they can and hoping for the best.
Editors Pick: REMME ICO
REMME – Ditching Passwords and Revolutionizing the Cybersecurity Industry
Whether it’s logging into Instagram, online banking or Gmail accounts most digital platforms require a form of password verification to grant access. In the 24/7 digital age, speed and the immediacy of instant access is king and results in most people opting for easy to remember passwords over more cryptic