Whether it’s logging into Instagram, online banking or Gmail accounts most digital platforms require a form of password verification to grant access.
In the 24/7 digital age, speed and the immediacy of instant access is king and results in most people opting for easy to remember passwords over more cryptic ones. The risk of being locked out of an account and losing access is of greater concern than being hacked.
Yet, hacking is today’s epidemic and more and more people and businesses are falling prey to security breaches.
This year alone, we learned of Uber’s data security incident which jeopardized the personal data of 57 million Uber users around the world. Heathrow Airport and Deloitte also fell under attack and Equifax lost personal data of 143 million US customers because of using “admin” as the username and password.
According to a survey of 1,000 respondents by Keeper Security, more than 80% of people reuse the same password across multiple accounts. Studies show that 10,000 of the most common passwords, such as 123456 can access 98% of all accounts. People often leave their browsers open on public computers, write passwords down on paper or in a file on their computers or get duped into giving away their login data.
But what about popular password managers, such as LastPass, which remember passwords and even generate strong random passwords for each online account? Don’t they provide a solution to help with the human weaknesses, such as poor memories and laziness? Well, unfortunately, these online platforms are fallible too. They can also get hacked, as happened to LastPass in 2015. A data breach exposed users’ email addresses, encrypted passwords and password reminder hints.
So, what is the answer to this security problem outside of voice biometrics and multi-factor authentication?
A staggering 95% of data breaches today are caused by hacked passwords and it is predicted that by 2019, over 80% of organizations will use cryptocurrency’s underlying blockchain technology to avoid security issues.
Now authentication systems are being developed through blockchain technology, which favors the concept of a decentralized system over a centralized one. Multiple, publicly visible, shared copies of data exist across the blockchain. All transactions are stored as blocks and reconciled among the members at a set frequency. This prevents an attack on an individual server in the blockchain from jeopardizing the data as a whole.
Cryptocurrencies like Bitcoin have so far successfully withstood cyberattacks for more than 8 years.
REMME is one of a number of innovative companies which have been using blockchain tech to solve the security issues.
They’ve introduced a Blockchain-based solution for user authentication, protecting company’s data from cyber attacks while eliminating passwords. It allows businesses to protect user accounts from theft and provides secure access to sensitive data. Instead of a password the user generates a specific SSL certificate for each device. The certificate data is managed on the blockchain, which makes it extremely difficult for hackers to use fake certificates.
No more passwords — no more break-ins. REMME is a solution to make passwords obsolete, thus eliminating the human factor from the authentication process. REMME is designed to facilitate and resolve access management by building the distributed Public Key Infrastructure protocol and the set of DApps on top of it.
REMME’s goal is to use the high-end security system to provide a distributed public key infrastructure management. The use of REMME will help financial, infrastructure, MedTech and blockchain companies address the problem of security failings.
A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. This standard is based on SSL/TLS certificates, which are widely adopted in enterprise solutions such as banking and tax services. In addition, almost every device, from a laptop to a car, supports SSL/TLS that makes it possible to use REMME for IoT.
REMME is a next-gen data protection solution as it removes friction, increases user experience, and delivers high value, excelling in all security aspects.
- Removes the need for centralized storage and makes leaks of user credentials impossible.
- Replaces weak means of protection (like removing the door from the wall literally — not just another password storage), i.e., REMME makes passwords and PINs obsolete (at least for 80% of the cases).
- Minimizes the human factor (phishing, social engineering, etc.), as there is no password to be stolen or given out by mistake.
REMME leverages a distributed public key infrastructure to authenticate users and devices. Instead of a password the user generates an SSL certificate for each device. The certificate data is managed on the blockchain, which makes it extremely difficult for hackers to use fake certificates.
Two key parts of the REMME solution are:
- REMME PKI (d) protocol: uses a custom blockchain with Bitcoin anchoring and powered by nodes to assure the stability of the system. The REMME Protocol is distributed as open source code, so everyone can use it to build their own DApps through REMME SDK.
- REMME DApps: REMME WebAuth, REMME Enterprise, and REMME for IoT will be developed during the first stage. REMME mail and REMME sign are planned to be developed during the future stages.
In addition, REMME offers users the option to use different 2FA (two-factor authentication) options: through the most popular messenger apps for REMME WebAuth (no need to install additional apps) or using hard tokens and corporate mobile applications for REMME Enterprise (to meet internal security requirements).
REMME solves the following issues:
- Trusting the centralised certification authority (CA)
- CA keys being compromised
- Fake certificate issuance
- Issuance of “hidden” certificates, trying to intercept and redirect connections
Although it is likely the password will be the authentication method of choice for quite some time, it is clear that the blockchain technology can allow applications to make use of its security benefits and it is likely to play a key role in the protection of highly sensitive data in the future.
Ukroboronprom, Ukraine’s umbrella association for the defense industry, has formed a strategic partnership with REMME to enable secure, password-less access to its employees – this shows the investment that companies are putting into blockchain-based security.
REMME announced its initial coin offering (ICO) in November this year.
REM token is the superpower boosting the whole ecosystem, operating like a license or digital key and granting its holders access to REMME PKI and DApps. Token holders will be able to use the REM token in a variety of ways: certificate generation, revocation, node creation, and fees covering conversion of fiat payments.
Token name: REM
Token base: Ethereum (ERC-20 compliant)
Token supply: 1 billion
Token sale duration: Presale 4th December – 25th December 2017, Public Sale Q1 2018
Token sale target: $20,000,000 (hard cap)
Token exchange rate: 1 REM = $0.04