1) What is BlokSec Immutable Authentication?
BlokSec provides the most secure authentication service based on digital signatures and immutable ledger (based on blokchain technology). Breaking down barriers between cybersecurity, identity, and device management, BlokSec fundamentally changes the way users login without passwords and providing users with a frictionless multi-factor login experience. BlokSec provides the zero-trust access needed to secure hybrid work environments ensuring that trusted users and devices are accessing critical resources on-premesis or in the cloud. The innovative BlokSec service architecture replaces passwords with digital singatures and consent-based authenticaion / authorization leveraging Elliptic Curve Digital Signature Algorithm (ECDSA). Businesses leverage BlokSec to stop phishing attacks, stop being a victim ofcyberattacks, protect their most critical data, and meet compliance requirements.
2) Does BlokSec store users’ personal identifiable information (PII)?
BlokSec only stores users’ name and email address / logon id. Optionally the user can provide a mobile number to support alternate secure login option.
3) Does BlokSec store users’ biometry information?
No the BlokSec service does not store any biometry information for a given user.
3) What if a device is stolen?
Users and admin can remove stolen or lost devices from the directory so that it can no longer authenticate.
BlokSec enforces a policy where user biometry or pin are required to authenticate. This ensures that only the device owner can log in and protects against a lost or stolen device gaining access.
3) What if a device is lost or switching device?
BlokSec provides an innovative approach for users to backup and restore their linked accounts for passwordless authentication. Additional information can be found here.
4) Does BlokSec meet multi-factor authentication (MFA) guidelines?
Yes. BlokSec meets the standard MFA requirements. BlokSec employs multiple factors to login:
- Something you have: device-level security keys to support digital signature
- Something you are: device-level biometrics
Unlike other MFA solutions, BlokSec does not use passwords. It is far more secure because BlokSec removes the centrally stored honeypot of passwords from the authentication flow.
BlokSec service has none of the friction of other MFA’s i.e. hardwrare tokens, one time password (OTP) via SMS or email, and mobile-based MFA app that provides 6 digit codes. It simply provides a secure frictionless login that users will love.
5) [Android] When trying to register with the yuID app on Android, I'm presented with an error message about Device Security
If you receive an error message during registration that says:
"To protect your personal digital key from misuse, the BlokSec application requires that your device be protected with a fingerprint or passcode. There is currently no security setup on your device.
Please enable security on your device under Settings > Device Security > Screen lock and try again."
This means that the yuID app was not able to access your device's secure hardware keystore. There can be multiple reasons for this:
- Your device is open / unlocked, e.g., not currently protected with with a fingerprint 👉 to resolve: add a fingerprint lock to your device
- Your device is currently not configured to use a biometric sensor that meets the "Class 3" requirements of the Android operating system; according to Android documentation, in order for device implementations to allow access to keystore keys to third-party applications, they:
- [C-6-1] MUST meet the requirements for Class 3 as defined in this section below.
- [C-6-2] MUST present only Class 3 biometrics when the authentication requires BIOMETRIC_STRONG, or the authentication is invoked with a CryptoObject.
- 👉 to resolve: configure your device to be locked with a fingerprint