ReadySignOn

Ridiculously Easy  |  Absurdly Secure

 

Generic mobile authenticator that replaces password-based logins with ease and joy.

No more passwords

To end-users

Natural, snappy and delightful to log in and to pay securely
  • No need to memorize or enter password to sign in
  • Not even need to enter username or email to sign in
  • Just a single tap on your smart mobile device to approve
  • Dynamically generated, site specific one-way cryptographic user identifiers for unmatched user privacy protection (read how)
  • Unrivaled security (read why simpler is more secure)
  • Super fast checkout using mobile pay from any device
  • No need to fill in billing information in browser
  • No need to fill in shipping information in browser
  • Just tapping on your smart mobile device to approve checkout payment
  • Secure, zero-footprint remote login from any terminal whether it’s a kiosk, a virtual machine or a shared PC with consistent experience across platforms and browsers
  • No extra device or hardware key to carry or manage

To businesses

Maximum user conversion and protection for transactions
  • Ultra-low friction user registration experience with just a single confirmation click
  • Ultra-low friction user login experience that promotes active user engagement
  • Ultra-low friction checkout and payment experience that promote business transactions
  • Versatile integration based on tried and tested open standards such as OAuth, OpenID and OpenID Connect
  • Popular social login providers can be added with a single click of a button. No additional code or configuration change necessary
  • Public-key digital signature based authentication for best security
  • Dynamically generated, site specific one-way cryptographic user identifiers for unmatched user privacy protection
DOWNLOAD THE APP

Real security demands simplicity, clarity and transparency over complexity and obscurity.

Following these principles ReadySignOn was created with openness in mind and without ambiguity in design. It offers unmatched security and privacy protection by limiting user input during the registration and login process to an absolute minimum, transforming these crucial digital engagement points into delightful user experiences.

See How

Sometimes good just ain’t good enough


Read the differences below and see why

Other Passwordless Solutions: Require entering login ID (often username or email address) which not only weakens the user privacy protection but could also subject the user to targeted hacking attempts.
ReadySignOn / QuickSignOn: No need to enter username or password to sign in.
Other Passwordless Solutions: User account registration and account creation still follow the traditional approach that requires the user to create and memorize a unique username and a complex password, which is a major friction point when it comes to user engagement.
ReadySignOn / QuickSignOn: Instant user registration and account creation with a single confirmation click. No need to create login id or password.
Other Passwordless Solutions: Each authenticator device and client combination must be registered or bond on its first use. Even on the same machine switching to a different browser or to incognito mode will trigger a new registration.
In addition to the annoyance of repeated registration, generating excessive number of cryptographic key pairs and keep them across different storages on various devices, significantly up the risk of credential leaking in additional to bringing in new challenges to device and account sign-on management.
ReadySignOn / QuickSignOn: Device registration or binding is unnecessary.
Other Passwordless Solutions: Because the entire authentication process is initiated and coordinated by, and communicated through the login terminal, a malware infection of such terminal could subject the user to targeted hacking or MitM attacks easily.
ReadySignOn / QuickSignOn: Incredibly resilient to online phishing, credential stuffing, MitM, malware and key-logging attacks.

Authentication credentials are sent directly from the authenticator to the designated server’s pre-validated URL endpoint through a separate back channel communication, completely eliminated any opportunity for online phishing attacks.

Authentication credentials completely bypass the user login terminal, thus even a compromised login terminal would not cause the sensitive credentials to leak.

Since the authentication token is made of a time-sensitive cryptographic proof (digital signature), thus even a compromised communication channel would not subject the user to credential stuffing or MitM attacks.

Other Passwordless Solutions: While the security risk associated with SMS messaging has now been widely recognized, the image substitution risk associated with scanning human illegible QR codes for the purpose of authentication is yet to be highlighted by the industry for a broader public awareness it deserves.
ReadySignOn / QuickSignOn: Not using SMS or QR scan, hence not susceptible to text spoofing or image substitution attacks.
Other Passwordless Solutions: Require external hardware key or platform with compatible hardware and firmware support.

User either needs to carry additional device or must sign in from a compatible terminal in order to use passwordless authentication.

ReadySignOn / QuickSignOn: Works with user’s primary iOS or Android device. No extra physical thing to carry or manage.
Other Passwordless Solutions: The reliance on specialty hardware means users cannot backup their authenticators, which also means user account recovery cannot be guaranteed.
ReadySignOn / QuickSignOn: Allows user-controlled backups with strong encryption for account recovery.
Other Passwordless Solutions: Limited use-cases. Doesn’t support delegated secure remote authentication.
ReadySignOn / QuickSignOn: Supports delegated remote account access without having to share credentials.
Other Passwordless Solutions: Cannot be used on Kiosk, public terminals, virtual machines, or over remote desktops where the required USB, NFS or BLE is not available.
ReadySignOn / QuickSignOn: Zero footprint authentication enables safe sign-in from Kiosk or shared terminals.
Other Passwordless Solutions: Excessive number of cryptographic key pairs are generated for a single account of the same website. All keys are saved in various storages across different devices, increasing risk of credential leaking.
ReadySignOn / QuickSignOn: ReadyID are site specific user identifiers derived from a single pair of cryptographic keys, substantially reduces the risk associated with key management.

ReadyID can be generated on demand, users need not to manually scan or bind a relying party generated id before its first user. Therefore, it allows super-fast, low-friction account registration.

ReadyID can be used to cryptographically verify authentication responses.

ReadyID protects user privacy against online user tracking by making it impossible for websites to identify different ReadyIDs belonging to the same user, despite confusions by third parties.

ReadyID can be used to generate cryptographic assertions allowing users to claim ownership of discrete accounts or prove account correlations.

Other Passwordless Solutions: Inconsistent user experiences across different browsers, platforms and connectivity.

Many existing systems and software are not fully compatible with the latest specification and may need costly update.

New APIs and SDKs require code change to existing websites and applications, as well as extensive testing, with hard-to-predict outcome.

ReadySignOn / QuickSignOn: Compatible with all browsers and web views embedded in native apps with consistent user experience.

No special reliance on NFC, BLE or USB port and the solution works on all systems, including virtual machines over remote desktop connections.

Other Passwordless Solutions: Additional hardware and scattered cryptographic keys complicate enterprise asset management, audits, and compliances.
ReadySignOn / QuickSignOn: Patches, fixes, and upgrades can be timely deployed. Better audit and compliance with reduced burden on enterprise asset management.
Other Passwordless Solutions: Specialty hardware and tailored technical specs significantly increase the time to patch bugs and issues, as well as the cycle of solution update.
ReadySignOn / QuickSignOn: Using iOS and Android devices also means the solution can take full advantage of the multi-layered security measures offered by the respective platforms and built-in hardware (e.g., iOS keychain, AES engine, Secure Enclave and Biometric Scanners etc.) to ensure both robust security and strong user privacy protection. Powerful modern mobile devices also make future proofing the solution possible.
Other Passwordless Solutions: The inconsistent behavior of the solution under different settings makes it challenging to remove user’s concerns over biometric data collection.

Despite the possible misunderstanding by the user over biometric data use, the solution is still limited to biometric authentication and is not capable of biometric identity binding or proofing.

ReadySignOn / QuickSignOn: The functional behavior of the solution is helpful in alleviating user concerns over private biometric data could be used for identity binding or proofing.
Other Passwordless Solutions: It’s only working with latest browsers, operation systems and hardware platforms, with limitations on account recovery, gradual transitioning and use cases.
ReadySignOn / QuickSignOn: No need to wait on new browser releases, new upgrades on existing hardware. It’s already fully working and it’s ready now.
Other Passwordless Solutions: Special browser API and hardware requirement imply lengthy and costly implementation for any large scale deployment. The introduction of new code and hardware implies prolonged testing and the likelihood of encountering new challenges before solving the existing one.
ReadySignOn / QuickSignOn: Natural, snappy, and delightful user experience is the secret sauce for strong passwordless authentication.
Built on the robust ReadySignOn foundation our free QuickSignOn authenticator offers the same core functionality found only in the powerful ReadySignOn iOS app but without the extra bells and whistles. It leverages the same backend services and interfaces when integrating with websites and apps and it’s available in both Apple’s App Store and Google’s Play Store.

Low Friction

Lengthy registration and cumbersome login steps are the biggest hindrance in digital user engagement. Case no more with ReadySignOn as it allows instant user registration and sign-in with simple taps on user’s smartphone, smartwatch or tablets

Decentralized

ReadySignOn promotes decentralized security where sensitive user account and profile information is kept on user’s mobile device, in user’s own hands as opposed to being stored in a centralized database which most certainly will attract strenuous hacking and breaching attempts.

No QR Scan

ReadySignOn avoids the use of the obscure QR codes which are vulnerable to image substitution attacks due to its human incomprehensible nature. Besides, in many places awkward camera scans are either outright unacceptable or just downright unpleasant. ReadySignOn enables a more natural, intuitive, and elegant user experience with exceptionally strong security and privacy protection.

Exceptional Privacy Measure

One-way cryptographic identifiers with user-controlled ownership verification scheme are our answer to the ever-worsening online user tracking and privacy abuse problems. ReadyID is a dynamically generated site-specific user identifier with cryptographic attributes that allow it to be used as a public key for digitally approving authentication sessions as well as for proving user identity assertions without the need of disclosing user personal information.

Have More Questions?

Get in touch with our team for fast technical support and more information. We’d love to hear from you!

Contact Us Today!