ReadySignOn

ridiculously simple | absurdly secure

Generic mobile authenticator turns password-based logins into simple taps and joy.

No more passwords

To end-users

Natural, easy and delightful sign-in experience
  • No need to enter or memorize passwords
  • No need to enter username or email
  • A simple tap on your mobile device to is all it takes
  • Dynamically generated, site specific one-way cryptographic user identifiers for unmatched user privacy protection (read how)
  • Unrivaled security (read why simpler is more secure)
  • Super-fast checkout using mobile pay from any device
  • No need to fill in billing or shipping information during every checkout
  • Simply tap on mobile device to approve payment
  • Secure, zero-footprint remote logins from any terminal including kiosk, virtual machine or shared PCs with consistent experience across platforms and browsers
  • No extra hardware or key fab to carry or manage

To businesses

Maximum customer conversion plus game-changing security
  • Ultra-low friction user registration experience
  • Ultra-low friction user login experience
  • Ultra-low friction checkout and payment experience that promote sales & transactions
  • Versatile integration based on mature open standards such as OAuth, OpenID and OpenID Connect
  • Popular social login providers can be enabled with a click of a button, with no additional code or configuration change necessary
  • Public-key digital signature based authentication for best security
  • Dynamically generated, site specific one-way cryptographic user identifiers for unmatched user privacy protection
DOWNLOAD THE APP

Real security demands simplicity, clarity and transparency over complexity and obscurity.

Following these principles ReadySignOn was created with openness in mind and without ambiguity in design. It offers unmatched security and privacy protection by limiting user input during the registration and login process to an absolute minimum, transforming these crucial engagement points into delightful user impressions.

See How

When it comes to authentication good just ain’t good enough


Compare the differences below and see why

Other passwordless solutions: Require entering login ID (often username or email address) which not only weakens the user privacy protection but may also subject the user to targeted hacking attempts.
ReadySignOn / QuickSignOn: No need to enter username or password to sign in.
Other passwordless solutions: Do not eliminate or improve the cumbersome user registration or account creation process which often requires the user to create and memorize a unique username and password.
ReadySignOn / QuickSignOn: Instant user registration and account creation with a single confirmation click. No need to create login id or password.
Other passwordless solutions: Each authenticator device and client combination must be registered or bond on its first use. Even switching to a different browser or using incognito mode on the same machine will trigger a new registration process.

In addition to the annoyance of repeated registration, generating excessive number of cryptographic key pairs and storing them on different devices significantly up the risk of credential leaking. It also brings new challenges in device management for organizations.

ReadySignOn / QuickSignOn: Device registration and binding are unnecessary.
Other passwordless solutions: Authentication process is initiated and coordinated by, and communicated through the login terminal, a malware infection of such terminal could subject the user to targeted hacking or MitM attacks easily.
ReadySignOn / QuickSignOn: Incredibly resilient to online phishing, credential stuffing, MitM, malware and key-logging attacks.

Authentication credentials are sent directly from the authenticator to the designated server’s pre-validated URL endpoint through a separate back channel communication, completely eliminated any opportunity for online phishing attacks.

Authentication credentials completely bypass the user login terminal, thus even a compromised login terminal would not cause the sensitive credentials to leak.

Since the authentication token is made of a time-sensitive cryptographic proof (digital signature), thus even a compromised communication channel would not subject the user to credential stuffing or MitM attacks.

Other passwordless solutions: While the security risk associated with SMS messaging has now been widely recognized, the image substitution risk associated with scanning human illegible QR codes for the purpose of authentication hasn’t been highlighted by the industry for a better public awareness that it deserves.
ReadySignOn / QuickSignOn: Not using SMS or QR scan, hence not susceptible to text spoofing or image substitution attacks.
Other passwordless solutions: Require external hardware key or platform with compatible hardware and firmware support.

User either needs to carry an additional device or must sign in from a compatible terminal in order to use passwordless authentication.

ReadySignOn / QuickSignOn: Works with user’s primary iOS or Android device. No extra physical thing to carry or manage.
Other passwordless solutions: The reliance on specialty hardware means users cannot backup their authenticators, which also means user account recovery could be infeasible.
ReadySignOn / QuickSignOn: Allows user-controlled backups with strong encryption for account recovery.
Other passwordless solutions: Limited use-cases, e.g. can’t support delegated secure remote authentications.
ReadySignOn / QuickSignOn: Supports delegated remote account access without having to share credentials.
Other passwordless solutions: Cannot be used on Kiosk, public terminals, virtual machines, or over remote desktops where the USB, NFS or BLE is unavailable.
ReadySignOn / QuickSignOn: Zero footprint authentication enables safe sign-in from Kiosk or shared terminals.
Other Passwordless Solutions: Excessive number of cryptographic key pairs are generated for a single account of the same website. All keys are saved in various storages across different devices, increasing risk of credential leaking.
ReadySignOn / QuickSignOn: ReadyID are site specific user identifiers derived from a single pair of cryptographic keys, substantially reduces the risk associated with key management.

ReadyID can be generated on demand, users need not to manually scan or bind a relying party generated id before its use. Hence, allowing super-fast, low-friction account creation.

ReadyID can be used to cryptographically verify authentication responses.

ReadyID protects user privacy against online user tracking by making it impossible for websites to determine whether different identifiers belong to the same user, even when colluding together.

ReadyID can be used to generate cryptographic assertions allowing users to claim ownership of discrete accounts or prove account correlations.

Other Passwordless Solutions: Inconsistent user experiences across different browsers, platforms and connectivity.

Many existing systems and software are not fully compatible with the latest specification and may need costly update.

New APIs and SDKs require code change to existing websites and applications, as well as extensive testing, with hard-to-predict outcome.

ReadySignOn / QuickSignOn: Compatible with all browsers and web views embedded in native apps with consistent user experience.

No special reliance on NFC, BLE or USB port and the solution works on all systems, including virtual machines over remote desktop connections.

Other Passwordless Solutions: Additional hardware and scattered cryptographic keys complicate enterprise asset management, audits, and compliances.
ReadySignOn / QuickSignOn: Patches, fixes, and upgrades can be timely deployed. Better audit and compliance with reduced burden on enterprise asset management.
Other Passwordless Solutions: Specialty hardware and tailored technical specs significantly increase the time to patch bugs and issues, as well as the cycle of solution update.
ReadySignOn / QuickSignOn: Using iOS and Android devices also means the solution can take full advantage of the multi-layered security measures offered by the respective platforms and built-in hardware (e.g., iOS keychain, AES engine, Secure Enclave and Biometric Scanners etc.) to ensure both robust security and strong user privacy protection. Powerful modern mobile devices also make future proofing the solution possible.
Other Passwordless Solutions: The inconsistent behavior of the solution under different settings makes it challenging to remove user’s concerns over biometric data collection.

Despite the possible misunderstanding by the user over biometric data use, the solution is still limited to biometric authentication and is not capable of biometric identity binding or proofing.

ReadySignOn / QuickSignOn: The functional behavior of the solution is helpful in alleviating user concerns over private biometric data could be used for identity binding or proofing.
Other Passwordless Solutions: It’s only working with latest browsers, operation systems and hardware platforms, with limitations on account recovery, gradual transitioning and use cases.
ReadySignOn / QuickSignOn: No need to wait on new browser releases, new upgrades on existing hardware. It’s already fully working and it’s ready now.
Other Passwordless Solutions: Special browser API and hardware requirement imply lengthy and costly implementation for any large scale deployment. The introduction of new code and hardware implies prolonged testing and the likelihood of encountering new challenges before solving the existing one.
ReadySignOn / QuickSignOn: Natural, snappy, and delightful user experience is the secret sauce for strong passwordless authentication.
Built on the robust ReadySignOn foundation our free QuickSignOn authenticator offers the same core functionality found only in the powerful ReadySignOn iOS app but without the extra bells and whistles. It leverages the same backend services and interfaces when integrating with websites and apps and it’s available on both Apple and Google platforms.

Low Friction

Lengthy registration and cumbersome login steps are the biggest hindrance to digital user engagement. Case no more with ReadySignOn as it allows instant user registration and sign-in with simple taps on user’s smartphone, smartwatch or tablets

Decentralized

ReadySignOn promotes decentralized security where sensitive user account and profile information is kept on user’s mobile device, in user’s own hands as opposed to being stored in a centralized database which most certainly will attract strenuous hacking and breaching attempts.

No QR Scan

ReadySignOn avoids the use of the obscure QR codes which are vulnerable to image substitution attacks due to its human incomprehensible nature. Besides, in many places awkward camera scans are either outright unacceptable or just downright unpleasant. ReadySignOn enables a more natural, intuitive, and elegant user experience with exceptionally strong security and privacy protection.

Exceptional Privacy Measure

One-way cryptographic identifiers with user-controlled ownership verification scheme are our answer to the ever-worsening online user tracking and privacy abuse problems. ReadyID is a dynamically generated site-specific user identifier with cryptographic attributes that allow it to be used as a public key for digitally approving authentication sessions as well as for proving user identity assertions without the need of disclosing user personal information.

Have More Questions?

Get in touch with our team for fast technical support and more information. We’d love to hear from you!

Contact Us Today!