Passwords are unmanageable. Password-free life is a criminals' Utopia. Biometrics makes the matter worse (*). Then what else?
* NIST is now with us; Biometrics is no good for security when used without another factor
http://www.slideshare.net/HitoshiKokumai/waiting-for-nists-view-on-passworddependent-biometrics
----------------------------------------
< Videos for the Expanded Password System >
Outline (3minutes 2seconds)
https://www.youtube.com/watch?v=-KEE2VdDnY0
Simplified Operation on Smartphone for consumers (1m41s)
https://www.youtube.com/watch?v=Q8kGNeIS2Lc
High-Security Operation on PC for managers (4m28s)
https://www.youtube.com/watch?v=UO_1fEp2jFo
Simple capture and registration of pictures by users (1m26s)
https://www.youtube.com/watch?v=cXTYffGHNS4
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Password Fatigue and Expanded Password System
1. The problem: passwords could work
– but they need help
The safety of our cyber life
depends on identity assurance,
which relies on passwords
• Passwords are
– Hard to remember
– Hard to manage
– Easy to steal
– And yet, absolutely necessary
• Identity theft and security breaches are proliferating
• A critical problem requiring urgent practical solutions
2. A billion-dollar, growing market
• Identity processes costing over US$60bn worldwide
• US $10bn market growth in the next ten years
3. There are
several known
pictures in the
matrix
I can easily find all of
them right away
Only I can select all of
them correctly
Broader choices: images AND characters
Torturous login is history. Login is now comfortable, relaxing and healing.
SOLUTION: EXPANDED PASSWORD SYSTEM
BY MNEMONIC SECURITY
Easy to manage relations between accounts and corresponding passwords.
4. A FUN WAY TO ENHANCE YOUR PASSWORDS!
A fun first step
Get the images in your password matrix registered. It’s easy.
And soon: gamification
Huge Improvement
Password fatigue alleviated for all
Better security for password-managers and SSO services
Even better security for two/multi-factor authentications
Less vulnerable security for biometric products
Backward-Compatible
Nothing lost for users who wish to keep using character-based
passwords.
5. Client Software
for
Device Login
Applications Login
Image-to-Code Conversion
Server Software
for
Online-Access
2-Factor Scheme
Open ID Compatible
Data Encryption Software
with on-the-fly key generation
Single & Distributed Authority
Brand
expass (globally)
Mnemonic Guard
(over 10 years in Japan)
MNEMONIC SECURITY’S PRODUCTS
6. USE CASES IN EMERGENCIES
Disaster Recovery
Cards and tokens
possessed?
Biometrics
practicable?
Survivors must come back to social activities
most quickly as servicemen or residents.
In the Field
Strain
Confusion
Injury
Seizure
Practicable with both hands busy ?
In panic? With injuries?
Seizure of devices,
tokens, memos
Seizure of
body features
With eyeglasses-mounted displays
- defense and law enforcement
- firefighting and emergencies
- high-security public facilities
- field operations like construction
- heavy-demanding factory floors
Practicable even when both hands are busy
by voice command of onetime passwords
extracted from unforgettable images
Pre-registration desirable before facing
Earthquakes, Tsunamis, Eruptions,
Hurricanes, Floods, Landslides,
Fires, Explosions, Nuclear Accidents,
and also Large Gatherings
With protection gear on?
Even in severe panic, we can quickly
recognize unforgettable images
of episodic memories.
7. COMPETITOR OR OPPORTUNITY?
Biometrics?
Biometrics require passwords as a backup system means: Our opportunity.
Password-managers, single-sign-on service?
Passwords required as the master-password. Our opportunity.
Two/multi-factor authentications?
Passwords required as one of the factors. Our opportunity.
Pattern-on-grid, simple picture passwords, passphrases?
Deployable on our platform. Our sweet spot.
Competition expected from copycats.
We are first-to-market.
8. HOW WE POSITION OURSELVES
We DO NOT compete with biometrics, multi-factor schemes or password
managers – we ENHANCE them
We make password schemes better by leveraging the time-honored
tradition of seals and autographs
• Our competitive advantage:
being the pioneer in episodic image memory,
relevant intellectual property
10 years’ worth of development and deployment
9. PATH FOR GROWTH
Basic line-up of products developed with $1m sales
Available for the global market with translation
from Japanese into English and updating work
Market awareness is shifting as biometrics fails to fulfill its promise
= opportunity to relaunch business worldwide
10. Hitoshi Kokumai, Inventor of Expanded Password System
“expass” “Mnemonic Guard”
Advisory Board
• Laurent Liscia, CEO of OASIS Open
• Don Thibeau, Chairman of Open Identity Exchange and Executive Director of
OpenID Foundation
• Colonel (retired) Hiroshi Itoh, Founding Commander of Systems Defense Unit,
Signal Brigade, Japanese Ground Self-Defense Forces.
For more information:
Mail: kokumai@mneme.co.jp Skype: kokumaiskype
WHO ARE WE?
November 2, 2016
11. Isn’t biometrics solving the problem?
Inconceivable!
Something reliant on a password
Unable to displace the password
Most of the biometric products
Operated with passwords as a fallback means
Biometrics operated with a fallback password
Only provide the level of security
lower than a password-only authentication
due to “larger attack surfaces (*)”
* A phrase used by NIST with whom we are discussing on how to rectify the situation.
Appendix