This presentation was given by OneID founder and CEO Steve Kirsch at the pii2011 Venture Forum in Menlo Park, CA on November 15, 2011. For more information on the conference, visit http://pii2011.com.
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Startup Spotlight: OneID
1. Meet your
new online identity
Steve Kirsch
CEO
OneID, Inc.
2216 O'Toole Avenue
San Jose, CA 95131
(408) 571-6317
stk@oneid.com
2. About me
Steve Kirsch, CEO
5 startups over 30 years
$2B+ market cap
Visionary products
352
3 kids
1 wife
1 car
cat
usernames
and passwords
2
3. OneID is digital identity done
right
Websites
Enterprise Apps
Steve Desktop, Mobile Apps
Offline (QR or NFC ID)
Convince your Your devices digitally assert your
device URU ID to everyone else
(with your express approval)
3
4. + OneID = Frictionless
e-commerce
Invalid format
Phone/fax numbers Steve Kirsch
Say “goodbye” to…
CEO
must be in the formatOneID, Inc.
stk@oneid.com
(xxx) xxx-xxxx.
4
6. “How do I
know it is
safe to
login to my
bank or
PayPal?”
6
7. Her Fears Are Justified
Ramnit Worm Variant
August 25, 2011
“…morphed into a serious
threat…capable of draining
bank accounts…”
Banks are not well-prepared.
Ramifications are enormous.
We have the world’s best Link to Article
solution to this problem.
7
8. Digital identity
“It is, I believe, the #1
most important problem
to be solved as we move
more and more into an
online world.”
Steve Gibson
Creator of the first anti-
spyware program
8
9. There is only one way to
solve this problem
Think different
9
10. User authentication: Today
Enterprise Apps
External Websites
Steve Desktop, Mobile Apps
Offline (QR or NFC ID)
I have >300 different usernames and passwords!
This is unsustainable
10
11. Our Solution – Identity 2.0
OneID defines a new digital ecosystem for solving nearly all of
these problems... Nothing else comes close.
Single Identity,
Designed
User Owned Multiple
From Scratch
Personas
User adjusts
Works On All Public key
security v.
Devices crypto
convenience
OneID is a single identity that spans consumer and enterprise.
See slide notes for more info
11
12. OneID is digital identity done
right
Websites
Enterprise Apps
Steve Desktop, Mobile Apps
Offline (QR or NFC ID)
Convince your Your devices digitally assert your
device URU ID to everyone else
(with your express approval)
12
13. What is OneID?
Next generation digital identity
A digital identity ecosystem/federation
OneID is how you would solve the digital identity
problem if you wanted to solve it “right”
It’s “sort of like” facebook Connect, but:
Easier to use
Extremely secure
Nearly unbreakable w/o sacrificing convenience!
Much more comprehensive in scope
User-centric with PK: secure, private, …
13
14. What can OneID be used for?
Authentication
Eliminates need for username/password, SecurID
Extremely high LoA available
Information sharing
Enter information only once, including credit card information
Authorization
Digitally sign a tokenized credit card to make a purchase: “Pay
Amazon $12.23 USD using my Wells Fargo Personal VISA – signed
Steve”
Digital claims
AAA member, Hertz #1 club member, Passport, Driver’s license,
Cisco employee to get proper discount or to get access
Tickets, digital rights (music, software), physical good receipts 14
15. Why is OneID important?
We have the world’s best answer to solving
the digital identity problem
Most user-friendly and most secure ….both at the same time!
We make it IMPOSSIBLE to phish or keylog your password to get
access to your account. Users can misbehave and they are still
safe
“Have it your way”…Users LOVE it.
Most advanced technology; most customer traction; most
powerful; most flexible
With OneID a user can stay logged in to websites with near zero
financial risk
Only one password to remember and it is RARELY used
15
16. OneID …
…is the most significant development in
authorization since the invention of the
username and password
… will nearly completely replace the use of
usernames and passwords within 5 years
16
18. Two-Factor Auth: More secure
& convenient than SecurID
“Blank check”
vs
Outgoing Wire Transfer
Insecure
Recipient: Sasha Orloff
• In-band (vulnerable to MITM)
Amount: $5,000 USD
• Vulnerable shared secret
Bank: CitiBank
• Can’t see what you are approving
Inconvenient
• Another device to carry
• Hard to use
• Wastes time
• Everyone hates them
OneID mobile phone app • Terrible GUI/UX 18
19. World’s most secure identity
2 or 3 independent digital signatures required
Say goodbye to identity theft
Browser Cloud Mobile App
Optional
Active device Identity repository OOB device 19
20. OneID Login Signature Flow
After verification,
✓ Signature C
✓ user is logged in
✓ Website
1
Verifies
6
Signatures
5
2
3
✓ Signature A 4 ✓ Signature B
✓
20
21. Unbreakable security
$1M if you can break into my OneID account
I’ll even tell you
my username and password
to make it easier
21
23. Key benefits
For consumers For Service Providers
Convenient Higher customer
Easy to use satisfaction
Secure Higher security
Reduce dropoff
Reduce fraud
Easy integration
23
24. Why user centric?
It is the ONLY way to eliminate
the risk of a centralized breach
Guarantees security and privacy
Only you can decrypt your data (on your devices)
Only you can assert your identity
With OneID, centralized breaches (like SONY) are not
possible; there is nothing to steal. Even if an RP’s
password file is published, there is zero risk.
Google, Facebook, etc. are NOT user centric
24
25. Partner interest in every
segment
Financial services Consumer
Enterprise
Government
Education
26. Sales cycle
T=0 “who are you and why are you here?”
T=30 minutes “OK, I’d like to deploy this in a
project we are doing.”
26
27. Is it easy to implement?
Can be done in < 5 minutes!
AutoFill = Add 2 lines of HTML (no server side
changes required).
Login = about 4 lines of code.
Signed tokenized purchases = about 4 lines of
code.
27
28. Team: 12 people
CEO: Steve Kirsch
Founder, former CEO of 5 successful startups with combined
market cap >$2B
VP Marketing: Rose Hartwig
Former VP Marketing Palm
Turned down CMO job at B&N
Identity systems architect: Jim Fenton
Cisco’s top identity expert.
Crypto expert: Adam Back
“THE best guy for this job” – Stefan Brands
“He’s brilliant” –Jon Callas
Director Product Marketing: Brian Kelly
Co-founded TrustBearer Labs, acquired by VeriSign in 2010
User Authentication Product Manager at Symantec/VeriSign
CIO: Mr. X
? Managed staff of 2,800 people and IT budget of $2.7B
“Federal CIO of the Year” –Federal Computer Week
28