Problem we solve
Did you know that officially approved solutions to privacy and impersonation risks in online communications don’t have to cost an arm and a leg?
The Covid crisis has forced most institutions to a remote way of work. In many cases, the tools and processes aren’t ready for this. Improvisation and misuse of tools lead to data leaks and vulnerability to fraud. This is not new, but now it touches more of us.
On one hand people need to use the easy and common communication services to get the job done efficiently. On the other hand risks and tough regulation forces organisations to ban the use of the popular solutions. At the same time criminals exploit the situation to compromise private information and steal money through fraud.
Tools to uphold privacy and trust, when ordinary phones and messaging services must be used, are in dire demand. Such tools make it possible both to safely help patients online and to securely collaborate over supply chain, application and organizational borders.
Our solution lets you use familiar messaging services in a secure way. We have developed Signet App for mobile devices and it doesn’t require any infrastructure to setup. When you meet someone online, a digital handshake with Signet will help you to secure future communication between you two.
Most people don’t have time or want to add and learn to use yet another messaging service on their devices. Even if they had the time, you can’t always force others to switch their messaging platform of choice. To address this we embrace existing apps like Whatsapp, Telegram and email and add a layer of trust and privacy on top of almost any messaging service you already use. You don’t have to learn any new tricks, press the share button and off you go.
Our solution is transparent, easily auditable and already in process of being officially accredited for protecting sensitive information both in transit and at rest. This will help organisations with compliance and save them from having to evaluate and ban individual solutions.
Weekend of innovation - let’s use video
Before the hackathon our app could already be used to securely encrypt and sign sensitive information, including personal information, health data and other secrets. Trusted contact was established by meeting another Signet user in person for cryptographic pairing over bluetooth. However, in the time of social distancing and need to scale up operations online this is both risky and impractical.
Fortunately the video calls are now the new normal. We innovated a unique approach to tackle the trust establishment when physical meetings are out of question. We swiftly worked to piggy-back video conferencing. Thanks to the hackathon, we now have a fully remote solution. Cryptographic handshake is transferred by QR-code images on the screen and captured by the front facing camera every smartphone has. This enables adding contacts securely during a video meeting while still requiring zero infrastructure or Internet connectivity from our app.
We also identified several critical use-cases that would greatly benefit from the security that Signet adds. We worked on protecting business transactions against CEO and invoice frauds and on upkeeping confidentiality in healthcare-patient relationships even when online.
Impact on the crisis
This novel approach now works great and lets you to establish online trust and secure your messaging during this time of social distancing. Authorities, organizations and practitioners will be able to resume and scale their operations online without having to compromise privacy or trust.
Establishing safe and secure cross border (organisational, supply chain and country level) communications, needed to fight the crisis efficiently, will be faster since everybody doesn’t have to adapt the same underlying communication infrastructure. Everyday messaging solutions already in place, that wouldn’t otherwise be safe enough, can now be used safely.
There will be less fraud, such as invoice scams, trying to exploit the abnormal situation. There will be less data leaks of personal sensitive information, such as health data, that may expose citizens to identity theft, blackmail or even physical threat. Therapists and doctors will have a tool to uphold trust and privacy when they are forced to support their vulnerable patients online.
The way forward
Our first governmental pilot customers are already using the app in Finland, and we are in the last mile of the government approval for using the app for classified information. Going forward, we’ll raise awareness, help people to understand secure messaging, and bring the solution to other countries in the EU. Join us on this mission to stop fraud and data leaks?
Prototyping during the hackathon was a success and we have both the technical roadmap and skills in the team to take this forward. We will finish the innovative remote pairing feature and seek official approval for the extended functionality to make it easy for authorities to adapt our solution. We will also add in-app instructions for verifying contact signatures, for example over a voice call, to thwart off any attacker who can modify the stream of QR codes on the picture of the phone displayed in the video feed.
Investments, marketing and sales skills are necessities to raise awareness and guarantee wide availability fast enough. We have initiated investment talks, with positive feedback, and are engaged in dialog with top candidates to recruit required talent.
Our hackathon mentors and peers have linked us to governmental and enterprise contacts outside Finland and have promised to do more linking. We will strongly pursue more pilots and immediately offer our team’s expertise and services to help authorities and organisations in securing communications.
Value after the crisis
After the world emerges from the crisis, Signet will keep securing communications. Business transactions and remote consultation will stay online. Already before the crisis FBI reported losses in billions of euros due to CEO, invoice and payroll diversion frauds driven by business email and messaging compromises. Organisations will benefit from Signet in stopping these types of fraud and communicating online in a safer manner.
At the same time global annual cost of the data breaches and leaks is calculated also in billions and tragedies ensue on the individual level due to privacy compromises. Strict data protection regulation, such as GDPR and HIPAA, is a necessity that unfortunately drives up costs and complicates online operations. With Signet there is no need to ban popular existing messaging services or devices and its added layer of security will be easy to audit and accreditate. Less data breaches, and the practical cost and time savings will help our users to divert attention and resources from technology to their true mission.
We also have far-reaching ideas regarding how Signet could be used in harboring and securely sharing your digital identity with other peers, making it possible to use it for many other purposes where identifying your peer is important online.
In a nutshell
We have impact potential. With Signet the society will have a universal tool for online trust and safe communication to protect privacy and combat online crime. There will be less fraud and data breaches, losses now counted in billions. Current secure communication solutions force their own infrastructure, Signet is unique, it doesn’t replace, it embraces. By piggy-backing existing infrastructures it can be easily scaled to millions of people and thousands of organisations.
Signet is a novel solution to a technically very complex problem. Cryptography is not easy and remote trust establishment requires innovation. Signet solves complex problems with transparent and auditable technology, and has been created using a demanding secure development process that has passed official accreditation requirements. Secure cryptographic handshake using QR codes over a video conference is something that has never been seen before.
Our prototype is complete, it works well and it directly attacks the social distancing challenge on the trust establishment. We have the necessary skills to make this part of our Signet product and to seek official approval for the extended functionality. Ease of use and not requiring separate infrastructure makes it simple for the users to adopt the solution.
We have paying governmental pilot customers, a business plan for and experience in B2B sales of the solution. We are experts in security of different communication solutions and very familiar with the current state of the industry. Economical impact of online fraud and data breaches is undeniable and needs to be attacked against. Furthermore, privacy and trust have inherent societal value and will be fundamental enablers in future. Investments would give a boost to making the product even more universal by adding support for different types of devices and making it available and used in more countries