Hello World — Meet UNLOQ

Simple & secure multi-factor authentication, transaction authorisation and data encryption service. Integrates in minutes. UNLOQ any web, desktop or mobile app.

When you think about strong authentication, you probably picture the entire tedious road of setting up and validating strong passwords, hacking system rules designed to help you add a password that you can eventually remember and, now more than ever, activating two-factor authentication.

Just the exercise of imagining that is exhausting. It makes you give up and, if it’s not a service that you really need, you might just do that. In fact, according to some studies*, nearly 80% of millennials agree that the most important thing when setting up a new password is how easy it will be to remember it. Thus, it comes as no surprise that 60% of people use the same password. At the speed at which we are creating new online accounts, the current authentication paradigm becomes impractical.

And this covers only half of the story. On the other end, businesses and developers invest huge amounts of money in setting up hacker-proof systems. But how many can afford a truly secure authentication system and how reliable is it? With all the brands that are all over the headlines for being hacked and with tens of millions of accounts being compromised, it really makes you seriously doubt that there’s truly a simple and secure way out…

Introducing UNLOQ

This is what drove us…and this is UNLOQ.

From the very beginning, our goal was to develop a ‘stronger than passwords’ authentication system that’s extremely easy to use, a system that can work across devices, provided at a reasonable price.

UNLOQ comes in the shape of a widget, which you can easily embed into your site and a companion mobile app that your users will need in order to authenticate. The default authentication mechanism is a multi-factor system that uses out of band communication to authenticate a user. After a user has registered with UNLOQ (downloaded the app and created a profile), he will only have to click the UNLOQ button and will instantly receive a push notification on his mobile phone, asking the user to approve or deny the authentication request. To prevent spam, each user will be asked to verify his/her identity when sending their first authentication request from a browser. For the first authentication request, the user will receive a notification asking for a time-based one time password that they can find in the app.

And this takes us to the alternative authentication methods that UNLOQ allows. The first one is a time-based one time password that users can select, in case they don’t have internet access on their phone. The second one is the e-mail login option that can be used in case the user does not have a smartphone. Developers may choose to have one, both or none of the alternative authentication mechanisms implemented, depending on the specific case for which they are building the system for.

UNLOQ is a distributed authentication system, where the only thing we need to store in order to make it work is the users’ e-mail.

What’s included in the initial release?

– the default multi-factor authentication system with out of band communication. A user needs a verified phone, a PIN for the app and a finger print, in case the phone is set to unlock using biometric features.

– alternative authentication methods: TOTP and e-mail

– request TOTP on each login

– restrict usage by setting up origin paths and timers

– customize the appearance of the authentication notification

– verified domains

– WordPress plugin

– Two login box themes

– Data encryption at device level with AES-256-CBC

Since we like developers, we have put together a bonus app: sconfig.io. This is an encrypted CDN for your configuration files.

What’s next?

Our mission is to make secure authentication available to everyone and we’d appreciate any help that comes along the way. And we really thrive on feedback, so join the discussions and let us know what you think.

Stay tuned. We are releasing new features on a weekly basis.

UNLOQ Team

Visit us on Facebook, Twitter or on our Website!