Solutions

The unique technology provided by ToothPic securely stores keys on smartphones by encrypting them with a secret extracted from a hardware characteristic of the device itself: the unique andunclonable pattern of manufacturing imperfections of camera sensors. A feature that makes every single produced device different from each other.

With this technology, the secret key is never exposed, neither in the long-term nor in the short-term device memory. In this way it is protected from malware: even if the entire content of a device were cloned, the cloned credential would be unusable as the destination device has a camera different from the one of the original device used to generate thatcredential. Moreover, ToothPic is the only technology able to identify a device even after a device factoryreset, or after an application reset.

The system has been designed to deliver a user-friendly and frictionless user experience. A user just needs to hold his device during the authentication process, which can be activatedby a single tap on the phone.

The technology has been implemented as an SDK, a software component to be integrated into third-party applications, for Android and iOS, to maximize device coverage and compatibility. Its implementation allows an easy integration into the mobile component of a newly designed system as well as of an existing system with no major changes required to its architecture. In fact, the type of credentials protected by ToothPic SDK is the same used in broadly diffused commercial systems and standards, making its integration easy and fast.

For this reason, in addition to patents ToothPic has recently received the FIDO (Fast IDentity Online) Certification by the FIDO Alliance. The Alliance is promoting several standards for smartphone-based user authentication aimed at delivering a high security level without compromising the user experience. 

Resources

Contact Information