“We’re not paying for trust: we’re earning it.” – Rob Morrish, CEO of Haventec
Watch Haventec’s CEO Rob Morrish talk about the future of online security at the Tech23 2016 “Celebrating Australian Innovation” event in Sydney on 11 October 2016. Haventec won the Tyro Fintech Award during the event.
Transcript: “Haventec and the future of online security” – presentation by Rob Morrish, CEO of Haventec at Tech23, Sydney on 11 October 2016.
Does anyone remember when people started regularly sharing computers and data?
Here’s a clue: The first logins were set up for MIT’s Computer Time Sharing System …. in 1960.
And sys admins back then wanted simple authentication, so they chose username and password. Because nobody wanted to devote machine resources to this authentication stuff. (See Footnote 1: Early passwords had to be simple)
Today we have plenty of processing power and storage capacity.
Yet organisations still rely on that ancient form of authentication.
Now, how many of you use the same password across multiple accounts?
Sure, it’s a pain having to invent and remember long strings of letters and numbers and symbols…
So… most of us just use a small number of passwords that we rotate across our email, our social media … and even our bank accounts. (See Footnote 2: Zuckerberg’s simple password error)
Week after week, we hear about data notifications mostly caused by compromised user credentials.
Clearly this ancient method isn’t working. (See Footnote 3: Many more devices hackable)
So, what’s the answer?
We’re working on it at Haventec. And it starts with a network of trust.
Trust empowers and drives successful economies – and it should be synonymous with privacy.
Our chief inventor, Ric Richardson, famously invented software activation technologies under the name Uniloc. When I met Ric, he’d started on a security invention to solve a common challenge: the pain of managing multiple passwords.
At Haventec we’re focused on making secure transactions easier and safer for everyday people AND those organisations that service them.
Our first product is Haventec Authenticate. (See Footnote 4: Authenticate’s rotating security keys) It is a truly password-less system with a set of evolving security keys. It decentralises authentication. Each time you interact with an Authenticate-protected system , we change the locks and keys, while building up a trust profile based on your safe behaviour.
We believe that decentralising authentication builds trust.
And you’re giving people back the rightful ownership of their information and their data privacy.
Plus, as you’re massively reducing risks, you can save your organisation a lot of pain… and money.
And that’s a combination that makes sense commercially.
Our second product is Secure Wallet. It includes a one-click payment system with decentralised authentication – so no longer do you have to give control of your credit card information to merchants and payment providers.
Our third product is an adaptive network identity solution. A better blockchain.
We’ve strengthened the blockchain with our patented key technology so it’s no longer vulnerable to man-in-the-middle attacks.
Haventec Blockchain Platinum locks the blockchain to your device. Each time you interact with Blockchain Platinum we build an adaptive ledger of trust.
So that’s Haventec.
We’re delivering real product that makes a real difference, and provides real value. We’re not paying for trust: we’re earning it. We have Macquarie Group as a significant investor and we are working towards trialling Haventec Authenticate in one of its staff mobile apps.
Our security partner Nuix is conducting independent penetration testing, while our integration partner, Fastlane Solutions, is benchmarking the resilience of our products.
Recently, we made our first major commercial OEM deal with AMP technologies from Silicon Valley.
AMP will be embedding Haventec Authenticate into its commercial real estate management platform.
We’re also working towards a deal with Alpha Payments Cloud, where we will be introducing SecureWallet and Authenticate to its clients.
We’re working with other Australian firms in finance, ICT and logistics.
If this sounds interesting to, please come talk with me and our Co-Founders: Ric Richardson and Doctor Tony Castagna, who are both here in the audience today.
Dr Castagna is a co-founder and chairman of several companies including Nuix and also a board advisor to Capital Markets CRC.
We’re ready to expand our team overseas – and we’re looking for strategic partners and the right investors to join our team to take Haventec global.
Footnote 1: Early passwords had to be simple
Here’s a summary from an interview in the January 2012 edition of Wired magazine with Cornell University comp sci Professor Fred Schneider.
Prof Schneider said user name and password authentication made sense in 1960 because it only needed a few bits or bytes to work.
They could have used a knowledge-based system like mother’s maiden name, first pet, first school… but Schneider says “that would have required storing a fair bit of information about a person, and nobody wanted to devote many machine resources to this authentication stuff.”
Footnote 2: Zuckerberg’s simple password error
Re-using passwords is clearly risky, yet even the most supposedly tech-savvy people do it. Even Facebook’s Mark Zuckerberg has recently been hacked.
In early June, hackers discovered that the same simple Zuckerberg password they’d harvested on one site (allegedly from a list stolen in 2012 during an attack on LinkedIn) also worked on several other platforms.
The media reported that because Zuckerberg didn’t have two-factor authentication on his popular social media platforms, the hackers apparently quickly compromised his LinkedIn, Twitter and Pinterest accounts and publicly embarrassed him.
What else did the hackers get into?
If a hacker can get into your Facebook or LinkedIn they can cause reputation damage – they can also find out where you live and what your family looks like. If they then get into your iCloud, Windows or Google IDs they can access your work files, your IP and maybe your email. If they can crack your email they can mess with your medical records and your financial accounts.
Footnote 3: Many more devices hackable
Some of Haventec’s team are old enough to remember the birth of the computer age. Most of us have used every generation of personal computer since they began shrinking from room size to desk top to laptop to palm to wrist to finger to nanobot…
We all appreciate the advantages of smaller, more powerful computers.
But we also know that hackers can all too easily use the latest computing technologies to crack open older legacy systems. That’s not the fault of the legacy systems. They’re just well out of date. Hackers literally AND metaphorically OWN tech… like no other business.
Hackers can be like the best start-ups: agile, disruptive, innovative – and well-funded.
Footnote 4: Authenticate’s rotating security keys
Haventec Authenticate is a truly password-less system with a set of rotating security keys. And every time you interact with an Authenticate-protected system we replace the keys/change the locks, while building up a trust profile based on your safe behaviour.
And only you, using your authenticated device can unlock your profile. So even if someone shoulder surfs you, watching you login to a system from your phone on a bus, they can’t take whatever info they see you type and use it to get access on another device.
They can’t clone your device and pretend to be you either. It’s a much simpler way to manage authentication. It’s highly secure. And it’s highly adaptive.
Authenticate eliminates the needs for organisations to manage, maintain and try to protect a central store (or honey pot) of usernames and passwords.