The variety of data out there is colorful, but most personal data comes in the form of emails, private messages in social media or simply work related files stored in clouds and hardware. In a great majority of these cases, online personal data and information is accessed with passwords, which are usually memorized by the users themselves. Considering the sheer amount of service providers out there, it may very well be that you are in possession of several different passwords (unless you use the same password for everything, which isn’t a good idea). This can prove to be troublesome; most us of know what forgetting a password feels like. That’s problem number one.
Problem number two is the fact that an accounts security isn’t always in the hands of the user. A talented hacker can breach into the service providers systems and gain access to all of their stored usernames and passwords. In this case, the responsibility isn’t the user’s anymore, as bigger online services should hire their own technicians to keep their security measures strong, but this obviously isn’t always efficient enough, as we saw in the latest Twitter scandal earlier this month.
Now this is going to sound like a clichee, but imagine a world without passwords.
Latvian startup CaptureIn proposes a world where writing passwords could cease to exist, and instead, make of mobile devices any persons portable identification. The way it works is very simple. Downloading the application will create a file into your mobile phone that will contain identification data that never leaves the device. In order to log into a service using the app, the services homepage should have the CaptureIn identification enabled, which currently only works with major Latvian social media site Frype. If enabled, the site will display a QR code, which when shown to your device (using the camera), will identify you.
Its important to note that the application primarily allows identification access only for a single device, unless specified separately. Using a personalised combination allows you to use your password on devices and locations you trust and CaptureIn in places where you feel password security could be jeopardized.
Unlike many other common day startups, CaptureIn is branched from DPA, a much bigger Latvian IT company who has years of experience in the fields of cyber security, licensing as well as software and mobile app development. The business model for CaptureIn is purely non profitable; the application is free for both end users and well as service providers. The real deal comes when password-less identification mechanisms are implemented into banks, which is where DPA plans to be a leading innovator. Test runs have to be made though and CaptureIn is one of them.
Nonetheless, the idea of CaptureIn as a password-less identification system is intriguing to say the least. Aigars Jaundälders, Head of Startup Business Group at DPA, told us in an interview how the data protection applies from both sides of the service; the app provider as well as the service the user has the password for.
By this he means that the potential hacker could hack into, say, Frype’s systems, and would not get any sensitive user data from those who use CaptureIn to log into the service. The hacker could also hack into CaptureIn and would still not gain access to the users passwords, as the this data is solely stored in the device, which in this case, is the user’s mobile phone.
Losing the phone on the other hand would make this possible, but as a comparison with the mentioned Twitter scandal, it would be quite difficult to steal 250 000 phones.
Talks of collaboration with 25 companies will most likely bring CaptureIn to a more visible position, and as long as all goes well, the idea of the app that helps you get rid of your passwords will be implanted. The app is available for both iOS and Android and will hopefully soon spread outside Latvia so we can all enjoy just as much as Frype users.