PROGRESSIVE AUTHENTICATION, PROTEAN SECURITY

Protean Credentials Protect What Matters

The concept of Protean Security is simple yet challenging: leverage known security best practices to create an attack surface that is dynamic and constantly evolving. Using this guiding principle Proteus Converged Systems developed the Protean Credential for identity and authentication. A healthy distrust of registrars and certificate authorities led Proteus to use security primitives (i.e. public-key cryptography) directly between transacting parties with no third-party dependencies. Protean Credentials also perform regular key rotation transparently with every interaction. Finally, Protean Security dictates minimal risk exposure so users no longer hold private keys and instead have complete control over their private data in an encrypted form they can’t directly modify.

The Protean Credential is a patented (USPTO 9332018 & 9967261 and EPO EP3127275) implementation of a one-time pad applied to the authentication process. It uses standard, well known public-key cryptography with a unique twist of giving the user the encrypted copy of their personal data (e.g. private keys, challenges/responses, credit card details, address, etc.) instead of asking them to hold on to a private key to access the data. The end result is user data is distributed so large scale centralized data breaches are no longer possible. As an added precaution the Protean Credential changes the key pair used to encrypt the credential after every use so the credential literally evolves with every transaction. This constant evolution creates a challenging race condition for hackers: if a Protean Credential is stolen from a user it must be used before the valid user performs another transaction. Otherwise, the stolen credential becomes useless. If the hacker can authenticate using the credential before the user does, their compromise will be revealed with the very next authentication attempt by the valid user which will minimize dwell time and allow for faster remediation.

The Protean Credential contains a variety of attributes, some owned and controlled by the user and some owned and controlled by the system operator. The system operator has CRUD (create, read, update, and delete) capabilities to a portion of the credential while the user owns the personal data, they provide with the privacy respecting benefit of requiring specific user approval for any data access. In a nod to security and simplicity the Protean Credential allows users to create their own challenge/response based on any I/O they can perform on their computing device. Users also create multiple challenge/response combinations so that authentication may be varied based on risk. It is also no accident that the credential contains the challenges/responses so that brute force authentication attacks are no longer possible.

Ready to Embrace the Future?

If you’re ready to add protean security and privacy to every meaningful transaction or would like to learn more about the capabilities of the Protean Credential then please contact info@prote.us.