CertiVox launches two-factor security in the cloud

CertiVox launches two-factor security in the cloud

Summary: CertiVox is claiming "a revolutionary breakthrough in information security" with a two-factor authentication system that works with a web browser and cloud-based data. PrivateSky "is a one-click solution where both encryption and decryption are securely completed with no disruption to a user’s workflow," says the US-based company.

SHARE:
TOPICS: Tech Industry
2

CertiVox is claiming "a revolutionary breakthrough in information security" with a two-factor authentication system that works with a web browser and cloud-based data. PrivateSky "is a one-click solution where both encryption and decryption are securely completed with no disruption to a user’s workflow," says the US-based company.

CloudOne Services, which is based in London, is one of several cloud companies that has signed up as a distributor "to the reseller channel and enterprise segments."

There is a free version of PrivateSky that allows users to send and receive encrypted messages and files. The Professional also allows the sender to encrypt attachments up to 10MB in size.

PrivateSky uses HTML5 and works on both Windows PCs and Macs, but only with the Google Chrome and Firefox browsers.

Two-factor authentication typically involves something you own and something you know. In this case, the "something you own" is an authenticated token stored by the browser, while the "something you know" is a four-digit PIN.

Messages and files are sent and collected from the PrivateSky portal. Recipients have to go to PrivateSky and enter their name and email address. The portal then emails them a link back to the portal. Following the link enables each user to set up a four-digit SkyPin, which is used to create a token in the browser. After that, users can retrieve messages by entering the PIN that matches the token.

The sender of the file can track who accessed the data, when, and for how long.

All the data remains secure. PrivateSky cannot read your email or files because these are encrypted in the browser before they are uploaded to the portal.

PrivateSky uses elliptic curve cryptography, which is based on the idea that it's infeasible to calculate the logarithm of a random elliptic curve. This contrasts with the original idea behind public key cryptography, which was based on the factorisation of very large prime numbers.

A white paper (PDF) explains how the system works.

There are lots of systems for encrypting email and data, and PGP (Pretty Good Privacy) was launched more than 20 years ago. None of them has ever become popular, which suggests that users just can't be bothered to use them. Most are too cumbersome to use, and users don't feel most emails are so important they need to be protected.

Whether CertiVox can buck the trend remains to be seen: the odds are against it. However, with fears of corporate espionage growing and cyberwars being fought behind the scenes, a growing number of companies will probably insist on it.

@jackschofield

Topic: Tech Industry

Jack Schofield

About Jack Schofield

Jack Schofield spent the 1970s editing photography magazines before becoming editor of an early UK computer magazine, Practical Computing. In 1983, he started writing a weekly computer column for the Guardian, and joined the staff to launch the newspaper's weekly computer supplement in 1985. This section launched the Guardian’s first website and, in 2001, its first real blog. When the printed section was dropped after 25 years and a couple of reincarnations, he felt it was a time for a change....

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Hi Jack, thanks for the shout out. One major correction: PrivateSky encrypts the data in your browser BEFORE it is uploaded to the portal, it's not encrypted at the portal. It's something no other vendors do, and using our Incognito Keys protocol, the data is opaque even to the folks at PrivateSky.
    Thanks again,
    PrivateSky
    privatesky
  • @privatesky
    Many thanks for the correction: I'll amend the copy!
    Jack Schofield