Decentralized cybersecurity firm, Rivetz, today announced the launch of its first two-factor authentication (2FA) Authenticator app, which uses the hardware of your device to generate your 2FA keys. The app is also the first to feature backup and recovery of 2FA keys using your mobile devices’ existing hardware security capabilities.
Backup and recovery of 2FA keys eliminates hassles associated with proving who you are to every 2FA-enabled app and account you have when you get a new phone. Rivetz Authenticator is one of the first apps of The Rivetz Network, a collection of cybersecurity tools and services available for deploying safe and simple applications. The app eliminates the biggest frustration around 2FA: backup and recovery of 2FA keys when migrating to new devices.
In addition, its hardware-based security capabilities make Authenticator the equivalent of having a dedicated hardware security device built in to your mobile phone. Authenticator is also designed to support validation of external, provable controls and policies that confirm a user intended a transaction, enabling additional security and compliance capabilities.
In the unfortunate event of a lost, stolen, reset or inaccessible phone, the process to regain access is incredibly time-consuming, frustrating or impossible. In a Rivetz-commissioned survey of 1,000 U.S. adults, 49 percent of respondents said they had lost access to their accounts because they were unable to access their 2FA recovery keys.
Even when users save their private 2FA keys to migrate onto new devices, it can still take hours to manually reset 2FA for each account, such as email, social media, or cryptocurrency exchanges. Authenticator requires only a few moments to recover all accounts at once.
“2FA is a powerful cybersecurity method, but when you get a new phone you are locked out until you navigate a labyrinth of security procedures for each app or account,” said Steven Sprague, CEO of Rivetz. “Authenticator provides a secure and simple one-step method to maintain robust 2FA cybersecurity across all your accounts and devices. Cybersecurity should be grandma-simple – it should just work. We designed The Rivetz Network and Authenticator from the ground up to liberate the modern subscriber from the antiquated username/password paradigm.”
Rivetz Authenticator also features a Trusted User Interface (TUI) for supported devices**. The TUI allows device owners to verify actions with the assurance that malware cannot possibly infect a transaction, ensuring that the action taken by the app was the user’s intended action. Authenticator also is designed to support validation of external controls, such as geolocation or biometrics, enabling additional security and compliance capabilities.
Rivetz Authenticator is built using the capabilities of The Rivetz Network. The Network provisions security actions to the Trusted Execution Environment (TEE), which is already built into the hardware of billions of mobile devices. The TEE is an isolated, measured hardware computer environment separate from the device’s operating system that cannot be tampered with should the operating system be compromised. This provides superior security to software or short message service (SMS) text-based authentication methods.