Secret Double Octopus: Password-free, Keyless Protection of User Identity

Raz Rafaeli, Co-Founder & CEO
Eighty percent of hacking-related breaches exploit stolen or weak passwords. Even worse, current security practices of token-based authentication in the form of OTPs and SMS have also been compromised. These challenges are compelling organizations to adopt new approaches to securing their data, systems and overall business interests. Secret Double Octopus, a prominent player in password-free authentication, protects data, systems and identities through a multi-shield authentication process.

Secret Double Octopus turns mobile phones into authentication devices. Unlike existing solutions based on PKI, the Israeli security startup leverages secret sharing algorithms to minimize user vulnerability while protecting data and streamlining user experience when accessing resources. “Our patented technology is based on a mathematically unbreakable scheme that enables a password-free authentication experience, which is both more secure and user-friendly than existing authentication measures,” said Raz Rafaeli, the CEO and Co-founder of Secret Double Octopus.

According to Rafaeli, the combination of high-level security and a seamless user experience is crucial for the adoption and growth of enterprise password-free authentication. To this end, the firm’s new mobile authentication app is the right solution for organizations to end the proverbial ‘arms race for encryption’, while streamlining the mobile experience for consumers. The Octopus Authenticator app uses a mobile application to verify user identity. When a user attempts to login or perform a sensitive transaction, the service sends an access request to the associated device through the authenticator app instead of prompting for a password. Access to the account is granted once the user approves the app request. Under the hood, the identity of the user is protected with the Company’s keyless technology.


The combination of a high level of security and a seamless user experience is crucial for the adoption of enterprise password-free authentication globally


To add a second factor, biometrics, Octopus Authenticator has made it simple for the user to respond to push notifications by using their thumb impression or facial recognition technology on their mobile device. An example highlighting the company’s efficacy, is when they helped a large multinational firm find a password-free solution to access business systems and data securely. The client wanted their security solution to work with Active Directory (AD), as well as with other solutions, including Office 365 and Exchange server. With Secret Double Octopus, the client’s employees could securely connect to AD and related applications using their mobile devices, making a password-less security login a reality.

Secret Double Octopus has been called a ‘game changer’ in the security space by companies such as PwC and Tech Data, and was named a “Cool Vendor” by Gartner. With the growing momentum, the company is also focusing on securing hyper-connected areas enabled through machine-to-machine (M2M) and IoT. “We provide solutions that ensure security between devices that are manufactured by multiple vendors, an aspect that still hasn’t been addressed at all in the market,” says Rafaeli. The company is developing an end-to-end M2M authentication layer between cloud, IoT hub, edge devices and other applications that support IoT environments, such as smart cities and connected cars.

Company
Secret Double Octopus

Headquarters
Tel Aviv, Israel

Management
Raz Rafaeli, Co-Founder & CEO

Description
Password-free, keyless authentication technology to protect identity and data across cloud, mobile and IoT environments

Secret Double Octopus