Startup Spotlight: OneID


Published on

This presentation was given by OneID founder and CEO Steve Kirsch at the pii2011 Venture Forum in Menlo Park, CA on November 15, 2011. For more information on the conference, visit

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • I’m a lot like you… I have …and 352…that’s crazy. That’s why I started OneID.
  • Auto Login
  • Active device might be slow or fast so can choose long or short key size….so 4 keys are stored on the RP in general.
  • + 4 very senior software developers + 1 ops +1 administrative/HR/finance
  • Startup Spotlight: OneID

    1. 1. Meet yournew online identity Steve Kirsch CEO OneID, Inc. 2216 OToole Avenue San Jose, CA 95131 (408) 571-6317
    2. 2. About me Steve Kirsch, CEO  5 startups over 30 years  $2B+ market cap  Visionary products 352 3 kids 1 wife 1 car cat usernames and passwords 2
    3. 3. OneID is digital identity done right Websites Enterprise AppsSteve Desktop, Mobile Apps Offline (QR or NFC ID)Convince your Your devices digitally assert your device URU ID to everyone else (with your express approval) 3
    4. 4. + OneID = Frictionless e-commerce Invalid format Phone/fax numbers Steve KirschSay “goodbye” to… CEO must be in the formatOneID, Inc. (xxx) xxx-xxxx. 4
    5. 5. “Best new business idea”$50,000 grand prize winner 5
    6. 6. “How do Iknow it issafe tologin to mybank orPayPal?” 6
    7. 7. Her Fears Are JustifiedRamnit Worm VariantAugust 25, 2011 “…morphed into a serious threat…capable of draining bank accounts…” Banks are not well-prepared. Ramifications are enormous. We have the world’s best Link to Article solution to this problem. 7
    8. 8. Digital identity  “It is, I believe, the #1 most important problem to be solved as we move more and more into an online world.”  Steve Gibson Creator of the first anti- spyware program 8
    9. 9. There is only one way tosolve this problem Think different 9
    10. 10. User authentication: Today Enterprise Apps External Websites Steve Desktop, Mobile Apps Offline (QR or NFC ID)I have >300 different usernames and passwords! This is unsustainable 10
    11. 11. Our Solution – Identity 2.0 OneID defines a new digital ecosystem for solving nearly all of these problems... Nothing else comes close. Single Identity, Designed User Owned Multiple From Scratch Personas User adjusts Works On All Public key security v. Devices crypto convenienceOneID is a single identity that spans consumer and enterprise. See slide notes for more info 11
    12. 12. OneID is digital identity done right Websites Enterprise AppsSteve Desktop, Mobile Apps Offline (QR or NFC ID)Convince your Your devices digitally assert your device URU ID to everyone else (with your express approval) 12
    13. 13. What is OneID? Next generation digital identity  A digital identity ecosystem/federation  OneID is how you would solve the digital identity problem if you wanted to solve it “right” It’s “sort of like” facebook Connect, but:  Easier to use  Extremely secure  Nearly unbreakable w/o sacrificing convenience!  Much more comprehensive in scope  User-centric with PK: secure, private, … 13
    14. 14. What can OneID be used for? Authentication  Eliminates need for username/password, SecurID  Extremely high LoA available Information sharing  Enter information only once, including credit card information Authorization  Digitally sign a tokenized credit card to make a purchase: “Pay Amazon $12.23 USD using my Wells Fargo Personal VISA – signed Steve” Digital claims  AAA member, Hertz #1 club member, Passport, Driver’s license, Cisco employee to get proper discount or to get access  Tickets, digital rights (music, software), physical good receipts 14
    15. 15. Why is OneID important? We have the world’s best answer to solving the digital identity problem  Most user-friendly and most secure ….both at the same time!  We make it IMPOSSIBLE to phish or keylog your password to get access to your account. Users can misbehave and they are still safe  “Have it your way”…Users LOVE it.  Most advanced technology; most customer traction; most powerful; most flexible  With OneID a user can stay logged in to websites with near zero financial risk  Only one password to remember and it is RARELY used 15
    16. 16. OneID … …is the most significant development in authorization since the invention of the username and password … will nearly completely replace the use of usernames and passwords within 5 years 16
    17. 17. OneID: Single Click To Sign In 17
    18. 18. Two-Factor Auth: More secure & convenient than SecurID “Blank check” vsOutgoing Wire Transfer InsecureRecipient: Sasha Orloff • In-band (vulnerable to MITM)Amount: $5,000 USD • Vulnerable shared secretBank: CitiBank • Can’t see what you are approving Inconvenient • Another device to carry • Hard to use • Wastes time • Everyone hates themOneID mobile phone app • Terrible GUI/UX 18
    19. 19. World’s most secure identity2 or 3 independent digital signatures required Say goodbye to identity theft Browser Cloud Mobile App Optional Active device Identity repository OOB device 19
    20. 20. OneID Login Signature Flow After verification,✓ Signature C✓ user is logged in✓ Website 1 Verifies 6 Signatures 5 2 3 ✓ Signature A 4 ✓ Signature B ✓ 20
    21. 21. Unbreakable security $1M if you can break into my OneID account I’ll even tell you my username and password to make it easier 21
    22. 22. These buttons look alike Can you tell the difference? 22
    23. 23. Key benefitsFor consumers For Service Providers Convenient  Higher customer Easy to use satisfaction Secure  Higher security  Reduce dropoff  Reduce fraud  Easy integration 23
    24. 24. Why user centric? It is the ONLY way to eliminate the risk of a centralized breach Guarantees security and privacy  Only you can decrypt your data (on your devices)  Only you can assert your identity  With OneID, centralized breaches (like SONY) are not possible; there is nothing to steal. Even if an RP’s password file is published, there is zero risk. Google, Facebook, etc. are NOT user centric 24
    25. 25. Partner interest in everysegment Financial services  Consumer Enterprise  Government Education
    26. 26. Sales cycle T=0 “who are you and why are you here?” T=30 minutes “OK, I’d like to deploy this in a project we are doing.” 26
    27. 27. Is it easy to implement? Can be done in < 5 minutes! AutoFill = Add 2 lines of HTML (no server side changes required). Login = about 4 lines of code. Signed tokenized purchases = about 4 lines of code. 27
    28. 28. Team: 12 people CEO: Steve Kirsch  Founder, former CEO of 5 successful startups with combined market cap >$2B VP Marketing: Rose Hartwig  Former VP Marketing Palm  Turned down CMO job at B&N Identity systems architect: Jim Fenton  Cisco’s top identity expert. Crypto expert: Adam Back  “THE best guy for this job” – Stefan Brands “He’s brilliant” –Jon Callas Director Product Marketing: Brian Kelly  Co-founded TrustBearer Labs, acquired by VeriSign in 2010  User Authentication Product Manager at Symantec/VeriSign CIO: Mr. X?  Managed staff of 2,800 people and IT budget of $2.7B  “Federal CIO of the Year” –Federal Computer Week 28
    29. 29. Availability December 2011: alpha March 2012: beta May 2012: FCS 29
    30. 30. “OneID is light years ahead of what anyoneelse is doing today.”  Brian Krebs 30