The Digital Identity that safeguards your personal information

coming soonget notified

Privacy by Design

Online businesses collect vast quantities of data on us. Sometimes because it's part of their service, sometimes for statistics and analytics - it's the modern way of doing business. They then connect that to our real persona using personally identifiable information (PII for short). It is this process of unique attribution which represents the biggest danger to our individual self. It allows giant data aggregators - where this already correlated information ends up - to derive dangerous information which go way beyond the scope of the service you signed up for or the party you signed up with.

Anonymous
Online Presence

Shadow id provides means for online services to anonymously anchor collected information and giving you not only the benefits derived from their service but also protect your privacy from abusive third parties or accidental data leaks.

Personal Data
Isolation

Shadow id is constructed such that attribution always flows from services towards shadow id, never the other way around. As such, your information becomes siloed with the services and cannot be correlated

GO Beyond 2FA, PASSWORDLESS

GO Beyond 2FA, PASSWORDLESS

Online accounts are a weird thing. The valuables locked inside are yours, but there is only so much you can do about its security. Sort of like a locker in a big station - it's located in a public place. No matter how well you lock your door "at home", the locker remains at the station unable to benefit from the perimeter protection of your home. Criminals are free to poke around and temper with the security of the box. In case of an online account - an entire world of criminals - both manual and automated. 2FA can help somewhat, because there are two keys, not one, protecting your locker, but this model does not change the nature of the locker. It only protects against password theft, all other vulnerabilities still apply - and they are many.

Mutually Authenticated Transport Layer Security, or MATLS, radically changes the security architecture of the setup. It doesn't use passwords, it uses Public Key Cryptography (PKI) to authenticate devices. Clients that don't hold the proper private key (rogue browsers, bots, hackers, etc) are unable to establish connection.
This is not just a shiny new lock - it transforms your allegorical public locker into a safety deposit box inside the confinement of a bank's vault.

We Build on Trust

The reason why sites treat you like a criminal is because they can't tell the difference between a real one and you. With today's security models, everything looks the same over the big net. So services adopt a zero trust model and throw at you everything they have: email validation, capcha, device fingerprinting, behavior profiling, you name it. This is not only frustratingly slow, it's also a massive violation of privacy and utterly humiliating.

Stand Out
of the Crowd

You can look at shadow ID as your trust bank, where sites you interact with deposit trust continually. This anonymized trust will follow you everywhere online, so next time you click "sign up", you get the welcome you earned for being an upstanding citizen of the Internet.

Judge Content
by its Source

With such diversity and no accountability, it's impossible to ascertain whether an information is valid or fake. It's not only time-consuming, it is also dangerous especially young people. It will take a while, but we look forward to see search engines sorting content not only by word frequency, but also the credibility of the author.

Secure and fast

Secure and fast

We've grown accustomed to the concept that security is synonymous with friction: more security means more friction, always. This however is a result of trying to retrofit with security architectures that were not conceived with security in mind. To put in other words, the friction is a result of the hack - like trying to push a cart with square tires.

By building security into the model, we can achieve the opposite outcome: More security - less friction, like having the tires round in the first place.

Non-authenticated
devices

15

Authenticated
devices

1

Stay in Control

Stay in Control

Sharing your email for a signup is not an easy choice nowadays. With 2 out every 3 email being spam, this decision can land you a lot of headache. With shadow id you do not share anything, so the choice is not down to a fleeting moment in time. You continue to retain control over your relationship with the service so you can "take it back" at any moment.

Transparency of
Personal Information

Sometimes services will have to collect data as part of the service they provide. Services who identify you via shadow id, provide up-to-date feedback about the nature of the information they hold on you, in exchange for accuracy estimates. It helps them clarify inaccuracies and gives you full visibility over your data.

A Cleaner
Inbox

You'll receive updates from the services you signed up with, via the shadow id app, in a structured, orderly fashion; sort of like push notifications, only less noise and no duplicates. This way you can keep up to date at your convenience and with a clear line of separation between what's business and what is informative.

Continuity Matters

We rarely think of account recovery as important, until the moment we need it, but this is a highly sensitive and complex process. It's the moment services try to identify an account owner who can no longer prove their identity (kind of a catch 22). This is the number one account take-over vector as sites let down their guard in their attempt to reconcile availability with security.

High
Availability

With shadow id, each connected device has full authority and functionality. This gives you ample redundancy and makes it difficult to lock yourself out of your online identity.

In-Person
Trust

Should that happen anyway, the person to person and service to person "in-person trust" mechanism facilitates account recovery without compromising security.

Online
Inheritance

And if you ever worried about your online assets in the unfortunate but inevitable event when you can no longer roam the Internet, you can now instruct shadow id to inherit / dispose of your online accounts, should you no longer be able to do so yourself.

Almost Ready

Register to get notified when companies report using your personal information. If you prefer not to leave your email, just join our twitter channel and find out when we launch the mobile apps.

If you are a coding geek, surfing on the fringes of technology - IoT, edge, mesh services, cryptography, privacy, self sovereign identity and such - we look forward to hearing from you. Shadow id and the identity plus platform is operational and we are already collaborating with several early adopter companies and students of technology.