When needed for high-risk use cases, contexts and user profiles, Circle API proves flexible options to escalate to spoof-proof distributed, peer-to-peer multifactor identity verification + authentication. We call this method the Circle-of-Trust™. There are two basic methods available today.
Circle-of-Trust™ Level 1
Cryptographic Human-in-the-Loop Authentication
Enables direct authentication between human users implemented by the developer using traditional cloud resources for re-authentication and checks to ensure that the authorized user has control of his or her devices.
Developers can implement this end-to-end themselves with existing preferred cloud resources and services, or Circle offers optional hosted services. To learn more, please see:
Circle-of-Trust™ Level 2
Spoof-proof Human-in-the-Loop Identity Verification
For actions, events, and data requiring the highest level of security.
This is a breakthrough, spoof-proof method of identity verification + authentication that is cryptographically fused to device authorization. It operates entirely within Circles that are encrypted with AES 256, without any external avenues for attack. We are implementing this first, a turn-key hosted solution in order to ensure the integrity of the methods and system. After that is released, we intend to then package API hooks and guidance that would enable developers to implement their own variations on the method, while ensuring the security integrity of the system is maintained.
Highlights:
- All operations are performed within AES 256 encrypted Circle, with no external certificate authority or exposure.
- Impervious to external attack or manipulation.
- Can be applied to protect application and device functions, not just data.
- Any level of authentication can be defined:
- N number of trusted peers
- Sequenced steps / workflows
- Visual confirmation
- Proximity-based confirmation
To learn more, please see:
Why we created Circle-of-Trust™
Not all security needs or use cases are equal. Circle Cryptographic Credential-free Auto-Authentication is suitable to many or even most use cases, providing a new level of security that binds access to cloud resources to authorized devices. In doing so, we have eliminated the attack surface in the cloud.
Attackers may then turn, of course, to attack devices. While this is exponentially more expensive in terms of effort required for the attacker, it will still be worthwhile if the human or device involved accesses sufficiently valuable resources. A Master Admin account is one example of this, but any use case with high value and high-risk capabilities applies.
Circle-of-Trust provides a breakthrough method of addressing this need for such capabilities, while ensuring that only the authorized human users or roles are given the power to do so.