With billions of people and devices connected to the internet at any given point of time, online security has perhaps never been this crucial. Despite all the vulnerabilities the approach implies, sensitive data – including personal identities and financial records – is still stored on centralized servers accessible via password authentication.
While most companies do their best to curb cyber attacks, malicious actors always find ways to exploit unsuspecting users and steal access. Surveys have shown that around 80 percent of people use the same password across multiple websites & devices, further weakening the security of their accounts. Have I Been Pwned, a website that tracks large-scale data breaches estimates that over five billion accounts have been compromised in documented hacks.
Given the safety and wealth of people and enterprises dependent on reliable data and password security, specialists suggest the use of password managers like LastPass. However, such software is also paradoxically locked behind its own “master password.” This ultimately makes them susceptible to most of the problems mentioned above.
Two-factor authentication is perhaps the only widely-adopted and fundamentally sound security standard right now. By requiring the input of a one-time password (OTP) from an authentication app or text message, the website is ensuring that the entity trying to gain access is indeed the entity authorized to do so. Thus, even with two-factor authentication, the underlying password infrastructure is still inadequate.
Blockchain startup REMME aims towards resolving the issue by creating a unique authentication system that is devoid of any passwords. Based on cryptography and distributed ledger technology (DLT), the solution is designed obsolete, while retaining convenience for the average user.
REMME will eventually completely replace passwords on the internet with SSL/TLS certificates assigned to a user’s trusted devices. Hashes containing information about these certificates are generated and recorded on a custom blockchain. This data cannot be spoofed by a third-party due to the system’s use of Public Key Infrastructure (PKI).
The project uses a blockchain to achieve two primary objectives: decentralization and immutability. The former guarantees that the entire network functions without relying on a single entity, while the latter is a safeguard against manipulation.
Migrating to Certificate Authorization
After a successful initial coin offering (ICO) earlier this year, REMME launched an alpha version of its core protocol. The release was meant to establish the base architecture and functionality of SSL/TLS certificates on its proposed Hyperledger Sawtooth blockchain. It also brought in necessary provisions for the REM token and a command-line interface that allowed certificates to be issued and revoked.
According to an announcement post, a pilot project launched October 2017 has attracted over 300 global applicants “ranging from small IT companies to fintech firm with more than 500M users and a telecom company with 640M customers.” In September 2018, the REMME development team also released the project’s testnet.
REMME has provided individuals with an opportunity to contribute to the integrity of the REMChain platform. Users can nominate themselves to become masternode holders by setting up their node and freezing 250,000 REM tokens. If eligible, the user is considered to be an approved masternode. These masternodes oversee transactions related to certificate issuance and revocation.
Notably, REMME is not looking to stop at providing an alternative authentication system for end-users. The company aims to use its PKI and blockchain-hybrid solution towards securing cryptocurrency exchanges and internet of things connected devices. By providing a robust and automated solution for two computers to authenticate, REMME plans to safeguard appliances and even entire cities from attacks.
Disclaimer: BTCManager does not endorse any content or product on this page. While we aim at providing you all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor this article can be considered as investment advice.