Liverpool Hope University is working with Tento Technologies to develop visual cryptography technology for smartphones, which it could rid the world of bane of modern digital life – passwords. More specifically, the need to remember them, when the different rules different websites employ mean you naturally end up with half a dozen or more variations on one standard password.

Liverpool Hope University Doctoral candidate Neil Buckley and Dean of Science Professor Atulya Nagar are working on mathematical models and algorithms to perfect the security of the Tento Token Authentication System, using digital applications of the principle of ‘secret sharing’, in which secret messages are hidden in sequences of random numbers or dots.

The Tento Token Authentication System, which delivers dynamic one-time encrypted logins, allows for secure internet access and online payments, and can also be adapted to detect counterfeit packaging and tickets.

When users download the free Tento app, they receive an embedded personal TentoID. When they visit a website that has Tento plugins installed, the website displays a QR-code. The user scans the QR code with their mobile device and it displays a one-time use login on their mobile device’s screen. In effect, the mobile device, when used with the TentoID app and website plug-ins, becomes a secure password generator.

The password is visual, so not only can a hacker not access to it, but even the users mobile phone doesnt know the password. The password is also destroyed as soon as the user has entered it into their chosen website.

The system has been patented in the UK and the US and has patents pending in Canada and Europe. Tento Technologies recently secured £35,000 from the Department for Business Innovation & Skills after winning its Innovate UK 2015 Cyber Security Challenge.

Secret sharing separates a confidential message into a number of ‘shares’, each containing no information whatsoever. It is only when subsets of these shares combine that a message is recovered. Visual secret sharing splits a confidential image into ‘shares’ of random pixels, which can be printed and stacked to reveal the secret.

Digital applications of this method allow visual cryptography to deliver dynamic, one-time encrypted logins. A bank, phone operator or employer issues a private share which is stored in a smartphone and a second share is sent to an app in the phone to reveal the secret code, which changes on every use.

“We are delighted to have that Neil Buckley and Professor Nagar have agreed to work with us on the development of our authentication products,” said hiding secret messages in sequences of random numbers or dots,” said Tento MD, Howard Yates. “Proof of identity and transactional trust are at the heart of our products and these factors will be boosted by the academic credibility that our collaboration will bring.”