Ensygnia Launches Patented OneScan Authentication Solution

UK start-up Ensygnia has been granted its first technology patent by the UK Patent Office. The patent relates to a process for a series of authentication and transaction applications based on Ensygnia encrypted QR (eQR) codes. The company is bringing the solution to market under the brand name, OneScan.

OneScan enables web users to log into websites, including everything from Facebook to online banking sites and corporate VPNs, by scanning a unique QR code that is generated by the Ensygnia platform and appears on screen alongside the traditional username and password fields. For each new site or network that the user needs to log into, after entering their usual username and password details the first time, subsequent logins are performed simply by scanning the QR code. The system can also be used to deliver a one-scan purchase from a website by tying the code to a specific product.

Ensygnia says that the OneScan service marks the beginning of the end for multiple passwords and log-in credentials for anyone accessing internet services or private networks. For websites other than those requiring two-factor authentication, the solution can be deployed by the user via a browser plugin and an app download, with no need for active approval by the website concerned. So if you wanted to use the solution to log in to Facebook, Twitter et al, you could. The app will be available initially for iOS and Android, in private Beta.

“At a stroke, Ensygnia is making simple password protection a thing of the past and revolutionising internet security and safety for all the providers – and all the users – of company networks, online stores, and social media services,” says Ensygnia CEO and co-founder, Richard H Harris. “Using OneScan we can deliver a level of identification and authentication security greater than that used by consumer banks today – without the need for specialist devices. We will be able to offer OneScan to register, to log in, to pay at the online checkout, or to simply buy goods as they are advertised in magazines, on TV and even in shop windows when the stores are closed.”  

Ensygnia CTO and co-founder Matt Deacon adds that the two-communication channel approach of OneScan is only one element of the strengthened security process of the service. He says: “With OneScan, users will no longer need to enter their ID or user name into a browser. Accessing a web service or network that uses OneScan will generate a unique Ensygnia encrypted QR code (eQR) which users simply scan to deliver their log-in credentials to the service over the separate mobile connection.

“Other security checks – including personal questions or password phrases – can be added to the process on the mobile to further strengthen security if required,” he added, “but once these are completed you are automatically logged on to the service you are trying to access. In this way, your ID and your authentication information are kept completely invisible and out of band during the log-in and only come together in the background within the service.”

For online retailers, Ensygnia says that OneScan could mean an end to ever entering credit or debit card information into a web site again. “After registering once with Ensygnia on a secure channel, users could shop online safely and securely using OneScan to confirm purchases,” says Harris. “At the checkout stage of the online process, instead of entering financial and personal information into the website, users would simply scan an eQR Code and confirm the transaction on our separate channel. All the required banking and delivery information would be provided to the site in the background on the separate channel.”

Retailers could also include eQR codes alongside products in magazines, shop windows, or on TV to enable OneScan customers to quickly and securely buy goods with a single scan, with no requirement to register, log on or provide any financial information.

The company says it is in advanced dialogue with a number of major international retailers, companies, financial institutions and organisations, and is now opening Beta stage testing of OneScan to a selection of partners.

Harris and Deacon formed Ensygnia in 2011. Both have extensive experience in internet Security, online fraud prevention and identity management, with companies including Microsoft, Texas Instruments, Swivel Secure, Clearswift, Tumbleweed and Mobix. Amanda Mesler, CEO of Logica Consulting in the UK, and Andrew Nash, head of identity management at Google, are also on the Ensygnia main board.