VIDEO - A Quick Look at the Authoriti Permission Code

Authoriti CEO Mark Clancy explains why today's transactions require authentication, authorization and identity. The Authoriti Permission Code platform represents a new way of thinking that offers all three.

Strong authentication is not enough. Let's talk today about why we built the Authoriti Permission Code® platform.

What we’re all trying to do is try to figure out how do we stop a bad guy online from pretending to be our customer.

What we used to do is we used to do the "halt who goes there, what's the password"?

And then we added this two-step verification where we send you a text message to confirm particular action. Unfortunately, this really worked only when the bad guys were targeting our customers specifically.

So, what we're doing now is we're using strong authentication. We're asking you, you have to be "this high to ride the ride." Now on the backend, we're reverse engineering. Is this really Mark? Did he really want to do this transaction? We're trying to figure out that customer intent.

The reason we wanted to do that is, we wanted this futuristic utopian view where customers want to tell us what they wanted and we made it happen. And unfortunately, what we got instead is this nightmare.

Why did we have a nightmare? Because we forced our customers to jump through a million hoops. Every time they want to do something, we send them yet another text. And that text really wasn't connected to what they were trying to do.

And what it proved to us, the old model was broken. We just couldn't put it back together. We didn't have enough glue.

And so we started up Authoriti. We asked the question of how do you reverse engineer the customer intent when there is no correlating transaction data to let you guess if this was actually the customer.

You know what the answer is? You can't, you need a different way of thinking.

What we did at Authoriti, we thought about how do you look at this from an engineering perspective, and we came to the answer that you had to be strong in the authorization part of the process.

And what is that? Well, you need a way to communicate customer intention, independent of the channel that lets you get to a strong authorization where you really know it was your customer who wanted to do a particular thing.

How do we do that? Well, our technology allows the customer to digitally sign the details of their transaction.

So, we know it came from them and we noticed that they wanted to do, we do that by connecting the dots. We link that proofing of identity to possession of a private key in secure storage, on a mobile phone, for example, that you only have to do once.

And then, whenever you have a transaction, you sign those details and you send it to the institution and they can act on your behalf because they know it came from you.

How does this work specifically? So here's an example, where, perhaps my wife is on my family plan and she wants to get a new phone.

And normally today I'd have to go to the store to do this. With our platform, we can take the details of that transaction. So me as the primary account holder, I can say "this transaction with these details," and I sign it with my private key. We digest it into the Authoriti Permission Code.

That's this 10-character summary of the transaction details and the signature we can also put in barcode. And then my wife would show up in the store with this barcode on her phone, maybe as a text. And when she got to the store, she says, hey, I'm Claudia. This is my driver's license number. I want to get a new phone in this account and I want to finance $1,200.

And we take that signature, that public key. We validate the details and we can confirm that this transaction was authorized by the primary account holder Mark.

And that's the core of what we're doing. How is this useful?

We can enable high-risk transactions in channels like chat. We can authorize customers over the phone. You can use it to redirect packages. You can do all kinds of things. You can take these platforms of engagement that you have, and you can turn them into platforms with transaction.

And that's what I wanted to talk to you today about briefly. Thank you for your time.

When you want it all, when you want impenetrable security and a smooth customer experience -- please contact us here at Authoriti. Thank you!


The Authoriti Network was founded in 2017 to create new ways of preventing identity theft, fraud, and misuse of data.  Our founders have significant leadership experience dealing with InfoSec at-scale in the world's leading financial institutions.  Authoriti develops the Permission Code® platform, which uses customer-originated Smart PINs to give businesses the confidence that every transaction is authorized.      


  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2018-2021, The Authoriti Network, Inc. All rights reserved.
The Authoriti logo and the Permission Code® platform are registered trademarks of The Authoriti Network. Empowering Transaction Security™, Eliminate Friction and Fraud™, Frictionless Security. Delivered.™
and the Authoriti "A" mark are trademarks of The Authoriti Network.