Masterkey

Plug-n-Play

WebSecurity

Invisible Passwordless Web Authentication
Deployed in Hours (not Months)

Simple, Low-Cost Deployment

(10-100x faster than other solutions)

No backend system changes

No client software

No user setup (Change Management)

No Technical Risk – No Security Risk

MasterKey meets the most advanced standards for Zero-Trust networks and Zero-Trust devices.
It implements the WebAuthn/FIDO2 standard without any system development.

Unique Clientless
Webserver-Controlled Architecture

MasterKey is Clientless

The genius of MasterKey is that there is no client software for users to download, install and setup, unlike other solutions. Centrally controlled by the webserver, it can be deployed instantly and scaled to any size user base (or sub-set). MasterKey activates the Webserver intelligence to co-create a system based on the unique triangulation formed by the User, Mobile and Webserver. This System secures the original input, storage and recalls of credentials.

New-MasterKey-Homepage-Imagery-Clientless-Section-Encrypted-Keyboard

Encrypted Keyboard

When initiated by the user’s mobile, the Webserver harnesses the phone browser to create a once-off Encrypted Keyboard (graphical proxy).  Users enter their credentials once which generates unique encoded cell references. No characters exist locally so even on a compromised zero-trust device or network, nothing can intercept and decipher the credentials. 

Icon-02-BankVault-MasterKey-Homepage-Imagery-Encode-Encrypt

Double-encoded-&-encrypted

The credentials, as they enter and flow through the network, are double-encoded-and-encrypted, making it impossible to decipher if intercepted. The data has no context or meaning without all the components of the original triangulation that co-created it.

Icon-03-BankVault-MasterKey-Homepage-Imagery-Triangulation-p29bgl33ko7v48m4h0zhw1frjkxm0ib2ku6t45z9ks

Unique Triangulation

The credentials can only be reconstituted inside the webserver, when the original triangulation is initiated by the user’s mobile, and if WebAuthn is enabled, by the user providing their proof-of-presence.  (Biometric, Screen swipe, PIN, etc.). The experience is simply invisible.

Seamless & Strong

WebSecurity Experience

No Attack-Surface

99% of cyber-attacks target devices (PCs and Smartphones).The goal is identity theft to take over online accounts and steal money, redirect financial transactions or access private data. Credential input is easily intercepted by keyloggers or Man-in-the-Browser attacks. MasterKey sidesteps the device, providing no attack-surface for hackers to steal credentials. Credentials never hit the device.

Passwordless Authentication

Users gain seamless access and never need to enter credentials again. On mobile/tablets, the system recognizes the user device and simply logs them in. On workstations the user just waves their phone over the screen. Instant secure access. If the WebAuthn option is activated then the user is also prompted to give their Proof-of-Presence

Smooth
User Experience

Until now, the only solution to credential theft was 2FA. This is a valid option but typically a last resort because it is clumsy for the user, it adds to the support burden, and it can still be defeated by a Man-in-the-Browser attack. The adoption of MasterKey is totally intuitive to users as there’s no pre-requisite setup and its use is seamless. 

Frictionless Multi-Factor Authentication in
1-invisible-step

MasterKey provides Multi-Factor Authentication in a way that’s completely invisible to the user by enabling 3 levels of identification: ‘something you know’ (credentials) ‘something you have’ (mobile), and ‘something you are’ (biometric scan, screen pattern, local device PIN etc.). Strong security is achieved in 1-invisible-step (not 2 steps).

Warning: Password Manager Users

In absence of company WebSecurity, users often install Password Managers, mistakenly believing that these provide security. But in the process of auto-filling web-forms the encrypted credentials are exposed as clear text, making these vulnerable to malware in the browser (JavaScript).

The Danger Of Not Taking Action

Users are scared of Identity Theft and minimize their engagement with businesses that do not protect them. Companies that care to protect their users are trusted and rewarded with greater engagement. Companies that fail to provide essential WebSecurity fall. Their reputation tanks. Users flee. MasterKey provides strong WebSecurity and involves virtually no expertise and time to deploy. It delivers the ultimate Passwordless experience. Smooth and Intuitive.

You could be running a WebSecure business by the end of the week.
What’s holding you back?

Icon-04-BankVault-MasterKey-Homepage-Imagery-Strong-WebSecurity-p29fwickcx54fubdmnlem6m20mosmm708dztjyuwxo

Access to Strong WebSecurity

For any company caring to secure users, MasterKey is a no-brainer.

Icon-05-BankVault-MasterKey-Homepage-Imagery-Point-Solution-p29fxj09rgjb0mu4olfutfd16no3yt8jdffr9rck70

Point Solution
for IAM

For organizations bogged down in ‘Identity and Access Management’  transformations, MasterKey can be implement immediately.

Icon-06-BankVault-MasterKey-Homepage-Imagery-Upgrade-from-Password-p29fy2qvqzabsg1ghbz0rsdpnqytggewg54yckjakc

WebSecurity 101 for small businesses

A SaaS subscription and simple deployment, involving no barriers, makes MasterKey accessible even to smaller businesses that typically do not have the resources to deploy new Authentication solutions.

Graphic-03-BankVault-MasterKey-Homepage-Imagery-Mobile-Orange-Login.png

Test-Drive

Masterkey

Today!

USA

Australia

©Copyright 2021 BankVault Pty Ltd. All rights reserved.