OneID: Trustable (bring your own) Identity
General overview documents
OneID Executive Summary
A short summary of why OneID is important and the key features.
A longer summary of why OneID is important
OneID 9 page Overview.docx
A Microsoft Word document with an overview of OneID
OneID checkout at Portero
Typical OneID implementation at a high-end shopping site.
OneID on Magento: before and
Shows difference of a OneID enabled site vs. traditional site
OneID Quick Tour Video (90 seconds)
A quick video tour of OneID from a consumer point of view explaining how it
works and how to use it. This is the fastest way to get a pretty complete
overview of many OneID capabilities.
User Intro video (120 seconds)
Video that is offered to new users after they create their OneID.
OneID benefits for e-commerce sites (video)
A short non-technical video of OneID benefits to e-commerce sites.
Using OneID with SSH (60
Shows how you can pair the SSH app with your OneID, adding it as a new device.
Then you can select the security level for that device. The net result is that
when you SSH to a remote system, you can use your OneID to control the LoA. No
changes are needed at the client. Only the server is modified. The step-up
authentication can be set on a per public key basis so users without OneID are
not affected. The security is set by the max of that required by the user and
the server admin.
The world's most secure
garage door opener (secured by OneID)
Use your OneID to open your garage door.
The technology behind OneID
OneID technology overview
Explanation of the core authentication protocol and some of the unique features
OneID – An
architectural overview v4.pdf
A 6 page whitepaper on how OneID is constructed
How OneID works: The
A short description of the basic concepts behind OneID. A simplified description
of 4 key OneID operations.
How OneID works:
An in-depth description of how 9 core OneID operations work
OneID detailed protocol
Detailed protocol specification for all of the OneID end-to-end secure protocols
for authentication, authorization, and pairing.
OneID unique features
50 features of OneID that you won't find in other cloud
Requirements for a
trustable cloud identity provider
A list of 27 requirements for a trustable cloud-based federated identity provider.
OneID meets all
27. Most other cloud identities ("bring your own identity") meet only a few.
Why I started OneID
The history of how OneID was started and why it was designed the way it was. Describes the limitations of existing solutions to digital identity and how OneID overcomes those problems.
Explains why OneID is the safest, easiest to
use, and most private identity available today.
OneID core authentication/authorization protocol
(8 minute video)
Video explains the core OneID sign in protocol in detail
OneID fraud prevention
Anti-fraud techniques that OneID can deploy
OneID Threat Analysis
A preliminary threat analysis
Where you can use OneID today
Over 100 websites where you can use OneID today.
OneID key selling
Key selling points for various industries
OneID and SSH: The best two-factor
auth for SSH ever
Shows how to configure SSH to work with OneID. There are no client-side
modifications. SSH with a 2-factor add on is still a single point of failure.
SSH with OneID eliminates the security risk.
Describes Shibboleth, GLUU, OpenID 2.0, OpenID Connect, and SAML 2 interfaces to OneID so OneID can be used with those
60 Identity Problems that
OneID can help solve
A list of 60 identity problems that OneID can help solve
OneID and Meaningful Use
Stage 2 Standards and Certification
Using the capabilities inherent in OneID can make architecting solutions to the
Meaningful Use healthcare requirements much easier.
The grand vision: Future applications of OneID
A list of some future applications that OneID enables
OneID and identity
Users only have to go through the pain to identity proof their OneID identity once. We can then share those assertion(s)
with you (with the user's permission).
OneID and PCI DSS 2.0: OneID is
the world's best cardholder vault
OneID is better than storing at any PCI compliant vendor, better than handling
cardholder data yourself. With OneID handling the transaction, you minimize that
liability because the cardholder data in the vault can't be decrypted except by
the user himself!
OneID and enterprise
security: SSO, SSH, VPN, and an unbreakable data vault
OneID has a PAM module and can be used to secure SSO, VPN, and SSH. OneID is also the ideal
repository for enterprise secrets, such as for storing a private key used with
SSH. Today, these private keys are unprotected. With OneID, private keys can be
retrieved on demand from the OneID servers (where they can never be decrypted),
used for login on the server, and then discarded. OneID can also be used for
authentication to SSO systems (replacing username and password). OneID is both
easier and much more secure (immunity to all known attacks).
We have browser extensions for Chrome (publicly released), as well as
unreleased extensions for Firefox, Safari, and Internet Explorer. The extensions
are 100% optional. They allow you to use OneID to auto-fill information on
websites which have not been modified to support OneID natively (which is most
websites). The extensions currently do not do username/password at this time.
OneID for mobile apps will be coming soon. Contact us if you would like to
be a beta tester.
OneID for desktop apps like Dropbox will be coming soon. Contact us if you
would like to be a beta tester. We now have OneID working with SSH now. So OneID
is now working outside of the browser.
Describes how to provision OneID with enterprise applications supporting OneID
OneID and enterprise SSO/IAM:
SaasID, Imprivata, Ping Federate, ForgeRock, Quest One, Gluu, Centrify
Describes how OneID works with enterprise SSO and IAM products including step-up
compared with traditional cloud identity providers such as Facebook, and
protocols such as OpenID and SAML2
Compares OneID to traditional cloud identity providers and protocols that are
based on IdP-centric models such as OpenID 2.0 and SAML 2.0.
with two-factor add-on solutions such as Authentify, PhoneFactor
Here's how OneID compares to Authentify, PhoneFactor, and other second-factor
add-ons (although they aren't really comparable since
OneID is a complete digital identity, not a second factor add-on). Also
discusses why OneID has the best immunity to Eurograbber and other threats that
can bypass two-factor add-ons.
OneID developer site
Linking OneID with
Code example for login, step-up authentication, and RP server generated push
SDKs for .net, PHP, Drupal, Python, django, Java
OneID WordPress plug-in
SDK for Magento: Contact us at firstname.lastname@example.org
Consumer FAQ and Q&A
Quotes from the press, corporate CIOs, identity architects, security bloggers, and CISOs
A list of awards and accolades
How Twitter could permanently
end password breaches
2FA isn't the answer. Implementing OneID can make password breaches "go away."
Questions from readers on the content on this site.