Technology

Flexible multi-factor authentication engine for tactical Zero-Trust environments​

ZKX is patent-pending, next-gen MFA software designed to be more secure, dynamic, and flexible than conventional solutions​. ZKX is driven by zero-knowledge proofs (ZKPs) and is agnostic to the application, transport, endpoints, artifacts, policies, and network you already have in place.

ZKX Key Benefits

Intuitive

ZKX is entirely transparent to the end user, with authentication/login sessions functioning exactly like the methods used today

Flexible

Administrators can drop the ZKX engine into any network and use it in compliance with existing policies

Secure

ZKX doesn’t store or transmit any authenticating secrets or user data

Lightweight

ZKX is built on a “bottom-up” philosophy, integrating the enterprise with the edge, not the other way around

What makes ZKX unique?

User and device

ZKX utilizes a novel private key recovery method to:

  • Tie a user’s identity to a specific device or MFA token​
  • Prevent the storage of any authenticating secrets ​
  • Multiply the difficulty curve for an adversary attempting to cheat the system​
  • Boost operational security for a legitimate user​
Zero Knowledge Proofs keep everything secure

ZKX uses ZKPs at its core to:​

  • Protect user information in transit from snooping adversaries​
  • Ensure user privacy by offering no sensitive information during the transaction
  • Fortify the security guarantees already in place with public key cryptography​
  • Iterate a system’s trust in a user before privileges are recognized or granted​
Public key crypto

ZKX leverages public key cryptography to:

  • Capitalize on proven and ubiquitous cryptosystems already in place​
  • Work synchronously with existing MFA tokens and practices​
  • Integrate with existing policies and procedures regarding authentication​
  • Abstract away the need for external token verification​
ZKP Session Management

ZKX utilizes a novel zero-knowledge session management scheme for:​

  • Continued, authenticated use of an application or service, protected under the heightened security of zero-knowledge ​
  • Orchestration of user sessions via public key management​
  • Enforcement of different policy-level requirements for application use and active sessions​