Nomidio launches PII Cloud to enable transition to self-sovereign identity
Identity-as-a-Service live in Amazon marketplace so companies can authenticate customers without GDPR risk
London, 16 April 2020: Proving who you are is a frustrating experience that forces consumers to remember multiple passwords and to store their Personally Identifiable Information (PII) with tens or even hundreds of different organisations. For businesses, storing PII is a significant GDPR compliance risk, representing as much as 4% of global turnover, should they suffer a breach.
Nomidio is on a mission to change all this with the launch of the world’s first PII Cloud, specifically designed to securely house PII once, so multiple subscribing organisations don’t have to. Now, when a company needs PII for a business process such as a marketing campaign it simply communicates with the Nomidio PII Cloud via a secure API.
The first module of the Nomidio PII Cloud is Identity-as-a-service (IDaaS), which uses industry-leading biometrics engines to authenticate customers via the web or call centre. Consumers provide their identity information once and re-use it with the multiple organisations they interact with. The user’s ID is tokenized so organisations can interact with the identity data without the risk of actually storing it.
Nomidio is a spinout from the government-grade encryption specialists Post Quantum, whose algorithm is a finalist in NIST’s competition to identify a new global public-key cryptographic standard, replacing or supplementing RSA. A trusted supplier to NATO, NCSC and the UK Government, Post-Quantum has more than 35 patents relating to its innovations.
Philip Black, Commercial Director, Nomidio commented:
“Nomidio offers people a convenient and secure way to prove who they are using biometrics within a mobile web browser. The identity service can be easily integrated by virtually any organisation to improve customer experience and reduce compliance risk.”
Importantly, the individual retains control over their identity and manages consent for how their data is used via the web. In addition, Nomidio IDaaS draws on Post-Quantum’s patented key-splitting innovation ‘Quorum’ so that a number of different stakeholders are required before the individual’s identity data can be decrypted. This innovation also means a would-be attacker must breach multiple guardians of each encryption key fragment, making Nomidio a very unattractive target.
Andersen Cheng, CEO Post-Quantum added:
“Nomidio is a novel re-think of today’s privacy dilemma. Rather than hundreds of firms trying to secure PII in order to satisfy regulators, with many ultimately failing, why not do this once and extremely well? Businesses are waking up to the fact they don’t need vast amounts of PII to be successful and are increasingly prepared to help individuals regain control of their identities.”
Following today’s launch, Nomidio is now the only Identity solution available to companies via Amazon’s AWS marketplace as part of the firm’s virtual contact centre service ‘Amazon Connect’, meaning it’s now possible to ‘drag and drop’ consumer biometric authentication into the call flow. Amazon Connect is used by Amazon itself along with Capital One, GE and a host of large companies that have the ability to provision a contact centre, and now the Nomidio consumer authentication service, in a matter of hours.
Nomidio has also secured an agreement with Avaya, the world’s second largest provider of contact centre solutions, meaning a pipeline of large financial services and telecoms operators will be amongst the first to deploy, helping them to shave around 20% from the average call handling time whilst improving the experience they offer.
At Nomidio we have one priority over and above all others, Self-Sovereign Identity. Our mission is to keep people’s Personally Identifiable Information (PII) safe and under the absolute control of the individual without compromising the ability of the companies serving the individual to offer a world-class customer experience.
With a heritage in Post-Quantum Cryptography including 35+ Patents we have developed the Nomidio Private Identity Cloud as a single place in which PII is encrypted and stored allowing multiple businesses to take advantage of this data in a secure and anonymised way. User ID is Tokenised allowing subscribing business to take advantage of the user Identity without the risk inherent in storing full PII.
Our initial offers to business comprise Identity as a Service (IDaaS), Nomidio Identity Binding (NIB) and Identity Verification (IDV). These modules allow businesses to validate that users are who they say they are, without needing the depth of information that represents a compliance risk under regulations such as GDPR. We still provide data such as; salutation, age bracket and even key dates, just without the specifics that expose businesses and individuals to PII risk.