appMobi released an authentication technology today dubbed cloudKey which could change ecommerce security for the better.
cloudKey is unique in that the user's credit card information is stored on the user's device and never in an online database. The private data is stored using 256 bit AES (Advanced Encryption Standard). Using a distributed key topology, cloudKey stores only the decryption keys in the cloud. Since that information is all but worthless without the device and password in hand, we could have a real winner here.
"With this advance, cloudKey has eliminated all the tempting targets for the bad guys; even if they could steal appMobi's entire crypto key database and a user's device, they'd then have to guess the user's password, and at most they could get only 1 credit card number," said Sam Abadir, appMobi's CTO. "It would be a huge expenditure of effort for very little gain. By keeping private data local on the device, cloudKey makes massive security losses like the recent 77 million account Sony PlayStation network breach impossible."
The product, which is available for use in Web and mobile apps, will be integrated immediately into appMobi's 1Touch "single touch" payment system. The 1Touch technology integrated with any payment gateway including PayPal or Authorize.net and can even used with direct carrier billing.