DigiFlak flies flag for consumer two factor security

Two-factor security has been a hard sell in the consumer space, apart from online banking where people are more willing to endure a little inconvenience for their financial security. But growing concerns over privacy and awareness of threats has made the second factor, based usually on something the person owns (usually a gadget) as well as knows (a password), more appealing to some.

Estonian start up Digiflak has bet on the second factor gaining ground among consumers, although that is not the only string to its bow. Founded in 2013 by Maxim Kostin, the firm decided that improvements in chip design meant the time was right to develop and promote a dongle as a convenient second factor, avoiding the need for the additional engagement required say to generate one off passkeys, using separate devices as in online banking.

There are clear use-cases for technologies like DigiFlak’s, as well as others from the likes of the FIDO Alliance or OAuth-based projects. Any time a user needs to provide proof of ownership of a physical device, something more convincing than an email address and a password is required in this day and age.

The DigiFlak dongle is called Flak Secuter and can attached by USB or NFC (Near Field Communication), so that it can also be used with client devices lacking a USB port. The firm is promoting its use particularly with Google’s two-factor option for services such as Gmail. Called Google Authenticator, this is a software token that implements what Google calls two-step verification and its use has been growing but still confined to under 10% of customers, by the supposed inconvenience.

DigiFlak makes it easier by enabling it via the dongle so that users just need to enter their password as before. Then the second factor can be invoked just by tapping the dongle. Normally Google either sends a passcode as an SMS text to a user’s smartphone which then becomes the second factor. Alternatively, Google can transmit a prompt to the smartphone requiring just a tap to confirm the user’s identity. But Google also supports use of third-party devices and that’s where DigiFlak slots in.

DigiFlak has also incorporated antivirus and a hardware firewall into the Flak Secuter which therefore protects against threats such as password, phishing and hijacking. It can also set up VPN connections for anonymous Internet access while enjoying the 2-factor authentication.

The firm has notched up some partnerships and project engagements that have provided credibility as well as routes to market. It tied up with US. Cryptographic Appliance manufacturer Engage Black in October 2017 to integrate that firm’s BlackVault Certificate Authority (CA) with the Secuters. The two companies then started offering a combined package for certificate management and communication protection for IoT and Smart Contracts projects.

It followed up in February 2018 by closing a deal worth about $300,000 to participate with 14 European companies and universities in the European Union Horizon 2020 “Captain” project. Coordinated by the Greek Aristotle University of Thessaloniki, this was set up to develop privacy and data security features for eCare services, with the Secuters featuring as a candidate for convenient access control particularly with more elderly users in mind.