About CryptoPhoto

Protecting your site with CryptoPhoto is quick and easy.

CryptoPhoto prevents phishing and keylogger attacks


It's a physical card, or a smartphone App (or both).

  • For web sites
    • The CryptoPhoto API takes only minutes to install. See our API page for instructions and free code samples.
    • Easily offer strong & convenient, managed 2-factor security and phishing protection to your users.
    • Use your brand, or ours, on your tokens.
       
  • For small business.

    The CryptoPhoto Suite installs on your machines, giving you full in-house management. Branding of both Tokens and App is available.

  • For corporations

    The CryptoPhoto Appliance or Suite installs in your environment. Integration of the CP technology into your own smartphone Apps is available.

  • For end-users

    Many OpenID providers already offer CryptoPhoto tokens to their users. Choose one from our third-party-providers page, or ask your existing provider to upgrade your protection to CryptoPhoto.

The CryptoPhoto physical tokens


  • Require no end-user training.
  • Size of a credit card.
  • Intuitively valuable and secure.
  • Genuine 2-factor bi-directional strong authentication.
  • Can be printed at home by end-users.
  • Can be integrated into existing company products, or physically provided to users.
  • Multiple tokens supported - eg: spares or backups for lost tokens or flat smartphones etc
  • Safe, durable, waterproof, and attractive.
Double-sided physical CryptoPhoto token sample

The CryptoPhoto smartphone App


  • Works online or offline, home and abroad.
  • Offers instant "Push-activated" authentication in as little as one tap.
  • Has self-updating tokens.
  • Optional password protection and other issuer-policy requirements supported.
  • Optional in-app customer token purchasing if required.
  • Built-in two-channel anti-spoofing protection.
  • Supports multiple tokens, issuers, and branding.
  • Available on all popular smartphones and tablets.

For iPhone, iPod, and iPad
 

CryptoPhoto techniques


  • Block spoofing, phishing, and fake web sites.
  • Protect against keyloggers, malware, viruses, and trojans.
  • Mitigate end-user mistakes or carelessness, protecting them against scams, trickery, and con-artists (online and offline).
  • ­Multiple tokens and smartphone apps are interchangeable (use several of either kind as backups).
  • Contain no key material (are resistant to compromise vulnerability).
  • Simultaneously secure both ends of user transactions.
  • Genuine 2-factor and bidirectional (not just "mutual") authentication.
  • Conceived in 2001, and patent approved (issuance pending).
  • Intuitively secure to novice and expert end-users alike.
  • Available now.

How CryptoPhoto works


The photos block phishing and other imposters from tricking users into divulging secret information into unauthorised hands. The passcodes prevent keyloggers from using stolen information.

Our API (Application Programming Interface) makes it easy for any security conscious web site operator to incorporate our multifactor bidirectional authentication into their existing login/authentication systems.

Use our Demo link to experience a live sample, or visit our API link to learn how to deploy our solution in your site or organization.