Our Encrypted Domain approach ensures that:
- We never have access to any sensitive user data.
- The user has full control over their data.
- The user’s data is robustly tied back to a single human being.
We accomplish this with a state-of-the-art distributed system — not a massive central database vulnerable to attack and privacy violations. This is the real magic of Unum ID.
Encrypted Domain: You use SDKs to interact with our Identity Engine cloud. We never have access to sensitive user data. See the Architecture section for more information about each component.
A user’s Unum ID
- the company that issued the credential
- the user the credential was issued to
- companies the user shares the credential with
The upshot is this: Unum ID coordinates sharing of verified identity data, but we are never able to interact with that data in plaintext. Our sharified identity™ solutions come with unparalleled privacy and security.
When you issue (send) a
Issuance: The Server SDK encrypts a credential with a user’s public key before sending it to us. This ensures that only you and that specific user have access to the plaintext data — Unum ID never does.
Then, when a user responds to a
Sharing: The Mobile SDK encrypts a credential with your public key before sending it to us. This ensures that only the user and you have access to the underlying plaintext data — Unum ID never does.
The encryption described above is in addition to the standard encryption like TLS that applies to all data in transit and at rest. This encryption is done with a specific public key and ensures only the holder of the corresponding private key can decrypt the data.
Unum ID solutions have best-in-class privacy and security features. Some of these are detailed below.
Standard encryption like TLS applies to all data in transit and at rest, but there’s an additional layer. When you send a
A user’s credentials are stored locally on their device, encrypted in your app. This is tied to the trusted execution environment (TEE) and secure hardware of the user’s phone so that the credentials can only be accessed or shared by passing a biometric or passcode check.
The secure hardware in a mobile device has the amazing property that an app can ask it to create key pairs and use the private keys without ever directly accessing those private keys. The private keys never leave the device, and even the manufacturer has no ability to access them.
Unum ID uses this to enable end-to-end public key cryptography. But, crucially, we package it behind a simple user experience so that users never need to even know what a public key is.
Data is only shared with full consent of the user. Unum ID goes far beyond what’s needed for compliance with GDPR, CCPA, and other privacy regulations.
All cryptography (key generation, signing, encryption, etc.) is done locally, on your server or in your app on the user’s device. We provide software that makes this easy to do, but all operations are done independently of Unum ID. This ensures your security is under your control.
We use zero shared secrets: no passwords, passcodes, PINs, or otherwise. Unum ID instead uses public key cryptography tied to the secure hardware of users’ phones. This completely eliminates common account takeover attacks like SIM swapping and behavioral fraud more generally. How? Because there’s no secret to intercept. See our white paper How Unum ID Stops Account Takeover for more.
The security of our passwordless auth solution (Beyond Passwordless™) applies to all interactions in Unum ID. This authentication is bi-directional: you authenticate the user, and the user authenticates you! This eliminates phishing attacks because the user is unable to share data with anyone other than your company, no matter how convincing the phishing material may be.