Announcing a Return to our Roots: The All-New Bitcoin Magazine

Bitspark and Clef Team Up for “Passwordless” Logins

by

         Bitspark and Clef Team Up for “Passwordless” Logins

Bitspark becomes the latest Bitcoin company to integrate Clef’s two-factor authentication to provide secure, “passwordless” logins for their users.

Why Is This Important?

Earlier this year, the Canadian Bitcoin exchange, Cavitrex, shut down temporarily due to security concerns. The exchange was hacked just weeks prior to the announcement, which caused users’ passwords and two-factor authentication secrets to be compromised.

Bitspark is a Hong Kong-based exchange and remittance company that has recently announced a new round of funding. They are the first company in the world to offer end-to-end bitcoin remittances and were recently featured in Goldman Sachs’ report The Future of Finance.

Bitspark offers two major services: an exchange and a remittance service. The exchange supports 18 currency pairs and five fiat currencies. The remittance service works in Hong Kong, the Philippines, Indonesia and Australia.

Prior scandals surrounding previous Bitcoin exchanges such as MtGox and Cavitrex make security a huge priority for Bitspark.

“When we think about the next generation of Bitcoin technology, Bitspark is exactly the kind of product that gets us excited,” said Brennen Byrne, CEO of Clef. “It is absolutely critical that we find ways to make Bitcoin useful to more people, and I’m excited that Clef can help make that happen.”

Bitspark chose Clef because of how easy it is to use. Typically, sites that offer two-factor authentication see less than 1 percent of users opt in to protect their accounts, but sites that use Clef have seen more than 50 percent of their users opt in to the safer login. Two-factor authentication – or ‘2FA’ – is a simple feature that asks for more than just a user’s password. To make login seamless, Clef recognizes a user’s phone instead of anything he or she needs to remember or type.

Instead of storing secrets in a central server like other forms of two-factor authentication, Clef is a distributed system for logging in. Private keys are generated and stored on the user’s phone. Nothing secret ever needs to be sent to Clef and therefore no 2FA secrets would be compromised.

“From the first time I saw someone log in with Clef, I knew that this was the future of logging in,” said George Harrap, CEO of Bitspark. “Our whole team got excited about the technology, and the integration was really quick.”

A New Kind of Security

Traditional 2FA requires a user to have two types of credentials before being able to log into an account. 2FA typically asks the users to confirm that it is in fact them trying to access the account.

Examples of this include:

  • PIN or password sent via text
  • phone call giving a code
  • fingerprint

2FA security is far from 100 percent secure, as illustrated with the Cavitrex 2FA factor security breach. To hack an account protected by two-factor authentication, hackers must gain access to the physical feature being sent (PIN sent via text to mobile phone). According to CNET, the second way a hacker can gain access through 2FA is by gaining access to the “cookies or tokens placed one the device by the authenticator.”

2FA is not perfect, but it is certainly more secure than a single-factor authentication. 2FA is likely to become the norm, followed by 3FA or 4FA.

Here is how Clef security improves upon the 2FA model: Customers can log into Bitspark on any computer in the world by holding their phones up to a computer screen. Using the phone’s camera and an animation called the “Clef Wave,” the phone seamlessly syncs with the computer and logs the user in.

The process already protects about 50,000 sites and is backed by cryptography. Instead of storing secrets in a central server like other forms of two-factor authentication, Clef is a distributed system for logging in. Private keys are generated and stored on the user’s phone.

By taking advantage of the rapid spread of mobile devices, Clef has built technology that is not only much more secure than traditional logins, but also easier to use. Since 2013, Clef has spread to more than 46,000 sites and received accolades from The New York Times, Inc. Magazine and The Economist.

Clef is funded by Morado Ventures and angel investors from a broad variety of product and security backgrounds.

Recommended

Ten Years Later, a Reflection on Bitcoin’s Genesis and Satoshi’s Timing

Rather than focusing simply on what the genesis block is, today is a day to reflect on what the genesis block represents.

Colin Harper

Op Ed: From Gray To Black and White: Traditional Regulations Come to Crypto

For the crypto industry, recent developments — at both the federal and international levels — signal that the time for plausible deniability or unregulated freedom is coming to an end and more traditional regulations are moving to the forefront.

Courtney Rogers Perrin and Joshua Lewis

Bitcoin Price Analysis: Blowing Through Support Levels on the Way to $3,000

Bitcoin continues to tumble lower and lower as it struggles to claim any footing in the market. It’s down almost 50% in three weeks and it’s showing very little sign of stopping. It’s currently clutching onto the $3,500 values but it doesn’t look like it can hold on much longer.

Bitcoin Schmitcoin

Op Ed: SEC’s Latest Declaration Creates Legal Minefield for Digital Assets

This broad, authoritative declaration is not unexpected, as, to date, the SEC has stated that all digital assets — regardless of whether they function as alt coins or utility tokens — are securities at least initially and, thus, subject to its jurisdiction.

Huhnsik Chung and Nicholas Secara