Proving who you are is a frustrating experience that forces consumers to remember multiple passwords and to store their Personally Identifiable Information (PII) with tens or even hundreds of different organisations. For businesses, storing PII is a significant GDPR compliance risk, representing as much as 4% of global turnover, should they suffer a breach.
Nomidio is on a mission to change all this with the launch of the world’s first PII Cloud, specifically designed to securely house PII once, so multiple subscribing organisations don’t have to. Now, when a company needs PII for a business process such as a marketing campaign it simply communicates with the Nomidio PII Cloud via a secure API.
The first module of the Nomidio PII Cloud is Identity-as-a-service (IDaaS), which uses industry-leading biometrics engines to authenticate customers via the web or call centre. Consumers provide their identity information once and re-use it with the multiple organisations they interact with. The user’s ID is tokenized so organisations can interact with the identity data without the risk of actually storing it.
Nomidio is a spinout from the government-grade encryption specialists Post Quantum, whose algorithm is a finalist in NIST’s competition to identify a new global public-key cryptographic standard, replacing or supplementing RSA. A trusted supplier to NATO, NCSC and the UK Government, Post-Quantum has more than 35 patents relating to its innovations.
Philip Black, Commercial Director, Nomidio commented: “Nomidio offers people a convenient and secure way to prove who they are using biometrics within a mobile web browser. The identity service can be easily integrated by virtually any organisation to improve customer experience and reduce compliance risk.”
Importantly, the individual retains control over their identity and manages consent for how their data is used, via an app. In addition, Nomidio IDaaS draws on Post-Quantum’s patented key-splitting innovation ‘Quorum’ so that a number of different stakeholders are required before the individual’s identity data can be decrypted. This innovation also means a would-be attacker must breach multiple guardians of each encryption key fragment, making Nomidio a very unattractive target.
Andersen Cheng, CEO Post-Quantum added: “Nomidio is a novel re-think of today’s privacy dilemma. Rather than hundreds of firms trying to secure PII in order to satisfy regulators, with many ultimately failing, why not do this once and extremely well? Businesses are waking up to the fact they don’t need vast amounts of PII to be successful and are increasingly prepared to help individuals regain control of their identities.”
Following today’s launch, Nomidio is now the only Identity solution available to companies via Amazon’s AWS marketplace as part of the firm’s virtual contact centre service ‘Amazon Connect’, meaning it’s now possible to ‘drag and drop’ consumer biometric authentication into the call flow. Amazon Connect is used by Amazon itself along with Capital One, GE and a host of large companies that have the ability to provision a contact centre, and now the Nomidio consumer authentication service, in a matter of days.
Nomidio has also secured an agreement with Avaya, the world’s second largest provider of contact centre solutions, meaning a pipeline of large financial services and telecoms operators will be amongst the first to deploy, helping them to shave around 20% from the average call handling time whilst improving the experience they offer.