We are proud to present the world's first fully Passkey-powered, zero-trust, cloud-based Identity Provider (iDp). Our state-of-the-art technology guarantees your online protection, so you can enjoy a secure and hassle-free experience.

Our business model has two main components. Firstly, we utilize open standards such as FIDO2 and Passkeys to eliminate the need for usernames and passwords. Secondly, we believe that Identity and Access Management (IAM) has become too complicated for many organizations. Our goal is to implement passwordless technologies and simplify identity management.

As you may already know, traditional usernames and passwords have been vulnerable for quite some time and can easily be compromised. Shockingly, over 80% of all security breaches occur as a result of weak, reused or compromised passwords. In fact, a quarter of the S&P 500 had their SSO (single sign-on) credentials exposed and sold on the "dark web".

Multi-Factor Authentication (MFA) was created as a solution to prevent data breaches. However, while MFA has been effective in enhancing security, it has also made logging into applications more complicated and frustrating for users. This has resulted in what experts call "MFA Fatigue", which attackers can exploit by taking advantage of the users' frustration and confusion.

Although MFA has helped prevent breaches to a certain extent, many organizations have still been breached by attackers using a technique called "MFA bombing". In the early days of MFA, text messages (SMS) were used; however, security professionals have been urging people and organizations to switch to better alternatives like Time-Based One Time Passwords (TOTP). Nevertheless, many people still use SMS, which has made it easier for attackers to con telephony providers and perform SIM swapping attacks.

This is a problem faced by traditional and legacy Identity Providers (iDp). When these iDp’s rely solely on usernames and passwords, they may not feel the urgency to replace their business model. However, the consequences can be severe if a large number of companies had their Single Sign-On credentials exposed and sold on the "dark web". In such cases, traditional iDp may use "band-aid" solutions under the guise of "intelligence" by using terms like "impossible travel" and "threat intelligence". However, the root of the problem still remains.

Security breaches like those suffered by Okta highlight the importance of cybersecurity.

Many legacy IAM platforms that claim to support Passkeys often have other issues. One such problem is that these legacy platforms still rely on usernames and passwords as a backup means to access. This defeats the purpose of using public key cryptography and creates a vulnerability for attackers to bypass the added security provided by Passkeys.

Key9 avoids vendor lock-in and potential vulnerabilities by using open standards like "Passkeys" supported by major companies such as Microsoft, Google, Apple, and Mozilla instead of proprietary applications.

Key9 combined various technologies with SSO. The idea behind it is to use public key cryptography to eliminate the need for usernames and passwords. By doing so, we avoid storing sensitive information that could be vulnerable to hacking attempts. In other words, if we don't have your usernames and passwords, there is nothing for hackers to steal.

We still have a long journey ahead, but we hope you'll join us in a future without passwords.