Blog

August 3, 2017
WWPass – Leveraging User Access by Eliminating the Use of Usernames and Passwords

Identity theft is one of the most common forms of cybercrime, especially in the business world. How is it, despite advances in cybersecurity, that hackers are still able to obtain a businesses’ information? Ask any expert and they could give you a laundry list of reasons.

Take two observations of tech entrepreneur Gene Shablygin. Shablygin has worked in IT for over 20 years, and he noticed the growing abilities of technology are enabling cybercriminals to break into personal credentials. Whether it was through social engineering or phishing, Shablygin was taking note of how some security systems were still having trouble protecting user credentials. He also observed the increasing use of surveillance, and how it was diminishing privacy.

In 2008, Shablygin decided to develop a solution in response to these observations. He began developing a technology that would allow users to access their information in a proprietary manner. Shablygin also wanted to implement a feature that would allow access without having to rely on typical login credentials.

Around this time, Shablygin founded WWPass (pronounced World Wide Pass). WWPass is a cybersecurity company in Manchester, New Hampshire looking to protect personal information and help companies manage user access.

Perry Chaffee, VP of Strategy at WWPass
Perry Chaffee, VP of Strategy at WWPass

“The root cause of data breaches usually comes from someone taking usernames and passwords,” says VP of Strategy Perry Chaffee. “If you have a way to eliminate the use of usernames and passwords, it eliminates that cybersecurity risk by 81 percent.”

Chaffee, who has extensive experience with cybersecurity during his time in the Air Force, joined WWPass in June of 2016.

“Cybersecurity is almost like a form of insurance,” Chaffee says. “Companies will say, ‘Oh this won’t happen to my company,’ until it does happen, and then it could potentially be a company killer.”

WWPass eliminates usernames and passwords by replacing them with an authenticator, which the company has named PassKeys. PassKeys come in three different forms: a smartphone app, a USB stick, or a smart card. Another form is PassKey Lite, which is a free mobile app. PassKey Lite allows users to log in by scanning a QR code. To use these PassKey tokens, a business must simply implement WWPass authentication software on its website login.

The company’s newest service is PassHub, which is a reference WWPass technology site and free password manager. Enabled with PassKey/PassKey Lite tokens, anyone can manage login credentials via PassHub for websites that aren’t yet WWPass-enabled.

WWPass Screenshots

One of the company’s strengths with this technology is its use of distributed data; instead of having sensitive user data stored in one particular data center, it’s broken up, spread out and encrypted, making it difficult for hackers to obtain this information in one clean shot. It’s also resilient to ransomware, natural disasters, and other incidents.

Currently, the predominant users of WWPass’ software are within the defense and financial industries, and many of the companies utilizing PassKey and/or PassKey Lite are in Europe.

WWPass Screenshots

However, there is one market WWPass would like to disrupt: streaming services. “The idea of using PassKey Lite for subscription services such as Netflix or HBO Go is appealing,” says Chaffee. “It would allow those companies to gain back revenue from users letting others use their accounts.” While it is a hypothetical scenario, Chaffee believes having a login screen with PassKey Lite for the streaming services would be ideal for those services.

WWPass has been to a variety of trade shows across the country, but last June, the company took part in its first Boston Tech Jam. They were also one of the few New Hampshire-based startups to attend. It was the first time the company allowed users to try out their PassHub platform, and the company received positive feedback from Tech Jam attendees.

“We have participated in trade shows in the past, but the vibe at the Boston Tech Jam was laid back and casual,” Chaffee says. “We spoke with a lot of bright people, and even spoke with other cybersecurity companies.”

Eliminating the use of usernames and passwords could be a risky move. However, with the experience WWPass has with this technology, their PassKey and PassKey Lite tokens could very well be the next big thing.


Colin Barry is a contributor to VentureFizz. Follow him on Twitter @ColinKrash.

Images courtesy of WWPass.