Cybersecurity

STARTUP TO WATCH

New Internet Protocol Aims to Give Users Control of Their Digital Identities

The @ Company wants to give you a more secure and human-centric Internet built on providing you with true ownership and control of your personal data.

To that end, the company on Oct. 27 launched an app built on its new privacy protocol. This new standard will attempt to change how online vendors and companies wheel and deal with the personal information of billions of Internet users.

The goal is to take control of your user information from others and give it back to you. Every bit of personal information online is acquired, stored, organized, and used to sell to, track, and even profile everyone on the planet — including you, according to Barbara Tallent, co-founder and CEO of The @ Company.

To kick off the new data revolution, her company released two flagship applications built on the @protocol. A third app is scheduled for release soon.

These apps provide a more secure personal data service, noted Tallent. Once downloaded, these applications can only be unlocked by a personal online identifier, known as an @sign.

“The @sign protocol allows for true peer-to-peer online interaction that is completely secure and ultimately customizable,” said Tallent. “Your data never enters our servers, or anyone else’s, only your server because the protocol simply connects the two devices and validates that they are who they say they are.”

From there, the data is transferred directly to its the other person without a middle man, she said.

Sign of Better Protection, Maybe

This new protocol could be an ideal security improvement for non-business users who lack their own IT servers. It could even make using the Internet safer for users’ personal data when working from home.

“We provide personal, reliable, and secure @servers for all activated @signs for free and will continue to do so. We do expect others to offer them as well, and there may be some charges for heavy usage customers at some point,” Tallent told TechNewsWorld.

The @sign protocol is designed for individual users as well as companies. A number of systems integrators will help companies to implement the protocol as well as third-party developers who will create enterprise-class solutions based on the @protocol as an open-source reference implementation, she said.

Registering your own @sign is hassle-free, Tallent noted. It is a simple process of picking a free or custom @sign of your choice and then pairing it with one of the @compliant apps on your mobile device.

“We only collect the minimum information needed to contact you, such as email or phone, but not your name and address. The free @sign generator (we call it @sign-o-matic) in particular is actually fun to use,” she explained.

Perhaps a Reach Too Far

The @sign approach addresses privacy and places user data tied to the solution initially within the user’s control. However, this is kind of like closing the barn door after the cows have escaped, according to Rob Enderle of the Enderle Group.

“Much of this data is already in the public domain, and methods to capture users’ data remain both prevalent and very difficult to restrict,” he told TechNewsWorld.

What might work, Enderle added, is restructuring the Internet to default to @sign, force the elimination of data capture methods outside this solution, and force the deletion of records that did not comply. In that case, you might be able to provide the security level that @sign potentially could provide.

“Accomplishing those other steps, at this time, internationally, seems impossible, however,” he insisted.

Do not get Enderle wrong, he continued. If broadly adopted, @sign would make people safer, but it will not perform optimally unless this process becomes the only process for gathering and protecting user data and damage done from past bad practices is destroyed with prejudice, he clarified.

No Cost, Low-Cost Entry

@signs are available at no cost. Personalized @signs are available for purchase. The actual cost, however, is unclear.

The cost of an app is completely up to the app developer, according to Tallent. Meanwhile, her company is working to create new sources of income that encourages trust and privacy.

“The initial three apps that we are announcing are free. The auto-generated @signs are free too. The only thing we charge for is a “vanity” @sign. Like getting your first name/last name,” she clarified.

@Sign Unwrapped

An @sign is similar to a username with one critical distinction. Instead of using the protocol to access online services, online services use your @sign to access your information without “seeing” it or storing it.

Your personal @sign is a gatekeeper to your data. The protocol only allows its use based on your terms.

Traditionally, user data is stored on servers around the globe that are wholly owned by companies. Instead, the @protocol stores your encrypted data on your own @server accessible only to you.

The “key” to your own server is stored on your phone, or tablet, or whatever personal device is most safe so it can be only accessed by you. The @sign even enables you to control who can access your data, for how long, and what it can be used for.

 

“We understand that even the most perfect data sharing protocol in the world is not useful without the right IRL (in real life) applications,” said Tallent. “This is why we have worked with some of the most creative and innovative app developers in the game to build three core applications that showcase just how powerful the @sign protocol can be.”

More @sign applications will launch later. This is just the beginning, she promised. As the @sign community grows, so too will our community of applications.

Meet the Apps

@persona lets users curate a public profile, safely store important, personally-identifying information like your contact information, location data, social media profiles, and more. When a company or individual seeks to gain access to your personally-held data, the app prevents them from getting anything you do not wish them to have.

@buzz rebuilds the way users organize contacts and groups through peer-to-peer communication in a drastically simplified process. Every time you make a change to your profile — be it a new email address, phone number, mailing address, etc. — all approved contacts will receive that information, automatically.

@mosphere enables completely encrypted peer-to-peer file sharing over the Internet in real time. The @sign’s inherent security provides the framework for transferring sensitive information across any mobile device, regardless of location, without fear of interception. Data is never stored on a server in the cloud. It goes directly to the recipient, safely and instantly.

Tallent expects a number of simple P2P utility applications to come first. Her company is working with over a dozen third-party developers on a wide range of apps. The main focus is new, fun experiences from these apps.

New App Ecosystem

The third-party apps are easy to develop with Google’s Flutter SDK toolkit, according to Tallent. Her company currently operates the @servers and will continue to do so.

“But we do see other players offering that service over time as demand peaks,” she added.

Developers have about 30 percent less coding to do with the @protocol, partly because they do not need to set up user data. Developers can also create P2P apps with some real creativity, Tallent noted about third-party apps some developers already have in the works.

Attestations are also something on which her company is focused, to encourage a trust-based ecosystem so people do not have to share their confidential information with everyone, she said.

“Users can get an attestation from a reliable third-party that can attest you are who you say you are or any other ‘attestment’, on perhaps your age or credit score,” Tallent explained.

Creating a New Security Approach

One of Tallent’s goals is to create a new security layer for Internet transmissions. She believes that systems like email that expose an underlying unique identifier and no ability for a person to control access to it will over time be enhanced or replaced.

“Such a transition will be gradual at first but is inevitable as people understand the value of privacy and control the @protocol provides,” she suggested.

The protocol enables peer-to-peer interactions. The company will eventually certify apps to ensure compliance. Things like company email accounts can be incorporated as well without any change.

“I can share one email with one group of people and another email with a different group of people, and keep everyone up to date with any changes that may come about. Once an email address is shared, it is in the wild and at the moment will still have the inherent problems that result,” she added.

Compliance Factor

The @protocol has compliance to privacy regulations such as GDPR and CCPA built in. It addresses privacy at the protocol layer versus the application layer.

This is a benefit to companies and to developers, who no longer have to shoulder the burden of compliance, according to Tallent. When using the @protocol, they do not own customer data. The customer does.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

2 Comments

  • I don’t mean to come off as stupid, but I would like to participate in this and encourage as many other people to participate as I possibly can. But I fail to figure out how to obtain the apps or download anything. Where and how do I install what? @persona is not in the google app store except for a place holder. The article should be clear on how and what to do to participate. Thanks to anyone who can enlighten me.

    • Hi jpslcut:

      I apologize for not responding sooner, but I was just made aware of your post and wanted to respond as soon as I saw it.

      We would love your participation and appreciate your feedback.

      I would be happy to walk you through how to get started. If you could please contact me ([email protected]) and let me know the best way to connect with you, then I AM sure we can get you going and answer all your questions.

      Thanks and look forward to speaking with you.

      Kevin Nickels

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Cybersecurity

Technewsworld Channels