1. Why Rivetz?
Steven — There is a real need to support embedded hardware security in every application. It improves the quality and value of the subscriber relationship and it provides the foundations for a simpler user experience. Carriers have proven the value of embedded security in their networks for years. Rivetz is committed to providing every app developer with access to carrier grade tools to protect their services and their customers.
2. Who is behind Rivetz development? Backgrounds?
Steven Sprague CEO — Steven is one of the principal industry evangelists for the application of trusted computing technology. Steven served as President and CEO of Wave Systems Corp. for 14 years before transitioning to the board of directors. A popular speaker on cybersecurity and trusted computing, Steven has a strong technical foundation in the principles, capabilities, and business models of incorporating trusted hardware into everyday computing — and is skilled at translating these concepts into layman’s terms.
Michael Sprague CTO — Michael is an original web veteran. He developed and directed products spanning digital micro-transactions and trusted execution networks in the nineties, interactive TV and network video distribution in the aughts, and device identity and social media privacy more recently. Michael’s career began as a developer and architect for a small but prestigious consulting firm that was contracted to redefine the global banking system for such clients as JP Morgan, Citibank, and Fidelity.
Sean Gilligan VP Blockchain — Sean is a seasoned software developer and leader with 30 years of industry experience. He started his career in software engineering as a teen, and in the ’90s, led a consulting firm that built products for clients that included Apple, 3Com, Novell, Silicon Graphics, and SUN Microsystems. He founded a company that developed a platform for publishing and managing streaming video and licensed that technology to Apple, Unisys, Nikkei and others — making him a pioneer in publishing user-generated video content before YouTube. He has developed mobile applications for Turner Broadcasting, Kaiser Permanente, Universal, and others. As an expert in networking and distributed systems, his background and interest in economics led him to Bitcoin in 2013. Sean began developing Bitcoin-related software in 2014, the same year he joined the Omni Foundation (then Mastercoin). He led their efforts in devops and testing, and created the OmniJ project. He also was the lead developer of ConsensusJ. He joined Rivetz as a blockchain consultant before signing on full-time in 2017
3. How does the Rivetz Authenticator works?
Michael — By the defined standards protocols. Our implementation is different because it uses the device hardware to store your codes and ask for consent. It’s the difference between showing up with a rock or a picture of a rock. We also think its better than the competition by offering backup features and a great UI.
Nevertheless, it’s a demonstration of what we do. The Authenticator is not complicated. It’s the rock, the true cryptography that it uses, that defines our purpose and focus.
4. How does the Rivetz Authenticator stacks up versus Google and Authy?
Steven — Rivetz is storing the seed keys for the authenticator in tamper resistant hardware embedded in the hand set and providing full use of the advanced security features on millions of phones such as secure display. This assures that Rivetz can offer a state of the are hardware authenticator but embedded in the phone.
Rivetz also has the advantage of embedded hardware security and business logic that enables next generation features for back up and device to device sharing as well as physical presence proof and other important capabilities that are generally reserved only for external hardware tokens.
In addition, Rivetz support a whole new model for external Cybersecurity controls and attestation services as part of each transaction. These token operated services provide a next generation business model and new services for consumer and enterprise.
5. Is Rivetz Authenticator safer than U2F?
Michael — There is no straight answer to this. The question, in its nature, has largely been the bane of all cryptographic systems. If you can’t quantify it then don’t bother using it. So we stick with human passwords. We all know that a computer is probably better at remembering long numbers and doing deep math, yet we want proof. Is my house safer than your house? Would anyone certify that? Brick houses are susceptible to acid rain and trebuchets. Sorry for your concern. Return to your straw house.
At Rivetz we aim to humanize digital security. Employ the best tools available to make real security really approachable. Give it a score. More security with less hassle is probably better, but no one can make promises.
The Rivetz Authenticator uses state-of-the-art capabilities such as Trusted User Interface to communicate with the user. We think its the best, but we’ve paid equal attention to usability. If you use it, or better yet, if you use it without thinking about it, then it’s safer.
6. What other tools is Rivetz working on?
Michael — We have a few other apps that are built on our rock (our core). These are apps that are “riveted”. Our partners are working on apps as well. Our mission is to help all these efforts deliver a superior user experience by providing better privacy and encryption with less user harassment.
7. Rivetz specs and how this translates to English for non-technical speakers?
Michael — Through relationships with manufacturers and others Rivetz is able to bind trusted software into a device. Trusted, meaning we wrote it. No one messed with it. No one can watch it. And yet it runs in your pocket, even on the top of Mount Everest.
Our business is to share this with our partners. We call them service providers. Each service provider can define secrets (keys) it wants your device to hold and then define policies that govern how these secrets can be used.
For example, the Rivetz Authenticator is a Service Provider (albeit one we own). It uses the rivet to securely store the 2FA seed in device hardware. It also attaches a policy that says, “don’t use the secret unless the user says OK”. The rivet is capable of executing this particular rule, asking for confirmation by directly writing to the screen of the device. The native operating system is not present when that happens, meaning no malware.
But that’s just one type of rule. We also support (soon), “use of this key requires X RvT” or “use of this key requires health attestation from https:/x” or “use of this key requires geo coordinates between X and Y”
We’ve built the infrastructure. Our mission now is to support new types of secrets and new types of policy. With the right toolbox, our partners will soar and so shall we.
8. Rivetz had an ICO, how much was collected and how funds are being invested?
Steven — The company pre sold 18 million dollars in cyber security controls to customers. These capabilities provide the advanced provable cyber controls that are critical to meet the GDPR policies that many companies are putting in place.
9. Why Rivetz is unique, and why it will thrive?
Steven — Rivetz is focused on delivering a better user experience and higher quality subscriber for any service. We believe security is a technology that helps us to deliver this value. Security is not the goal, security should be invisible. Rivetz has a clear vision and a great team. together we will deliver a new model for the protection of Digital assets, Iot and Cloud services. Building global relationships with companies like Telefonica provide the global distributions and market strength to build a path to great success.
Michael — No company has a master formula. Trains and televisions were invented and deployed competitively. In fact, returning to my background, I’ve spent many lost years working on ideas that were too soon. The president of Comcast kicked me out of the room in 2006 saying, “no one will ever watch TV on a PC”. One just needs to be in the right place at the right time and very well equipped.
What sets us apart, and gives us a very good chance at success is our relationships, our experience and our people. Through Telefonica, Trustonic, Samsung and others, Rivetz has a path to “Rivet” a billion or more devices. These relationships derived from decades of industry experience. Likewise, we’ve developed this technology multiple times. We’ve tested the design against hundreds of markets.
We’re ready. And now we have RvT to make application usage simple.
10. Who is Rivetz closest competitors, how different are they?
Steven — The trust platforms are open and can be used by others, Rivetz has an advantage in the products and services we build are designed to make the solutions simpler for third parties and build a bridge across multiple devices. Rivetz is not building a security product but a platform to enable a simpler and safer user experience and a more valuable subscriber relationship. The use of a device to bridge advanced cyber controls to online services and provide the proof the controls are in place offers a completely new paradigm for enterprise and personal security online.
Michael — Our competition is ingrained culture. People treat their “smart” phones as dumb phones, when it comes to the Internet.
11. What current partnerships Rivetz has and what will be its purpose?
Steven — Partners fall into three categories
Application partners who help us to build the richness of the consumer experience and show how multiple applications can build the global network effect as well as the consumer value. From Identity to Crypto to Iot to other services Rivetz partners build the real experience.
Distribution partners help Rivetz build the global network effect that assures our application partners access to a growing valuable network of users that can securely communicate and expect a better subscriber experience.
Security services who deliver the advanced cyber security controls that help users to enforce the policies and controls they require to use services that deliver value and protect their digital assets.
12. Plans for other exchanges?
Exchanges all need security Rivetz is launching in a few weeks and advanced 2FA with external cyber controls and backup that will move the market from Risk to Trust. An exchange that supports Google Authenticator will not have to do anything to support the capabilities for their customers. With the launch of the Rivetz Developer tools a simple confirmation service will become available that will provide the state of the art in Multifactor authentication for financial transactions. We will work with exchanges to implement these services and deliver a more secure experience. We hope exchanges will see the benefits of advancing security and supporting the hundreds of millions of Rivetz capable customers that are looking for safer transactions. Ultimately, the token powered services will need tokens to operate we believe that ever exchange will want to offer Rivetz tokens to their customers.
13. What is/will be Rivetz marketing plan? Funding?
Steven — Up until now, our biggest focus in marketing has been in our business development efforts. We’ve built a reputation in the industry as being experts in cybersecurity, particularly in the crypto/blockchain space. The partners we have been signing up will begin to use our toolkit as we roll it out over the next few months, and their products that implement our tools will be a great way to market our tools to other companies.
14. With Telefonica being a non-related crypto/blockchain based company how exactly did this partnership come about? Who approached who? Were they skeptical at first knowing Rivetz was a crypto based company? Or was it basically a no brainer to them due to the tech and possibilities Rivetz could offer?
Steven — I believe this is important to know as it shows a promising future to further partnership adoption toward other non-related projects/companies incorporating Rivetz into their business.
They called us and expressed a desire to work with us last summer when we were marketing the ICO. They wanted to be part of the growing global revolution for identity services, payment, remittance, storage, microtransactions — the things their users are interested in and will be transitioning to.
This is also a lot of importance, because all European companies are changing their policies in deadline mode. One of the interesting points is that GDPR is going to force people to shift from controls to provable controls — and Rivetz is laying those foundations.
Most of crypto people have some sense of infosec, due to the importance to keep our emails and accesses to exchanges safe. And with the increasing importance of cryptocurrencies and the Internet of Things, we all will like to feel safer in this space, although Google Authenticator and Authy are good options, they are NOT the safest and still vulnerable to willing hackers.
Rivetz is laying the foundations of the next generation consumer-end of infosec, were your keys to access your cyber life will be kept safe from harm's way.
If you enjoy the read, follow me on Twitter, is good for Karma.