Two-factor authentication with a fusion credential, demonstrated in this GitHub repository, overcomes the UX obstacles that are impeding large scale adoption of cryptographic authentication, by making it possible to add protection against man-in-the-middle phishing attacks, password reuse and backend breaches to a site where users authenticate with email and password, while keeping the same user experience, including the ability to log in on any browser, in any device.
But two-factor credential fusion makes use of an invention protected by a patent, and cryptography-related patents have historically delayed adoption of new technologies. To overcome this additional obstacle to the adoption of cryptographic authentication, I have now introduced a streamlined process for licensing the patent, which may be of independent interest.
The process uses a “DocuSign envelope”, which is a type of workflow document that DocuSign routes by email to participants in a business process. The document is first routed to the patent holder, who applies a “DocuSign eSignature” to a license offer. It is then routed to the client, who adds a “DocuSign eSignature” accepting the offer and pays the license fee. It is finally routed back to the patent holder, who adds a “DocuSign eSignature” granting the license, after receiving the license fee. The completed document with all three eSignatures is sent by email to the parties, and kept by DocuSign in its own storage where it is available as evidence that the license has been granted.
Details of the process and examples of completed documents are available here.
See also:
- Blog post with technical explanation of two-factor credential fusion.
- GitHub repository with the code of a demonstration.
- Graphical pseudo-code of the demonstration.
- Live demonstration running on a Pomcor server.
- The Cryptographic Authentication page of this site.
- The Demonstrations page of this site.
- The Patents page of this site.