Paul Bass Photo
Rapini (at center above): Phone theifs don't have your face.
Trick question: What’s your password again? For each of your 4,256 apps?
Trick answer: Soon you might not need to scratch your head, yell into cyberspace, and wrangle with the cloud or your devices to remember.
At least not if Dominic Rapini and “The Authenticator” succeed in their message to thrust passwords into the DVD-8-track-Blackberry-modem dustbin of tech history and make logging in safer.
Rapini recently took on that misson as CEO of a local start-up called Queralt, which this spring is bringing to market a passwordless way for hospitals, private corporations, universities and other large employers to have their workers open apps on their mobile phones.
The product is called The Authenticator QX509. Developed with $3 million in seed funding, including support from the Department of Homeland Security, QX509 is designed to replace passwords with a secure, decentralized authentication system. The software functions as a third-party add-on, allowing users to verify their identity using a combination of a registered mobile phone, verified biometrics, and a unique PIN — stored locally on the device, rather than on a network. People use one PIN and show their face to get into all their apps.
Unlike traditional password-based systems, QX509 eliminates the primary target of cyberattacks, CEO Rapini said in an interview on WNHH FM’s “Dateline New Haven.”
“Ninety-one percent of all data breaches stem from lost or stolen passwords,” he said. Removing passwords from the equation makes large-scale hacks harder to pull off.
“We verify your identity using secure documents like Real ID or an enhanced driver’s license. We then place a verifiable certificate [private key] on your phone — one that is unique to you, your device, and your identity. When you access a network, our system matches the certificate on your phone with a public key on the network, replacing the need for a password entirely,” Rapini said.
“If someone steals your phone, they don’t have your face, and they don’t have your PIN number. … A phone is of no value without the biometrics and the PIN number.”
Rapini worked for 39 years in tech (aka “computers”), including decades at Apple. He came out of retirement after his friend David Cook and partner Michael Queralt obtained patents and developed the product. Now Rapini is in charge of lining up corporate customers, building a team, and raising another $15 million in investment.
QX509 is going up against competitors like Fido2 in a $25 billion passwordless authentication market that’s projected to grow to $142 billion by 2034, according to Rapini. Click on the video below to hear the full conversation with Rapini on WNHH FM’s “Dateline New Haven.” Click here to subscribe or here to listen to other episodes of “Dateline New Haven.”