Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about your privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about your privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about your privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Data that we DO NOT collect
Location
We will never collect your location, nor will we allow employers to collect data from your phone. There are plenty of other services that do this, but we will never be one of them.
PII
Outside of your email, first name, and last name, we will never ask for any personally identifiable information (PII). We just provide secure authentication and communication, the other services can handle the PII.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be infered
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Data that we DO NOT collect
Location
We will never collect your location, nor will we allow employers to collect data from your phone. There are plenty of other services that do this, but we will never be one of them.
PII
Outside of your email, first name, and last name, we will never ask for any personally identifiable information (PII). We just provide secure authentication and communication, the other services can handle the PII.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be infered
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Data that we DO NOT collect
Location
We will never collect your location, nor will we allow employers to collect data from your phone. There are plenty of other services that do this, but we will never be one of them.
PII
Outside of your email, first name, and last name, we will never ask for any personally identifiable information (PII). We just provide secure authentication and communication, the other services can handle the PII.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be infered
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We will never sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We will never abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from your phone that can be used to track you will ever be sent to us or your employer.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect our customers data.
Moreover, if we fail at protecting your data or your security in any way, you will be first to know.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We will never sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We will never abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from your phone that can be used to track you will ever be sent to us or your employer.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect our customers data.
Moreover, if we fail at protecting your data or your security in any way, you will be first to know.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We will never sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We will never abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from your phone that can be used to track you will ever be sent to us or your employer.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect our customers data.
Moreover, if we fail at protecting your data or your security in any way, you will be first to know.
Privacy-Preserving by Design
When designing our architecture, goal was to protect everyone's privacy, even if we went totally rouge. So, there are preventive measures in the core architecture.
When designing our architecture, goal was to protect everyone's privacy, even if we went totally rouge. So, there are preventive measures in the core architecture.
Phones Listen, Not Beacon
Our app passively listens for BLE beacons and will only take any action when a device that it cryptographically recognizes is nearby. This prevents any attempt of tracking users phones.
Our app passively listens for BLE beacons and will only take any action when a device that it cryptographically recognizes is nearby. This prevents any attempt of tracking users phones.
Anonymized Identity
Every phone, door, computer, etc. only exposes a random UUID and public key that has no association to their identity.
Every phone, door, computer, etc. only exposes a random UUID and public key that has no association to their identity.
End-to-end Encryption
Since every device in our ecosystem talks directly to each other over encrypted channels, there is no way to infer what actions are being performed by an outsider.
Since every device in our ecosystem talks directly to each other over encrypted channels, there is no way to infer what actions are being performed by an outsider.
Open-Source Software
We will always be as open as possible
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
Open-Source Software
We will always be as open as possible
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
Open-Source Software
We will always be as open as possible
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
808 Travis St, Houston TX 77002
(833) 510-4424
808 Travis St, Houston TX 77002
(833) 510-4424
808 Travis St, Houston TX 77002
(833) 510-4424