Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Privacy-first design
User privacy has been a top concern since our inception
Customer-centric
Our products were built of personal necessity, not greed. We truly want to do good for end users.
Looking out for end-users
We care about privacy
We want to give you control over your online identity by placing your private key securely in your phone, in your possession.
Allthenticate is proudly backed by
Allthenticate is proudly backed by
Data that we DO NOT collect
Location
We do not explicitly log your location, nor does the Allthenticator app allow employers to collect any data, including location, from your phone. There are plenty of other companies that do this, but we are not one of them.
PII
Outside of your email, first name, and last name, the Allthenticator app does not ask for, or store, any personally identifiable information (PII). We simply provide secure authentication and communication.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to use proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be inferred
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Data that we DO NOT collect
Location
We do not explicitly log your location, nor does the Allthenticator app allow employers to collect any data, including location, from your phone. There are plenty of other companies that do this, but we are not one of them.
PII
Outside of your email, first name, and last name, the Allthenticator app does not ask for, or store, any personally identifiable information (PII). We simply provide secure authentication and communication.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to use proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be inferred
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Data that we DO NOT collect
Location
We do not explicitly log your location, nor does the Allthenticator app allow employers to collect any data, including location, from your phone. There are plenty of other companies that do this, but we are not one of them.
PII
Outside of your email, first name, and last name, the Allthenticator app does not ask for, or store, any personally identifiable information (PII). We simply provide secure authentication and communication.
Personal Usage
What you do with our products in your personal life is your business.
What you do with your employer's resources is literally their business and they have a right to know.
Data that we DO collect
Crash Dumps
Public Key Data
Logs
Usage Metrics
Billing Info
We use Sentry to collect crash dumps from all of our products to make sure that we aware of problems and can fix this as fast as possible. Similarly, we use Mender to manage firmware updates and perform remote debugging for our hardware readers. We encourage all of our customers to use proper VLANs and network isolation with our hardware and other IoT devices.
Data that could be inferred
While we do not collect this data explicitly, we want to be transparent about exactly what Allthenticate does have access to.
When you are using our product
The app connects to our servers using SocketIO (HTTPS) to handle web login attempts, receive updated access control lists, and communicate with other resources in our ecosystem.
Thus, it is technically possible to infer when a particular user is using the app (we must know which phone belongs to which user to send the appropriate request) and must similarly know which resource they are interacting with (the origin of the request).
Where you work
Your account is necessarily bound with your employers.
Your role at work
Employers may create groups, which might be very descriptive (e.g., IT Staff), and therefore is visible in our database.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We do not sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We do not abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from the Allthenticator can be used to actively track you. All of the data is processed locally on your device.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect customer data.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We do not sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We do not abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from the Allthenticator can be used to actively track you. All of the data is processed locally on your device.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect customer data.
Our Pledge to You
We will always maintain an honest relationship with you about what data we collect and how it is used.
We do not sell your data
We sell authentication products, not data. While we will use analytics data internally to optimize our products and your experience, we will never sell any of your data, including whether or not you are a user, to external firms.
We do not abuse our power
As an authentication company, we work in a critical layer of your stack. We will never use this power to unlock things that we should not.
No Tracking
Nothing from the Allthenticator can be used to actively track you. All of the data is processed locally on your device.
Will will protect your data
While 100% security guarantees are impossible, we will always use best practices and employ the best security principals to protect customer data.
Privacy-Preserving by Design
When designing our architecture, goal was to protect everyone's privacy, even if we went totally rouge. So, there are preventive measures in the core architecture.
When designing our architecture, goal was to protect everyone's privacy, even if we went totally rouge. So, there are preventive measures in the core architecture.
Phones Listen, Not Beacon
Our app passively listens for BLE beacons and will only take any action when a device that it cryptographically recognizes is nearby. Preventing any attempt of actively tracking users' phones.
Our app passively listens for BLE beacons and will only take any action when a device that it cryptographically recognizes is nearby. Preventing any attempt of actively tracking users' phones.
Anonymized Identity
Every phone, door, computer, etc. only exposes a random UUID and public key that has no association to their identity.
Every phone, door, computer, etc. only exposes a random UUID and public key that has no association to their identity.
End-to-end Encryption
Every device in our ecosystem talks directly to each other over encrypted channels — protecting you against man-in-the-middle attacks.
Every device in our ecosystem talks directly to each other over encrypted channels — protecting you against man-in-the-middle attacks.
Open-Source Software
We will always try to be as open as possible
ABle
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
Open-Source Software
We will always try to be as open as possible
ABle
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
Open-Source Software
We will always try to be as open as possible
ABle
Check out our multi-platform BLE library
Able stands for Allthenticate's BLE Peripheral Library. It serves the purpose of enabling the abstraction of using a BLE Peripheral on Ubuntu, macOS, and Windows based systems without having to adapt your software to have platform specific support.
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
More questions about privacy?
How do I delete my account permanently?
How do I know I can trust Allthenticate?
How do I propose ideas for making Allthenticate even better?
How long are logs kept?
Can my employer track me through the Allthenticator app?
808 Travis St, Houston TX 77002
808 Travis St, Houston TX 77002
808 Travis St, Houston TX 77002
Disclaimer: Conflict between this page and any separate data security and privacy terms under a customer agreement shall be resolved in favor of those terms under the customer agreement.
Disclaimer: Conflict between this page and any separate data security and privacy terms under a customer agreement shall be resolved in favor of those terms under the customer agreement.