Early in 2016, blockchain technology was gaining traction and data breaches were becoming a regular occurrence on news headlines. Realizing that the idea blockchain could potentially solve those breaches, Locke Brown and Nolan Smith created NuID.
After stumbling upon the current methods of data authentication, it became clear to them that something needed to change.
“Everyone’s familiar with the ‘email address and password people,’” Smith said. “You have this email address that you go by and this password that they authenticate you by. But what we found is that those don’t compose very well across services. Each one stores it differently and handles your data differently- some better than others, most bad.”
As they saw it, this problem was rooted in the fact that traditional password-based authentication is symmetric.
“You provide a value, you send that value over to the server, or the authenticating service, and they compare that same value to something that they have previously stored at that server,” Smith said. “If my password is ‘I love my dog,’ they’re going to make sure that what they have on their end is also ‘I love my dog.’ And they basically just say, ‘hey is what they gave me exactly equivalent to what I have stored here?’ If so, they let you in, if not, then you try again.”
In other words, all of your password protection is predicated on matching your input with something stored in the server… That’s it.
So, with all of this in mind, Brown and Smith decided to solve this major security hole with the help of blockchain—a technology that transforms the symmetric nature of current password-based authentications into a more asymmetric design. To do this (in layman’s terms), they “replaced the email address with a pseudonymous transaction ID and replaced the password with a zero-knowledge protocol.”
As explained by Smith, NuID “can expose the same user experience of what people are used to with their passwords, but play a very very different ballgame regarding the sensitivity of data that is being intercepted or when data is accidentally lost or breached.”
With NuID, all the magic occurs behind the curtains. While users may not recognize any difference while using NuID, they can rest assured that their data is being protected by an entirely new, more secure, authentication system.
After developing NuID’s unique solution, all that was left to do was gain wide-spread adoption. Clearly, this was easier said than done. Even now, Smith admits this is a hard process.
“People tend to connect with the problem where, ‘you have a bunch of passwords, everyone has a bunch of passwords, and managing it is kind of a bummer and they’re being breached everywhere,’” Smith explained. “‘And when they’re being breached, you can be impersonated because you probably reuse a bunch of passwords.’ So people can really connect with this. I don’t think this is the hard part. I think the hard part is really about convincing them that what we’re proposing will actually solve those problems.”
However, after “long tedious conversations, selling the problem, pointing to concrete things we thought we could solve, and [with] the support from a group of great investors,” the momentum behind NuID began to get rolling.
Today, NuID is continuing to revolutionize the password-based authentication process and working towards a data breach-free future.
Know what you’re signing up for. Know that you’re not just signing up to build something. You should consider that the easy part. It helps to have a very realistic understanding and perspective on what you’re getting into.
There are dimensions to starting a company that go well beyond what you’re making or what you’re producing. If you weren’t to know that going in, or if you weren’t expecting that, it would be a brutal surprise, and something that if it did take you by surprise, it would be a more questioning experience. You would consider “damn, what did I get myself into.” That’s probably my biggest thing. And knowing that you have to have enough care for everyone on the playing field. You have to have enough desire to see this out there such that it overflows into others. And you have to have enough constantly to share.
Interesting Fact About NuID
It is true that we have an (imaginary) shadow employee, verrrrrrrrrrry similar—some may say identical—in nature and appearance to Ethan Landau, named Ethan Millen. No one has ever seen or heard from Millen since the very earliest of days at the company, to everyone’s utter bemusement. The insider knowledge is that this shadow employee is a result of my thinking, for the longest time after we started working together, that Ethan’s last name was in fact Millen, and called him that to his face for months. So “Millen” basically became a company goblin that we blame for any minor operational mishap, and that seems to work pretty well.
To learn more about NuID, visit them here. To see our interview with Open Listings click here. If you’re interested in the most recent business secrets, check out our Business Knowledge page. If you want to stay up to date with the most recent BWS news, follow us on Instagram and Twitter!