Universal Authentication And Encryption Platform For Securing Next Generation AI Assistants, Web Apps, Systems, Devices And Robots
AUTHENTICATED
ENCRYPTION
Implement our cutting-edge authentication technology to build Next generation Front End And Back-End Apps powered by AI using your favorite language.
✓ Eliminate User Registrations And Sign-Ups
✓ Integrate Authentication in AI Assistants
✓ Single-Sign-On Across Apps, Systems And Devices
✓ Protect your Apps using Application Layer Encryption
✓ Use Token-less Authentication To Protect Back-End API
✓ Enhanced Compliance And Governance Across Apps
Utilize Our GPT Middleware which empowers developers with a secure and compliant framework for building Controlled AI assistants. Our Middleware leverages ChatGPT's capabilities while retaining control over responses and behaviors. With this Middleware, developers can embark on the journey of creating AI assistants confidently. These assistants prioritize user privacy, provide top-quality interactions, and can be tailored to meet individual or organizational requirements.
Authenticate Any User Using Any Email Address Or Any Machine Using A Domain Name Or Resource ID
Use Our Dynamic Authorization Capability Post Authentication Or Plugin your Own Authorization Layer
Enable Application Layer Encryption As Well As Authenticated Encryption Using Our Technology Across Applications
Physically Or Virtually Verify Any User EMail Address Using Our Mobile Application To Prevent Frauds
Encrypt Information To Any User Or Machine By Fetching An Asymmetric Shared Key From Our Platform.
Stolen User And Machine Keys Cannot Be Used By Anyone To Spoof The Identity Of Another User Or Machine
Machine Keys are automatically rotated every 15 minutes and Application Keys are rotated every Month
Use Our Technology To Allow Devices To Establish Direct Secure communication even when they are offline
Enable Authentication in your Java Script App hosted on any Static Web Site
Protect your APIs using our Technology without using any API Keys for authorized access
Our Authentication solution can also protect Applications hosted on plain http protocol
Our Authentication and Token-less solution is completely
Protocol-independent
Users will need to solve an Encrypted QR Captcha before they are granted access to their Login Session.
Users do not need to type any Passwords in the Client Or Browser during login in order to provide maximum security
Cookies can be safely disabled to prevent providers from tracking you since we don't use Cookies
Data can be stored securely across sessions in the local storage using built-in functions offered by our Platform
How Does Our Authentication Work?
HexaEight Authenticator Is Our Complimentary Mobile App, Designed For Users, Resource Owners, System Administrators And Device Operators That Seamlessly Integrates Our Authenticated Encryption Technology.
It Allows End-Users To Scan QR Codes & Authenticate In
✓ Front-End Applications By Authorizing User Agents
✓ Across Operating Systems Using One-Time-PASSCODE
✓ External And Physical Devices like Magnetic Door-locks, Robots, Drones.
✓ Resource Owners Build And Authorize Front-End And Back-End Applications
✓ System Administrators Authorizes Machines And Integrate Our Plugins to Enable Authentication For End-Users Across Operating Systems
✓ Device Operators Authorizes External Devices And Build Apps Using Our SDK To Enable Authentication For End-users In External and Physical Devices.
HexaEight Sessions Is Our Flagship Technology Solution That Enables Authentication Using Encryption Across Web, Mobile, Systems, Devices as well as in AI powered Applications, .
It Uses A Unique Concept Of Token-less Authentication, Relying On Our Patent-pending Encryption Technology To Establish The Identity Of Any User Or Machine.
In Addition, HexaEight Sessions Implements Two-factor Authentication, Using Encrypted QR Codes As An Extra Security Layer To Ensure The Highest Level Of Protection.
HexaEight Sessions can be used in both client and server applications to establish secure communication.
An end user can prove their identity by encrypting information to the server application using HexaEight Session. Similarly the server application uses HexaEight Middleware Session to verify the user's identity and also proves its own identity by sending back encrypted information back to the client application.
HexaEight Sessions Can Also Be Used For Peer To Peer Authentication Like In A Chat Application Or In A Peer To Peer Web3 or Gaming App
Our Technology allows seamless, direct communication between machines using HexaEight Machine Sessions without the need to implement any application.
Our Cloud Platform provides the encryption keys for the source and destination machines, enabling them to establish a secure and authenticated bidirectional communication channel using our cutting-edge encryption technology.
Self Host HexaEight Token Server on any Operating System and Create a Client Application Realm. Apply Authorization Policies To The Client Application Realm
Build A Front End UI And Integrate HexaEight Sessions by pointing to Token Server along with the Client Application ID. Publish your Client Application To End Users
Integrate Our Middleware by pointing to the Token Server. Apply access policies in the Token Server to Protect Your Backend APIs without API Keys
Self Host HexaEight Token Server And Apply Access Policies To Define The Users Who Are Allowed To Login To Your Systems
Integrate Our Authentication Plugin in your Operating System and configure your plugin which will allow users to login to your System using a One Time Pass Code.
Our SDK libraries can be used to build and integrate HexaEight Sessions for establishing secure communication in Devices, Drones and Robots using Raspberry Pi's and can also use CANBUS SDK to allow electronic subsystems to authenticate and securely establish secure communication with each other.
Our Core Technology
HexaEight Encryption
Standard Encryption Techniques like Public Key cryptography use a pair of keys, a public key and a private key, to encrypt and decrypt data. The Public key is used to encrypt the data, while the Private key is used to decrypt it. While this technique ensures the secrecy of the message, it cannot be used to establish the identity of the sender as the Public key can be subject to attacks during the exchange process.
To verify the identity of a user using a public key, a Certificate Authority (CA) must certify the Public key and issue a Digital Certificate. While Digital Certificates and Signatures offer message authenticity, they can be compromised if the private key is misplaced or stolen. In this case, it can be time-consuming to revalidate and issue a new Digital Certificate and Signature
Our Serverless Technology
HexaEight Serverless is our solution that utilizes serverless technology to enable contactless authentication in web applications. If you're looking for a quick and easy contactless login solution for kiosks or registration desks, HexaEight Serverless can meet your needs. However, please note that this solution uses HTTP secure cookies during the authentication process.
Download Our Mobile Application
Please note that our Authentication service is completely free of charge for unlimited users and it will remain free forever, with no limitations regardless of any number of users, the charges you will incur will depend on the total number of consumed client or machine tokens every month.
In order to understand our pricing, your need to understand the below terminologies and the cost associated with them.
SELF-HOSTED TOKEN SERVER
CLIENT AND MACHINE TOKENS
How Much Does It Cost?
What is the Cost Of Tokens?
If you don't have the infrastructure to host our Token Server, we can host one for you for as low as $3 per month. You can then feed the Rapid API Key and use this Token Server for authentication in Unlimited Applications.
Pricing Use Cases
Assuming you have developed a JavaScript Client Application and have 100 Users accessing a database through one HexaEight Middleware Server (HMS) via HexaEight Sessions from your application.
The cost estimate for this scenario is :
1. Authentication for 100 users = FREE
2. One HexaEight Token Server = ~$3.0
3. 100 User Sessions Fetch HMS Client Token * 0.003 * 30 days = $9.0
4. 1 HexaEight Middleware Session * 0.003 * 100 (users) = $0.3
=========================================================
Total (per month) = $15.2
As an Admin you want all your users to login to 5 Linux Systems using SSH by using HexaEight One Time Password. You deploy a token server and add policies and point your Linux servers to an ldap server so that your team of 50 users can login using their email address. You install HexaEight Authentication Plugin on all the 5 Linux servers so that every time a user tries to login, two machine tokens is fetched, one by the Linux Authentication Plugin and another one by Token Server.
The cost estimate for this scenario is :
5 HexaEight System Plugins * 0.001 * 50 (users) = $0.25 per day
1 Token Server * 0.005 (5 Machine Tokens) * 50 (users) = $0.25 per day
1. One HexaEight Token Server = ~$3.0 per month
2. HexaEight System Plugin = $7.5 per month
3. Token Server Additional cost for Machine Tokens = $7.5 per month
=========================================================
Total (per month) = $18
Assume you have have developed a program that allows 50 IOT devices connected inside a LAN to talk to each other by integrating HexaEight Library. You want keys to be rotated every week and you want offline (without Internet access) communication between the devices and allow them to be online once every week for a very short period of 10 or 15 min.
Every device will fetch the Machine token of all the other devices once every week when online and reuse the machine token for unlimited authentication, encryption and decryption of data. All devices establish a direct connection with each other device over LAN. The cost estimate for this scenario is :
1. 50 Machine Tokens * 50 devices * 4 weeks * 0.001 = $10
=========================================================
Total (per month) = $10