We caught up with Henry, our Crypto and Data Security Expert to help answer some key security questions about Yoti.
Traditionally companies store all of their customer information in one big database, which then becomes a hot target for hackers. This is why in many data breaches, people have lots of personal information – such as their name, email, address and date of birth – exposed. At Yoti, we don’t store data this way – we do not have one big honeypot of user data for someone to target.
Let’s take the example of a car to help explain. Imagine if you stored your car in a garage, with the keys left on a hook by the door. If someone broke in they could easily take the keys and drive away in your car. At the Yoti garage, different parts of your car are stored in different garages. So the steering wheel is in one garage, the tires in another, the keys in one, and the brakes in a different garage. Only you have the keys to each of these garages. If someone else managed to get one of these keys, they would only be able to unlock that one garage – all the other parts of your car would be safe. Without all of the parts of the car, it’s pretty useless to someone else. They won’t be able to steal your whole car if they only have your tires.
When someone creates their Yoti, we take every single piece of their information, encrypt it, separate it and securely store it. Only the user has the keys needed to unlock and access their data. This means there is not one big database (or garage) for someone to access – helping to safeguard personal data.
Encryption is a mathematical process which takes information or data and scrambles it into a seemingly random sequence of unreadable characters, using an encryption key (which is like a password). Someone who has the key can then decrypt the scrambled data and turn it back into the original information.
Encryption is important because people value their privacy and anonymity – nobody wants to share every detail of their online lives with everyone else – and encryption enables us to keep our data safe from prying eyes.
When you add your ID document to Yoti, we extract the individual attributes (such as name and date of birth) and individually encrypt each piece of this data. We then separate your information and securely store each piece using a different code. So your photo, name, date of birth and so on are all stored in separate areas with a unique code. We have built our system in such a way that you’re the only person who has the key to unlock these codes to see your information. Yoti then has a key to encrypt each individual user key. So there’s multiple layers of encryption – each piece of data is individually encrypted and stored, and then the key to decrypt that data is also encrypted.
People could try and hack any company and with data breaches happening on a regular basis, unfortunately it’s becoming a daily issue that affects everyone. However, as mentioned earlier, because of the way Yoti stores user data we do not have one big database full of user data for someone to target.
In the unlikely event that a hacker compromised our systems and also managed to crack our encryption (Yoti uses the strongest level of encryption keys), they would not be able to see enough information to reveal your identity, protecting you from the risk of identity theft. This is because each piece of your data is stored separately so a hacker might see your date of birth but they would have no way to link this to your name or other personal information.
We’ve also asked security companies to do full architectural reviews of our systems and no major problems have been found. Given that we are providing people with a digital identity, we take security very seriously and do continuous audits of our systems to ensure we are always using the highest security to keep data safe. We’re a security company and if we weren’t confident that we could keep your details safe, we would not release products.
To help explain, let’s imagine the Yoti garage again. You put each part of your car in a different garage, so you place the steering wheel in one, the tires in another, and the keys in a third garage. You then put the keys to each of these garages in a safe, which the security guard has the key to, and you take the safe home with you.
This is the same way data is stored at Yoti. Each piece of user data is encrypted and stored separately, and only the user has the key needed to unlock and decrypt their information. Yoti then has a key which encrypts and protects the user’s key. The user’s key is stored on their phone so if someone hacked their phone, the hacker would not be able to read and access their data because the phone’s key is protected by the key Yoti holds.
In the very unlikely event that someone managed to hack both your phone and the Yoti system, the keys Yoti have to decrypt the individual user keys are securely stored in a dedicated Tier 3 UK data centre so the hacker would also have to gain access to this. If this unlikely situation happens, only the one person who has had their phone hacked would be at risk of having their information accessed. All other Yoti users and their information would be safe. The hacker would need to hack every single Yoti user’s phone to access their individual key, then hack the Yoti system and then access the physical data storage.
Good question. Adding your ID documents to your Yoti means you can leave them safely at home and worry less about losing them on nights out, showing too much personal information at once or having to send photocopies that leaves you open to fraud risk.
Our ID documents are very valuable which is why we’ve taken many steps to ensure our systems have the strongest levels of security in place to protect your information. Firstly, we don’t store the original ID documents. We simply extract the information from the document when you create your Yoti. No documents are stored so there is not one central database full of passports and driving licences – this simply doesn’t exist within Yoti.
Secondly, each piece of your personal information (name, date of birth etc.) is individually encrypted and securely stored. Only you can access this information and you decide who to share this with. For example, if you would like to get into a nightclub, they could ask to see your photo and date of birth, and you choose whether to share these details with them or not. Compare this to how you currently prove your identity: you have to hand over your ID document, revealing far more information than necessary. Furthermore, when you share information using Yoti, it doesn’t leave the Yoti ecosystem – you only share your information with other Yoti users so it’s a closed network. Only the person or business you have chosen to share details with can see the information.
We don’t ever share the original ID document – we only share specific attributes from the document. For example, if someone needs to prove to a business or website that they are over 18, they don’t even have to share their full date of birth, they can just share ‘Over 18’. These details are verified against the ID document so the business can have confidence that the details shared are real and accurate.
By just sharing the data required, people won’t give away so much information which helps protect them against the risk of identity theft. Additionally, by not sharing a photo of the document, somebody else does not have all of your personal information so cannot forge your ID document. They can only see the specific data you have chosen to share with them.
When you share information with another person or business, it stays within a closed Yoti ecosystem as both parties need to have Yoti to access the information. In comparison, when you email a copy of your ID document it can sit in someone’s inbox which could easily be hacked or accessed by another person.
We use the industry’s strongest TLS encryption for sending data which we believe to be fully secure. We believe that each layer of the encryption would take a hacker hundreds of years to break, so unless they are planning on living for a long long time, we’re confident these layers will remain encrypted. When you share your information with another person or business, even Yoti can’t see the data exchanged – it can only be seen by the two parties.
Each Yoti account is verified using genuine government issued ID documents and personal biometrics, so you can be sure identities are verified correctly. When someone creates their Yoti account, we ask them to take a selfie so that we can match this to the photo on their ID document. We have a team of highly skilled identity checkers who are experts at recognising faces and ensure someone isn’t trying to use another person’s ID document.
We also have measures in place to make sure fake and fraudulent documents are not being used. Unfortunately, it’s fairly easy for someone to obtain a fake passport so we ensure only valid and real ID documents can be used to create a Yoti. We are also a member of Cifas (Cross Industry Fraud Prevention Service), and have connections with National Fraud Intelligence Bureau and Operation Amberhill to report any false documents people try and use.
On the security side of things, yes there’s a lot of complicated stuff going on because we take security very very seriously. However, Yoti has been designed and developed for everyone to use – we want as many people as possible to use Yoti to make their lives easier and more secure. So we built the app so it’s nice and simple to use – all of the high tech stuff happens in the background.
We also have a team of user experience experts who regularly talk to members of the public to find out how they use Yoti, what improvements could be made and what other features they would like the app to have.
If you log into a website using Facebook Connect, the website would have access to some of your Facebook information so it’s likely that you are giving away more information than necessary. Facebook would also know which websites you are accessing. Plus, if someone stole your Facebook login details they could then log into all of your other accounts at the click of a button, putting you at a very high risk of identity theft.
Yoti doesn’t track where you’ve been or which websites you have logged into with Yoti – the information is only shared between you and the website. Someone would also have to steal your phone, know the PIN, and then need the PIN to your Yoti account (which cannot be the same as the PIN on your phone) in order to use your Yoti to log into websites.
It will make your online life simpler and more secure.
Our shared sense of purpose – everyone at Yoti wants to make a secure product that is easy to use.
If you have any other security questions which you’d like Henry to answer, then just let us know!