bitcoin:
Security is one of the hottest topics in today’s ever-evolving digital world. A steady flow of debate continues to take place at tech forums worldwide on topics like encryption, passwords, two-factor authentication, hardware wallets and the like.
As cryptocurrencies and the tools being used to manage them take shape, questions loom about the most efficacious ways to protect both user assets and privacy. One individual who is at the epicenter of this active space is Paul Puey. He is co-founder and CEO of EdgeSecure, a blockchain-inspired, decentralized, open-source, zero-knowledge, global information security solution platform. Airbitz, his signature enterprise was birthed in 2013 as a bitcoin wallet provider and merchant directory. Today, he’s orchestrating a rebrand of this wallet, now called EdgeSecure.In an interview with Bitcoin Magazine, Puey talks about the tricky balance between new security and privacy measures being introduced and user experience. He also explores an emerging theme called “securing the edges” that forms the basis of his current workBM: What sort of problems are you attempting to solve these days? PP: The aspect of cryptocurrency we initially wanted to address revolved around how to effectively use secure keys. That was the impetus behind our decision to build a feature rich, functionally rich wallet at Airbitz over the years. We feel like this has really differentiated us in the whole area of key management. BM: How does your concept of EdgeSecure fit in here? PP: Our goal has been to broaden Airbitz by turning our key management standard into a platform for other apps. Even before we rebranded, we were already using the term Edge Security to examine how to come up with a solution that’s different from enterprise security. We view our approach as fundamentally different in the sense that we’re not trying to make a router or server more secure. Rather, our aim is to take data and secure it before it ever hits a device. In short, we are able to secure data before it goes out onto a network or server. People and their devices are what we are trying to secure. That’s where the term Edge comes from — before a user’s data ends up on their device, goes out to a network, goes onto a server — the encryption of that data happens first, as we say, “on the edges.” BM: But what about server networks? PP: We still believe that server security is important. But the visibility and encryption of that data all happens first before the data gets saved, broadcast and sent out on the network or gets onto a server. The concept of making data private and secure to the point where only the user can access it “on the edges” has never been an area of focus for cybersecurity companies. BM: So, in a nutshell, how does all of this actually work? PP: It works through a combination of technologies we’ve had for decades but have never been packaged the way we are seeking to. The technology that we’ve developed involves encrypting data on the client side. Most of the software out there doesn’t do this. Rattle off any app that you are running on your computer or your phone, and the data you generate and create is not encrypted, let alone automatically backed up. BM: Are there other security measures you’ll be employing? PP: We’ve also added two-factor authentication, although I fundamentally hate it from a user experience point of view. Two-factor is particularly problematic and a poor approach if the second factor for authorizing access is a phone number or email address. It’s better than nothing, but it’s not what one would consider to be “good two-factor.” BM: Is there a solution to this? PP: Yes, since 2015, we’ve been employing what we call “one touch, two-factor,” where we take two-factor and make it invisible by baking it in our Airbitz app. This eliminates the need for notification by SMS or email, or via an app like Authy or Google Authenticator. BM: Can you talk a bit about password recovery? This can be a big issue with
crypto users. PP: It is indeed. Think about this for a moment: If you lose your mobile ph
Security is one of the hottest topics in today’s ever-evolving digital world. A steady flow of debate continues to take place at tech forums worldwide on topics like encryption, passwords, two-factor authentication, hardware wallets and the like.
As cryptocurrencies and the tools being used to manage them take shape, questions loom about the most efficacious ways to protect both user assets and privacy. One individual who is at the epicenter of this active space is Paul Puey. He is co-founder and CEO of EdgeSecure, a blockchain-inspired, decentralized, open-source, zero-knowledge, global information security solution platform. Airbitz, his signature enterprise was birthed in 2013 as a bitcoin wallet provider and merchant directory. Today, he’s orchestrating a rebrand of this wallet, now called EdgeSecure.In an interview with Bitcoin Magazine, Puey talks about the tricky balance between new security and privacy measures being introduced and user experience. He also explores an emerging theme called “securing the edges” that forms the basis of his current workBM: What sort of problems are you attempting to solve these days? PP: The aspect of cryptocurrency we initially wanted to address revolved around how to effectively use secure keys. That was the impetus behind our decision to build a feature rich, functionally rich wallet at Airbitz over the years. We feel like this has really differentiated us in the whole area of key management. BM: How does your concept of EdgeSecure fit in here? PP: Our goal has been to broaden Airbitz by turning our key management standard into a platform for other apps. Even before we rebranded, we were already using the term Edge Security to examine how to come up with a solution that’s different from enterprise security. We view our approach as fundamentally different in the sense that we’re not trying to make a router or server more secure. Rather, our aim is to take data and secure it before it ever hits a device. In short, we are able to secure data before it goes out onto a network or server. People and their devices are what we are trying to secure. That’s where the term Edge comes from — before a user’s data ends up on their device, goes out to a network, goes onto a server — the encryption of that data happens first, as we say, “on the edges.” BM: But what about server networks? PP: We still believe that server security is important. But the visibility and encryption of that data all happens first before the data gets saved, broadcast and sent out on the network or gets onto a server. The concept of making data private and secure to the point where only the user can access it “on the edges” has never been an area of focus for cybersecurity companies. BM: So, in a nutshell, how does all of this actually work? PP: It works through a combination of technologies we’ve had for decades but have never been packaged the way we are seeking to. The technology that we’ve developed involves encrypting data on the client side. Most of the software out there doesn’t do this. Rattle off any app that you are running on your computer or your phone, and the data you generate and create is not encrypted, let alone automatically backed up. BM: Are there other security measures you’ll be employing? PP: We’ve also added two-factor authentication, although I fundamentally hate it from a user experience point of view. Two-factor is particularly problematic and a poor approach if the second factor for authorizing access is a phone number or email address. It’s better than nothing, but it’s not what one would consider to be “good two-factor.” BM: Is there a solution to this? PP: Yes, since 2015, we’ve been employing what we call “one touch, two-factor,” where we take two-factor and make it invisible by baking it in our Airbitz app. This eliminates the need for notification by SMS or email, or via an app like Authy or Google Authenticator. BM: Can you talk a bit about password recovery? This can be a big issue with
crypto users. PP: It is indeed. Think about this for a moment: If you lose your mobile ph