Dragon Factor

Technology Overview

As enterprises continuously digitize their businesses, there is an increasing need for security and trust built around digital identities. Current identification systems are siloed and enterprises are having major challenges to manage Personal Identifiable Information (PII) in an increasingly regulated environment (eg. GDPR). On top of that, privacy and control of their data is becoming a greater concern for users as well.

Dragon Factor uses blockchain technology that allows users to authenticate to a website or other service with a secure cryptographic signing mechanism. No username or password will be necessary or required for the sign-in process.

Technology Features & Specifications

Dragon Factor is a blockchain-based identity and access solution that allows users to take control of their identity and eliminates the risk for enterprises to store PII (e.g. risk of data breaches, and GDPR compliance). Delivered as a service, built on top of the Dragonchain platform, Dragon Factor Identity authenticates users to applications using public-key encryption. Third-party Factor Identity Providers confirm claims or factors about a user without sharing the actual data, it de-risks the storage of PIIs associated to users and data breaches.

  • Dragon Factor does not store personal identifiable information, instead, the hashes of the actions are recorded into our decentralized system. This makes it virtually impossible to hack all of the business data because it’s not stored in one location. Dragon Factor also provides access control to the data; therefore individuals or companies can control who has the ability to view and edit data, reducing unauthorized access.
  • Dragon Factor provides a better solution than what federated and self-sovereign identity provides: businesses can manage and update a person’s consumable identity components or factors into one place.
  • The verification process of Dragon Factor relies on third-party Factor Identity Providers who are able to verify sensitive data for businesses. Dragon Factor has logic built into its system that can update its data once a Factor Identity Provider verifies the data. This can create ease and reduce costs for businesses.

Dragon Factor enables individuals and businesses to:

  • Determine where data will be stored, including the geographic region, and allows for tighter control over jurisdictions where nodes are operated.
  • Keep data private and ensure it never leaves the private blockchain unless explicitly granted, or by including references to the underlying data (stored elsewhere) in the form of a hash value in the payload.
  • Comply with requests to be forgotten. This is accomplished by removing the underlying data (“off-chain”) reference via a hash value.
  • Filter access control to applications, providing selective exposure of specific factors.
  • Eliminate liabilities, such as the retention of PII or other sensitive data.

Potential Applications

  • Managing healthcare records with easy “transportability” without moving the data.
  • Any online login application (web, banks, social media, governments, universities).
  • Access control based on one or multiple biometric factors (e.g. fingerprint, iris, facial recognition).
  • Identification of devices (e.g. IoT devices) for trusted communication or firmware updates
  • SIM Swapping prevention