A fully decentralized digital identity solution for the future.

Websites typically store usernames and passwords in a database. When a user logs in, their device sends the password to the website, which then checks it against its records. However, databases are increasingly vulnerable to breaches. While encrypting passwords adds an extra layer of security, storing them as plaintext is a poor practice.

To make matters worse, user-generated passwords are often easily hackable. Cybercriminals have an array of tools at their disposal, including spyware, phishing, and brute force attacks, where algorithms use trial and error to guess the correct combination of letters, numbers, and symbols.

Web3 authentication may appear to be a step forward, but users remain vulnerable due to reliance on a single authentication factor. For example, keys are typically stored on the same device where the crypto wallet is installed. If someone steals or gains access to that device, the user loses control of their wallet.

Public key cryptography is an encryption method that utilizes a pair of keys to securely encrypt and decrypt messages between two parties. The public key functions like a username and can be shared openly, while the private key, much like a password, must be kept secret.

BIG ID leverages digital signatures, an application of public key cryptography, for the login process. To start, an app sends an authentication request to the user's device. The device takes the request and creates a digital signature using their private key and a cryptographic algorithm. The app then verifies the signature using the user's public key and approves the request.

Most modern computing devices contain a TPM (Trusted Platform Module) chip. One of the functions of a TPM chip is storing sensitive information, which in BIG ID's case is a copy of a user's private key. When BIG ID prompts the user to unlock their device, either by entering a PIN code or using biometrics such as fingerprint recognition, the TPM chip creates a new digital signature using their private key.

The user's private key is highly secure due to the virtually impenetrable TPM chip. This chip is embedded in the device's motherboard, and any attempt to tamper with it can result in irreparable damage.

In Web2 authentication, a username is typically linked to an email address, which big tech companies use as a unique identifier to track a user's activity. While transparency is a core principle of blockchain technology in Web3, it also allows anyone to trace the transactions of an individual wallet address using a block explorer.

Cryptographic pseudonyms are digital identities that protect a user's privacy online. They have a wide range of applications, from messaging apps to social media platforms and Web3 dapps. With BIG ID, a new pseudonym is generated each time a user logs in, ensuring that apps cannot track their activity.