Pages:
Author

Topic: [ANN] Clef is secure two-factor authentication with no passwords or tokens - page 2. (Read 15215 times)

legendary
Activity: 1722
Merit: 1000
WOW that is really good news for Clef and all the exchanges that operate with AlphaPoint.
Looking forward to see some of the other 20 exchanges use Clef Logins!

Congratulations to the team.  Smiley
newbie
Activity: 54
Merit: 0
AlphaPoint Integrates Clef

19 May 2015

AlphaPoint, the leading technology backend for Bitcoin exchanges, announced today that they will support Clef for any of their exchanges.
Bitcoin exchanges are at the very heart of the ecosystem, and AlphaPoint powers many of them, including Bitfinex, the largest exchange in the US.

Security is critical for exchanges, who see large amounts of traffic and huge volumes of money pass through their system every day.
Two-factor authentication is offered by some, but the extra security that Clef offers is a major differentiator for high-value sites.
In addition, opt-in rates for traditional two-factor auth are under 15%, while Clef sees more than 50% of users choose our passwordless logins.

We have been focused on serving the Bitcoin community and the integration with AlphaPoint goes a long way to helping us protect more cryptocurrency sites.
Individual exchanges will still need to enable Clef to get the protection of this integration, but several exchanges have already announced that they’ll be enabling
Clef immediately, including MeXBT, FlowBTC, and Bitt.

Stay tuned for more Bitcoin announcements coming in the next few weeks!

http://www.coinbuzz.com/wp-content/uploads/2015/05/alphapointintegratesclef.png

As featured on:

Bitcoinist.net: AlphaPoint Adopts Clef’s No-Password Two-Factor Authentication
CoinBuzz: AlphaPoint Announces Clef Support
Inside Bitcoins: AlphaPoint Adopts Clef’s No-Password Two-Factor Authentication
Bitcoin Magazine: AlphaPoint Integrates 2FA Service Clef for Secure Logins to Bitcoin Exchanges
NewsBTC: AlphaPoint Bitcoin Exchange Platform Adopts Clef Security
newbie
Activity: 54
Merit: 0
Come and join Clef at the EAST BAY BITCOIN MEETUP, Thursday 21st May, 7PN at Clef HQ.

Speaker Lineup:

Jad Mubaslat, CEO & Founder, Bitquick

RSVP Here: http://www.meetup.com/East-Bay-Bitcoin-Meetup/events/222117175/

https://i.imgur.com/MQbzKDB.png
newbie
Activity: 54
Merit: 0
The first of our weekly GIF reactions winners has been selected.
Congratulations go to @mikowhy for his entry below.  Smiley

http://twitter.com/getclef/status/599413024605220864


https://i.imgur.com/ZFioot3.gif
newbie
Activity: 54
Merit: 0
We are a proud sponsor of the Coinbase BitHack V2 online competition, and we'll be giving away a Jawbone BIG JAMBOX Bluetooth Speaker to one lucky winner!

Developers building innovative apps with bitcoin can participate from anywhere. Learn more: https://developers.coinbase.com/bithack

https://i.imgur.com/w1dMuDU.png
newbie
Activity: 54
Merit: 0

This is great idea. When will the bug bounty program end?

We keep updating our app and API over time so it will be ongoing. Thanks for asking.
legendary
Activity: 927
Merit: 1000

http://getclef.com/whitehat

Our whitehat & bug bounty program
At Clef, we're building usable two-factor authentication for consumers. We take the security and privacy of our users very seriously, and
we welcome working with security experts to make our product, and the Internet, better.

If you believe you've found a vulnerability, we'd love to work with you through our Responsible Disclosure Program. Please include a detailed
summary of the issue you discovered so we can reproduce it and assess its severity.

Rewards
The minimum reward offered to whitehat researchers is $32 USD (paid in Bitcoin or USD, your choice). To earn a reward, you must
report a previously unknown vulnerability of sufficient severity.

Eligibility
To be eligible, you must:
  • Be the first person to responsibly disclose the bug.
  • Report a bug that could compromise our users' private data, circumvent authentication or system protections, or enable access within
    our infrastructure.
  • Assist in our review of the issue (on a case-by-case basis) to determine if you are eligible.

A good report has:
  • Detailed steps for reproducing the bug.
  • A concrete attack scenario answering how the vulnerability in question would impact Clef or our customers.

Scope & rules of engagement
The following web properties owned by Clef are in scope for the program:
  • getclef.com (our main site).
  • *.clef.io (our API server).
  • We are especially interested in vulnerabilities in our API or vulnerabilities which may allow unauthorized access/logins.

The following web properties are not in scope for the program:
  • support.getclef.com (not hosted by us).
  • docs.getclef.com (not hosted by us).
  • blog.getclef.com (a WordPress site).
  • Customer sites or sites which have integrated with Clef are also out of scope.
  • Our mobile apps are also currently out of scope, but we are constantly re-evaluating this program.

The following conditions are also not in scope for this program. Any of the activities below will disqualify participation from the program:
  • Intentionally harming the experience or usefulness of Clef to others (i.e. Denial-of-service).
  • Attempts to view, modify, or damage data belonging to others.
  • Physical attacks against Clef employees, offices, and data centers.
  • Social engineering of Clef employees, contractors, vendors, or service providers.
  • Knowingly posting, transmitting, uploading, linking to, or sending any malware.
  • Pursuing vulnerabilities which send unsolicited bulk messages (spam) or unauthorized messages.
  • Any vulnerability obtained through the compromise of a Clef customer or employee accounts.
    If you need to test a vulnerability, please create a free account.

Disclosure
To disclose a security vulnerability, please email [email protected] with a detailed report on the issue. You can find our PGP public key below.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu

mQENBFH0CDYBCADQPUcOhTolB0sn1b265xqWnxINHyZoN6Qqf05aulFYmkFgK6wdicLBHcmP
JYmi+mwpRgQ+ye5jYniE6ojM1hN4D+cOAQ/eTJ6nHDykSkV5RWeB65kWopSJQPeJwTGE0+Xr
Sb5cRyxAdj2sVk8ri0gDxpL/E6c8CwRxsgCJKmnoUJCZsXp4MsguFbzZirRSLRSNkY3MV1Ui
OQ92AVzpS+Er9atlYI0WjXWj1to8H6zXBdn59nO2kWYJIJo7cDDbbwjBi98cMTm3UFlvhH6q
rI0ROV9yltikk9VjtvB6aaxPjEPb2lI2m7qY42YGXSpye6xmen8gYCeGxMkiA1jBaeStABEB
AAG0JENsZWYgU2VjdXJpdHkgPHNlY3VyaXR5QGdldGNsZWYuY29tPokBPQQTAQoAJwUCUfQI
NgIbLwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDn3SaPdx/BZJ30CACYr5Xo
YDENwHxRJ3RCA6e95FY3NUcHCRG5JHUgTX+m+YMDZG6ldJqZYsr036ODLQm/L37l2J13ddze
9mwZZDL+GOxHb4jN8FXoc7t6HGGIYqHCoTHl1i0cEXC6dxFeGlecLPDQOHS53NqvlzFOcsno
QqwvFMm8ZmY+ZxyQ0+9IFOW9Z17OflYknlc3Nhy176yAwfEOqF9sQlqhFe+bu6O/RO8xjqss
m/R42B+wOrEUPT93Vesqfk3TkytHdApLRkKYfimpn7/tAKddsMaIltO+rlUXuRgkaXOT8veO
VXLf/6rOAcqvoB+uLazyY7OfBH2/P3j+SIROyIk8zVf1xGgouQENBFH0CDYBCAC+nb2nphOp
eHCQXI9WtZoKnXHtsLMylAstBtjj99sF8a//vjj0N5lRaqBCZ/294E69EOQNiPcrMiR96vo9
y2symlK27/DZFMHnlM1J3eglaiRXKkdwgfVHBSDMJAaH3vB65sGr9WyigTUWTlfuM92BAwyM
5dz7U0FZWUpjP/mHumA6mFQ2CLmbBS60qpfb5Zg6ajkauoa7HhwbY/3l5SvnxAWdhldEDW37
mfNPlbBUcUJPz+6TaeVGwPe0PJaSDc3xcNO8dG7pt4+wGybE0yi3LnttRYyANUhrUNEHcxwg
0B2oa8tr3hcYpBdgI6wRhQGvYidkj9sYRaO6lPy/tNCvABEBAAGJAkQEGAEKAA8FAlH0CDYC
Gy4FCQeGH4ABKQkQ590mj3cfwWTAXSAEGQEKAAYFAlH0CDYACgkQjTg/jWOnu5UQuQgAidJ4
VsHYNIiz3MPnaBtzSx0PCXAlNavFE+Kys6WX7qEZwuHhhrIQSiYJKJwkidU/SHORww7eHS7Z
7luvi9BTPoyQ0cbVEwfRL7QzJY4cVJflqGPNx4M08aJ6CCMeSEHUa8hYPUvlWZJNzlDhsXmI
NHND/l+CJsLO/V51fP1n9/kC157Za9zBXV0wlDwj5DhiR8LP9zn6fDV6pfmb3TvNyxZExCNK
uj7CF3oO2IEloqJPwF/G4do1AzDBo9LqvetZ4z1CWJbP/NsbPWHG5jY5oFe3QJaM2bbrMQ5B
ryXLM37s1PwGd4lvt+AiX6ApVwAIG+RFhDoPLFCgKezyEYc+XDlPB/wIh8DBV5Q4wOw9GaJo
3MLbQG/MoAbgU9bsT49Ex7V8bB3AVlmQbTYKA4BdvlgumvS9kNwhkgyPX8g4052vIIG4Rp+A
1DaIdwq/SyA2JAvFAm72543hfXPE/biu3YPMx9djCKDM8ALpkfmuyMxEstcKaL0oHlWExroQ
v/iMZrSN2lwJQzYNgy34rQD7UQlFF3TljjOgNdovXGf4k6WkDNDBLT+Za4UkIlDxxPUo/pxB
gD4FwXvolaGUOziG3iQr+Fml0W9M8Plt9g0ggbxks73UmWNNAMC795d5ctucpm4lbAvCuIdc
tXzyREbMFtpa/Yt5xIV6IaZyQUfXSzdMUWvP
=FThV
-----END PGP PUBLIC KEY BLOCK-----

This is great idea. When will the bug bounty program end?
newbie
Activity: 54
Merit: 0
newbie
Activity: 54
Merit: 0

http://getclef.com/whitehat

Our whitehat & bug bounty program
At Clef, we're building usable two-factor authentication for consumers. We take the security and privacy of our users very seriously, and
we welcome working with security experts to make our product, and the Internet, better.

If you believe you've found a vulnerability, we'd love to work with you through our Responsible Disclosure Program. Please include a detailed
summary of the issue you discovered so we can reproduce it and assess its severity.

Rewards
The minimum reward offered to whitehat researchers is $32 USD (paid in Bitcoin or USD, your choice). To earn a reward, you must
report a previously unknown vulnerability of sufficient severity.

Eligibility
To be eligible, you must:
  • Be the first person to responsibly disclose the bug.
  • Report a bug that could compromise our users' private data, circumvent authentication or system protections, or enable access within
    our infrastructure.
  • Assist in our review of the issue (on a case-by-case basis) to determine if you are eligible.

A good report has:
  • Detailed steps for reproducing the bug.
  • A concrete attack scenario answering how the vulnerability in question would impact Clef or our customers.

Scope & rules of engagement
The following web properties owned by Clef are in scope for the program:
  • getclef.com (our main site).
  • *.clef.io (our API server).
  • We are especially interested in vulnerabilities in our API or vulnerabilities which may allow unauthorized access/logins.

The following web properties are not in scope for the program:
  • support.getclef.com (not hosted by us).
  • docs.getclef.com (not hosted by us).
  • blog.getclef.com (a WordPress site).
  • Customer sites or sites which have integrated with Clef are also out of scope.
  • Our mobile apps are also currently out of scope, but we are constantly re-evaluating this program.

The following conditions are also not in scope for this program. Any of the activities below will disqualify participation from the program:
  • Intentionally harming the experience or usefulness of Clef to others (i.e. Denial-of-service).
  • Attempts to view, modify, or damage data belonging to others.
  • Physical attacks against Clef employees, offices, and data centers.
  • Social engineering of Clef employees, contractors, vendors, or service providers.
  • Knowingly posting, transmitting, uploading, linking to, or sending any malware.
  • Pursuing vulnerabilities which send unsolicited bulk messages (spam) or unauthorized messages.
  • Any vulnerability obtained through the compromise of a Clef customer or employee accounts.
    If you need to test a vulnerability, please create a free account.

Disclosure
To disclose a security vulnerability, please email [email protected] with a detailed report on the issue. You can find our PGP public key below.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.4
Comment: Hostname: pgp.mit.edu

mQENBFH0CDYBCADQPUcOhTolB0sn1b265xqWnxINHyZoN6Qqf05aulFYmkFgK6wdicLBHcmP
JYmi+mwpRgQ+ye5jYniE6ojM1hN4D+cOAQ/eTJ6nHDykSkV5RWeB65kWopSJQPeJwTGE0+Xr
Sb5cRyxAdj2sVk8ri0gDxpL/E6c8CwRxsgCJKmnoUJCZsXp4MsguFbzZirRSLRSNkY3MV1Ui
OQ92AVzpS+Er9atlYI0WjXWj1to8H6zXBdn59nO2kWYJIJo7cDDbbwjBi98cMTm3UFlvhH6q
rI0ROV9yltikk9VjtvB6aaxPjEPb2lI2m7qY42YGXSpye6xmen8gYCeGxMkiA1jBaeStABEB
AAG0JENsZWYgU2VjdXJpdHkgPHNlY3VyaXR5QGdldGNsZWYuY29tPokBPQQTAQoAJwUCUfQI
NgIbLwUJB4YfgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRDn3SaPdx/BZJ30CACYr5Xo
YDENwHxRJ3RCA6e95FY3NUcHCRG5JHUgTX+m+YMDZG6ldJqZYsr036ODLQm/L37l2J13ddze
9mwZZDL+GOxHb4jN8FXoc7t6HGGIYqHCoTHl1i0cEXC6dxFeGlecLPDQOHS53NqvlzFOcsno
QqwvFMm8ZmY+ZxyQ0+9IFOW9Z17OflYknlc3Nhy176yAwfEOqF9sQlqhFe+bu6O/RO8xjqss
m/R42B+wOrEUPT93Vesqfk3TkytHdApLRkKYfimpn7/tAKddsMaIltO+rlUXuRgkaXOT8veO
VXLf/6rOAcqvoB+uLazyY7OfBH2/P3j+SIROyIk8zVf1xGgouQENBFH0CDYBCAC+nb2nphOp
eHCQXI9WtZoKnXHtsLMylAstBtjj99sF8a//vjj0N5lRaqBCZ/294E69EOQNiPcrMiR96vo9
y2symlK27/DZFMHnlM1J3eglaiRXKkdwgfVHBSDMJAaH3vB65sGr9WyigTUWTlfuM92BAwyM
5dz7U0FZWUpjP/mHumA6mFQ2CLmbBS60qpfb5Zg6ajkauoa7HhwbY/3l5SvnxAWdhldEDW37
mfNPlbBUcUJPz+6TaeVGwPe0PJaSDc3xcNO8dG7pt4+wGybE0yi3LnttRYyANUhrUNEHcxwg
0B2oa8tr3hcYpBdgI6wRhQGvYidkj9sYRaO6lPy/tNCvABEBAAGJAkQEGAEKAA8FAlH0CDYC
Gy4FCQeGH4ABKQkQ590mj3cfwWTAXSAEGQEKAAYFAlH0CDYACgkQjTg/jWOnu5UQuQgAidJ4
VsHYNIiz3MPnaBtzSx0PCXAlNavFE+Kys6WX7qEZwuHhhrIQSiYJKJwkidU/SHORww7eHS7Z
7luvi9BTPoyQ0cbVEwfRL7QzJY4cVJflqGPNx4M08aJ6CCMeSEHUa8hYPUvlWZJNzlDhsXmI
NHND/l+CJsLO/V51fP1n9/kC157Za9zBXV0wlDwj5DhiR8LP9zn6fDV6pfmb3TvNyxZExCNK
uj7CF3oO2IEloqJPwF/G4do1AzDBo9LqvetZ4z1CWJbP/NsbPWHG5jY5oFe3QJaM2bbrMQ5B
ryXLM37s1PwGd4lvt+AiX6ApVwAIG+RFhDoPLFCgKezyEYc+XDlPB/wIh8DBV5Q4wOw9GaJo
3MLbQG/MoAbgU9bsT49Ex7V8bB3AVlmQbTYKA4BdvlgumvS9kNwhkgyPX8g4052vIIG4Rp+A
1DaIdwq/SyA2JAvFAm72543hfXPE/biu3YPMx9djCKDM8ALpkfmuyMxEstcKaL0oHlWExroQ
v/iMZrSN2lwJQzYNgy34rQD7UQlFF3TljjOgNdovXGf4k6WkDNDBLT+Za4UkIlDxxPUo/pxB
gD4FwXvolaGUOziG3iQr+Fml0W9M8Plt9g0ggbxks73UmWNNAMC795d5ctucpm4lbAvCuIdc
tXzyREbMFtpa/Yt5xIV6IaZyQUfXSzdMUWvP
=FThV
-----END PGP PUBLIC KEY BLOCK-----
legendary
Activity: 1630
Merit: 1000
I think for most people it's hard for them to justify switching providers if they've been using one that works well for so long. Incentivizing the switch could be a good marketing move. Signature campaign, contests, draws and/or more media and user engagement is the key. I know for me I like to listen to recorded interviews or watch vids. Keep it up guys, you're doing great stuff here.

agreed, I think most companies dont realize how insecure other 2Fa solutions are until it is to late.
legendary
Activity: 927
Merit: 1000
I think for most people it's hard for them to justify switching providers if they've been using one that works well for so long. Incentivizing the switch could be a good marketing move. Signature campaign, contests, draws and/or more media and user engagement is the key. I know for me I like to listen to recorded interviews or watch vids. Keep it up guys, you're doing great stuff here.
newbie
Activity: 54
Merit: 0
Another article about Clef on Inside Bitcoins.

We are pleased to have been of help to both Factom and Koinify to protect their Software Sale.


Clef’s Success Story: Protecting the Factom Token Sale
newbie
Activity: 54
Merit: 0

Thanks for sharing it with us. Will add to our article list in the OP.  Smiley
legendary
Activity: 1268
Merit: 1006


Andrew wrote a great piece on multifactor authentication that talks a lot about Clef. Check it out: http://www.newsbtc.com/2015/05/01/multi-factor-authentication/
legendary
Activity: 1722
Merit: 1000
There are some really cool Reaction GIFs on Clef's Twitter: https://twitter.com/getclefRoll Eyes Shocked

I think one of the best ones is this one:

https://twitter.com/sashalives/status/590172262726144001

This one is wicked!

https://twitter.com/getclef/status/590202196450365441

And this one:

https://twitter.com/carbonsoldier/status/589048964181336064

What other ones do you guys like?
legendary
Activity: 927
Merit: 1000
Cool another great partnership. When will I be able to login to bitcointalk with clef?  Grin

In due time Smiley
legendary
Activity: 927
Merit: 1000
Ziftr is Revolutionizing Shopping — Without Passwords

Clef continues to spread among Bitcoin/cryptocurrency companies today as you can start using Clef to log in to ziftrPAY, a credit card payment platform. E-commerce is an important place for cryptocurrency to gain adoption, and Ziftr is building all of the critical pieces of infrastructure to make it work. We believe in the huge potential of ziftrPAY and are excited for Clef users to try it out!

“With ziftrPAY, we’re creating a simple, secure shopping experience for merchants and shoppers, so it makes perfect sense for us to incorporate two-factor authentication from a company that also values simplicity and security,” said Bob Wilkins, CEO of Ziftr. “This partnership with Clef brings together two innovative companies that are reinventing user experiences and making waves in our respective industries.”

"Usability is the missing ingredient keeping cryptocurrency from going mainstream, which is what makes us so excited to be working with Ziftr,” said Brennen Byrne, CEO of Clef. “With ziftrPAY, they're helping bring a whole new tier of merchants into the fold and making it easier for anyone to pay."

What’s the partnership between Ziftr and Clef all about?
ziftrPAY, the next-generation cryptocurrency and credit card payment platform and customer loyalty program, will be integrating Clef to provide enhanced security and convenience for ziftrPAY users.
ziftrPAY users will essentially have the option of signing into their accounts using Clef or using a traditional password login.

At Clef, we really believe in the power of cryptocurrencies and making them easier to use, and Ziftr fits perfectly with our vision. That’s why, as a part of this partnership, we’ll also be using ziftrPAY for payments from the sites that use Clef’s premium tiers. We’re impressed with the tools Ziftr has built and are excited to be using them ourselves.

There’s no doubt about it: People love having options! This partnership between Ziftr and Clef gives both ziftrPAY and Clef users the freedom of choice: whether it’s about how they log in to the ziftrPAY platform or how they pay for Clef’s services.

For more on ziftrPAY, visit https://www.ziftrPAY.com.
For more on Clef, visit https://www.getclef.com.



Great update!
newbie
Activity: 54
Merit: 0
Cool another great partnership. When will I be able to login to bitcointalk with clef?  Grin

We are open to help anyone implement Clef. It would be a pleasure to have Bitcointalk integrate Clef.
legendary
Activity: 1630
Merit: 1000
Cool another great partnership. When will I be able to login to bitcointalk with clef?  Grin
Pages:
Jump to:
© 2020, Bitcointalksearch.org