Features

How Claveo Works

Claveo can easily authorize any transaction. Be it logging in to a website, transferring money, or accessing a corporate VPN, without access to both your password (or account number, PIN, etc.) and your mobile phone, an attacker cannot compromise your account. And because Claveo is a cloud-based solution that lives on your mobile device, it can authorize transactions competing technology cannot. While at lunch you could easily authorize a payment out of your bank account—and meanwhile prevent anyone not authorized from making one.

Before Claveo, anybody could transfer money out of your bank account by only knowing your account number and routing number. Now your money is protected with Claveo on your mobile device.

Mary Williams is trying to transfer $10,000 out of my account? Reject!


^ Top

Lightweight, Python-powered Server

Claveo Server Software is powered using industry-standard and open source software and runs on either your standard Linux or Windows installation—or ours.
  • Manages all Claveo Mobile clients
  • Military-grade AES 256-bit and RSA 4096-bit cryptography
  • Highly scalable
  • Connects with our generic Claveo Mobile client even if being run standalone
  • Neither stores nor sees any secret data; private keys are distributed
  • Identicon support for spoofing prevention
Additionally, our Web Application library provides an easy, flexible way to configure your authentication system with Claveo:
  • Simple API offers one configurable authorization callback and handles the rest
  • End-to-end verification: All authorizations are signed by the phone and cryptographically verified not to have been altered
  • Designed to withstand intrusion of the Claveo Server at any point during an authorization or enrollment

^ Top

Claveo Mobile: For iPhone, Android and BlackBerry

Claveo is available right now in the iPhone App Store and Android Market, and BlackBerry is coming soon. Additionally, we provide a mobile library that can be integrated into your existing mobile application, giving your users the most seamless authorization experience possible.
  • One-click interface
  • Authenticates any transaction: Supports all authorizations from all secure services in one mobile application
  • Mobile client can automatically connect to any Claveo server—authenticating with your website, ours, or your bank's, all from the same interface
  • Identicon support for spoofing prevention
  • Patent pending mobile hardware extraction technology generates truly unique cryptographic data, keeping you secure (where available)
  • Custom branding and integration support

^ Top

Claveo's Risk Mitigation Architecture: Keeping You Secure

When providing a cloud-based security product to our customers, a question often asked is: Are our users vulnerable if you get hacked? The answer: Absolutely not. You remain secure. Learning from our competitors' mistakes, we realize that by running servers which manage a global security system we are inevitably at risk of attack. Therefore we designed our security protocol to distribute sensitive information across the Claveo Mobile clients, thus unlike with our competitors' technology, a successful global attack against Claveo is next to impossible. For example, in a recent intrusion attackers broke into corporate networks using information stolen from one of our major competitors’ servers. On our servers there is nothing to steal. It's akin to having a secured vault with no money inside—even if you break in, nothing is lost.

Learn more about integrating Claveo with your secure service.