―　What Is the PASSMEMORY^TM Authentication System?

The PASSMEMORY^TM authentication system is a way of putting your everyday "life memories" to work for you as secure passwords.
After registering the familiar names of close friends, relatives, teachers, former classmates, and other acquaintances as "keys", you'll need to select the "keys" you know from a series of randomized lists. That's how the PASSMEMORY^TM authentication system can be sure you're the authorized user.

1. Password panic got you down?
2. Keys are "stored" in your own long-term memory
3. Easily customizable for increased security
4. Shut down phishing schemes
5. Lock out online scammers
6. Device-free, user-friendly logins

1.　Password panic got you down?

In an effort to lower security risks, users are asked to change their passwords often or think up complicated passwords that a hacker would have a hard time guessing. To make matters worse, most users need to keep track of multiple passwords for various work and personal applications. Password management that can fulfill these two major needs has become nearly impossible to achieve. Desperate users end up jotting down their passwords in violation of security protocol, using the same password for different applications over a long period of time, or forgetting their passwords altogether.

2.　Keys are "stored" in your own long-term memory

The familiar names of your friends, relatives, teachers, and classmates are automatically, naturally stored in your long-term memory, so even if you think you've forgotten them, you'll still be able to pick them out of a list of names. The PASSMEMORY^TM authentication system's "life memory" feature takes advantage of this fact, making the all-too-common complaint of forgotten passwords a thing of the past.
Users don't have to worry about forgetting their passwords. There's no need to write down these "keys" for ostensible safekeeping. The temptation to use the same password for every application will vanish.

3.　Easily customizable for increased security

You might think that simply choosing a registered name from a list wouldn't provide enough security, that a scammer could crack the system too easily. In fact, with the appropriate selection of name "keys", the number of dummy names populating the list, and the number of times the user is prompted to select his or her registered names, a system administrator can obtain precisely the amount of security the situation requires.
Furthermore, simply increasing the number of dummy names and selection rounds will make the process that much more secure. For example, applications requiring a comparatively low level of security in their authentication process can employ three selection rounds, while an application that needs much stricter security would elect to use ten.
This highly customizable security level is one of the PASSMEMORY^TM authentication system's strong points, a feature not available in traditional ID/password schemes, biometric authentication, or indeed any other authentication method in general use.

4.　 Shut down phishing schemes

The PASSMEMORY^TM authentication system is highly effective against phishing, thanks to its fundamental dual authentication features that are performed both user-side and server-side.
When a user accesses a legitimate site to which he or she is truly attempting to gain entrance, he or she will enter a user ID and be presented with a name list that includes one preregistered user "key". The user selects this "key" to complete one selection round and proceed to the next.
On the other hand, if someone accesses a site created with the sole intention of defrauding bona fide users, the name list he or she will be asked to review won't contain any familiar "key" names. Faced with a number of meaningless names, the user will soon realize the site is fraudulent.
More important, however, is the fact that the user will give up if he or she is unable to select the specially registered "key". If a user did happen to select a non-"key" name in the first round, he or she would notice the lack of "key" names in the following round, and even the most distracted user would realize that something was amiss.
Defense against most basic phishing schemes relies solely on the user's attention to detail, but the PASSMEMORY^TM authentication system's integrated dual authentication features allow for simple and effective phishing prevention.

5.　Lock out online scammers

Although it's far from complex, the PASSMEMORY^TM authentication system is an effective way to defend users from not only phishing schemes, but from all kinds of online scams.

• Key loggers:
  The keyboard isn't used to input the password "keys".
  
• Spoofing and account sharing:
  It's too much of a bother to tell other people all of your personal "keys", thus restricting casual account sharing.
  　　　
• Social engineering:
  It would be next to impossible for even the most charming scammer to elicit multiple "keys" from his or her victim.

6.　Device-free, user-friendly logins

Most biometric methods rely on specialized devices for authentication. Because these devices are expensive and require maintenance and supervision, their use is limited to corporate systems with easily implemented administrative controls and a comparatively small number of login points.
While the one-time password method doesn't have any such restrictions, it does require the user to carry a password-generating device with him or her at all times.
Compared with these methods, the PASSMEMORY^TM authentication system needs no specialized devices and can be implemented at low cost for any number of users. Furthermore, it's ideally suited to use in authentication on mobile devices, such as PDAs and cellular phones, as well as devices without keyboards, like consumer game consoles and touch panels. The PASSMEMORY^TM authentication system is a truly universal authentication method, perfect for any device and for any user.

―　Dare to Compare

The traditional ID/password method requires the user to enter a single alphanumeric password, but the PASSMEMORY^TM authentication system asks for several "keys": the familiar names of close friends, relatives, teachers, former classmates, and other acquaintances.
Furthermore, the traditional ID/password method asks the user to enter first his or her ID and then the corresponding password. The PASSMEMORY^TM authentication system first prompts the user for his or her ID, then uses that ID to select a corresponding "key" name and automatically generate a random list of dummy names to be displayed alongside it. The user must then select the one "key" name he or she had previously registered with the system from out of the list of dummy entries. By repeating this selection process multiple times, the PASSMEMORY^TM authentication system can determine if the user is indeed authorized.

To order PASSMEMEORY product, please contact Yukiko Onishi, Marketing, The Brains Inc.
Tel: +81-3-3288-5058/D-FAX: +81-20-4668-9293.