tech • technology Next-gen privacy- preserving biometrics Nothing to remember. Nothing to steal. You are the key. 01 overview who we are Keyless is a deeptech, cybersecurity company Keyless provides a next-gen, privacy- Our zero-knowledge biometric solution •foundedoverview by renowned security experts, enhancing biometric authentication eliminates the need for businesses to store and experienced technologists and business leaders, solution combining proprietary multi-modal manage biometric data, passwords, and any backed by top-tier VCs, bringing 10+ years of biometrics and advanced cryptographic other sensitive information without research in biometrics and cryptography to life technology in a distributed architecture compromising on convenience or privacy About us Capabilities Footprint + 40+ 8 10 Team Years of Multi-device: Strict GDPR Zero-trust: Global footprint HQ // United Kingdom members top 10 privacy research Enroll once, use compliance: Identification, with international R&D // Italy and Israel & sec. scholar everywhere no PII involved built-in MFA offices BD // Singapore Trusted by Recognized by 03 mission Enable everyone to seamlessly access any digital service from any device, at any time, while keeping personal credentials safe, private and under control. Nothing to remember. Nothing to steal. You are the key. At Keyless, we believe in a world where people can be in control of their privacy and identity. 04 mission the world is going passwordless 51% $5bn 2.3bn of passwords are reused Facebook fine for years of credentials stolen across services privacy violation in 2017 alone (University of Oxford) (Reuters) (Shape Security) Simplicity vs. Privacy vs. Security By 2022, Gartner predicts that 60% of large and global enterprises, and 90% of midsize enterprises, will implement passwordless methods 05 evolution why now Accounts Hacked: PASSWORDS Single Factor 3 billion 1960s 500 million 267 million 143 million HARD TOKENS Two Factor 117 million 1990s SOFT TOKENS 2000s SMS or App TOTP BIOMETRICS 2010s Fingerprint, face • Local authentication • Centralized authentication 07 ZERO-KNOWLEDGE BIOMETRICS Face, behavioral Today • No storage of biometric data • Enroll once, use everywhere Introducing privacy-preserving biometric authentication and personal identity management platform. Unique combination of multi-modal biometrics and privacy- enhancing technologies for seamless digital identification. Authenticating people. Not devices. Not passwords. 08 problem fundamental limitations Existing biometric methods have fundamental limitations Local Authentication Local Reach Immutable Privacy Security User tied to Not universal Leakage of User not in Easy to hack one device data possible control of data (single factor) Centralized Authentication Security Privacy Immutable Central User not in Leakage of honeypot control of data possible when data sent to server 09 solution next-gen private biometrics Keyless provides a next-gen, privacy-enhancing biometric authentication solution combining proprietary multi-modal biometrics (facial and behavioral) and advanced cryptographic technology Software only solution Keyless Protocol: world s first commercial Authenticates the accessible through any device, implementation of MPC-based biometrics platform and application end-user, not just • No biometrics stored anywhere, the device / end-point not on device, not on a central database • 300x faster than general purpose MPC Enables multiple use (100ms instead of tens of seconds) cases in zero-trust • Highly computationally effective (no battery drainage) Exceeds strictest authentication, digital identity and beyond regulatory req. GDPR, CCPA, PSD2 Recognized by Eliminates security risk MFA by design such as fraud, phishing and Distributed biometric credential reuse matching 010 industry recognition recognized by Gartner Hype Cycle for Identity and Access Management Technologies, 2020 Gartner IAM Hype Cycle Jul 2020 Biometric Authentication • Benefit Rating Moderate • Market Penetration 5% to 20% of target audience • Maturity Early mainstream • Sample Vendors: Auraya Systems, FaceTec, iProov, ImageWare Systems, Keyless Technologies, OneVisage, SensibleVision 011 technology how it works Capture Split into shares Send to multiple independent servers and match Recombine secret for 1 2 3 4 biometrics and encrypt encrypted shares against encrypted patterns one-time use Distributed on Keyless network Nothing to remember Nothing to steal User in control Enroll once, use everywhere, any No central honeypot, Fundamental privacy preserving platform, any device no data on user devices technology Note: For further information on the technology, enrollment and authentication flow, please click here 012 technology building blocks Zero-knowledge proofs AI and cryptography Distributed private for device identity at the edge computation • Zero-knowledge proofs to • Deep learning on user's device • Processing of authentication with securely verify authentication to extract biometric template advanced secure multi-party requests are being launched from • Irreversible transformation of computation protocols in the a user's trusted device data into shards using Shamir’s cloud • No information about user’s Secret Sharing • Independent validation of identity can be obtained • Permanent deletion from device, authentication requests without after shares sent to servers in learning anything about the Keyless Network user's biometric data 014 technology multi-factor by design User-friendly visible protection Invisible protection Privacy-preserving Zero-knowledge, AI-driven Distributed private device recognition (ZKP) physical and behavioral biometrics computation (sMPC, SSS) Use anywhere from any Continuous and dynamic AI-driven state-of-the-art Factor agnostic, multiple device and any channel multi-factor authentication anti-spoofing biometrics; private by design 026 portfolio product lines Keyless Authenticator Keyless Mobile SDK Keyless PIM SDK and PIM Wallet • Workforceproducts Auth Consumer Auth Personal Identity Mgmt. [B2B] [B2B2C] [B2C] Enables business to adopt zero-trust Enables businesses to strongly authenticate their Enables individuals to easily and securely passwordless authentication and protect their consumers under PSD2 in one simple action manage their own personal info and privacy remote workforce ✓ Employee identification and device verification ✓ Enroll once use everywhere and on any device ✓ Self-provisioning and management of user own personal data ✓ HW / OS agnostic same experience for all ✓ Meets Strong Customer Authentication employees from laptop and mobile requirement (PSD2) ✓ Selective disclosure of personal data in a private, secure manner ✓ Cost and time saving ✓ No risk of consumer PII/biometrics Coming in 2022 VPN IdP & Workstation Mobile & VDI RDP Android iOS React Active CIAM SSO Login Web Apps Authentication 033 Passwordless MFA across all employee touchpoints workforce authentication One authenticator for many use cases Passwordless SSO Keyless integrates with your existing IdP to enable passwordless MFA for your enterprise apps in minutes. Desktop MFA Keyless eliminates passwords from your Windows 7,8 and 10 login experience and offers built-in MFA with one look. Remote Login Keyless enables your workforce to securely authenticate to your VPNs - on any device, from any location. 036 products consumer authentication Many use cases, easy to integrate PSD2 SCA Provide your customers with a unified experience with built- in MFA that eliminates fraud, phishing and credential reuse Customer KYC and MFA Integrate superior passwordless security that authenticates people, not devices, in minutes - for all users, on any device E-signature Provide your users the ability to electronically sign documents using their face biometrics, from any device 043 technology unique capabilities powered by breakthrough technology Software Based - Enroll Once - Authenticate Users - No Biometrics/PII Hardware Agnostic Use Everywhere Not Devices Stored Anywhere Keyless does not rely on Users enroll once in a 5- Keyless identifies users Keyless exceeds strictest the device hardware or second process and can across every touchpoint, privacy compliance sensors, and can thus be use it across all devices so you can make sure that requirements since no PII/ deployed on a large set of and touchpoints and the user who is logging in biometric data is stored devices and appliances enable seamless recovery is actually the correct user anywhere No reliance on Face ID Multi-device support Unique identity for Exceeds privacy or other 3rd party tech and simple recovery every user compliance beyond GDPR 060 success story case study Secure remote access for virtual exams Keyless Authenticator™ Simple, secure, and above all, private In response to COVID-19 lockdowns, LUISS Guido Carli University partnered with Keyless and Cisco, to allow their Nothing to remember Anti-fraud protection students to sit their summer exams remotely No central honeypot, Eliminates phishing no data on user device and man-in-the-middle 12+K 6+K 2.2K 10 Nothing to steal Privacy compliance One look multi-factor GDPR compliant, authentication private by design Students Auth/day Virtual exams Days to go-live Ubiquitous experience Easy to deploy Any platform, any Integrates with all device, anywhere identity providers "The integration with LUISS and Keyless is a concrete example of the potential that can be unleashed when best available technologies come said Agostino Santoni, CEO of Cisco Italy.