Home Smart 100 2010 Stepwise Mobile for Cloud ID (SMART 100)

Stepwise Mobile for Cloud ID (SMART 100)


The following SMART 100 profile and the information it contains is a duplication of content submitted by the applicant during the entry process. As a function of entry, applicants were required to declare that all details are factually correct, do not infringe on another’s intellectual property and are not unlawful, threatening, defamatory, invasive of privacy, obscene, or otherwise objectionable. Some profiles have been edited for reasons of space and clarity. More about the SMART 100.

This innovation initially came to life when…

Looking at the emerging market for cloud-based personal health records, as the sharpest end of smart phone applications where the tensions between authenticity and privacy are so acute, I had an epiphany that Lockstep’s intellectual property for encrypting virtual identifiers could be embedded in each mobile device app. The idea is to bake into each app a unique local handle for the user, indelibly marking all data originated from that app, authenticating the user without necessarily identifying them, and stopping data streams to be linked across apps without the user’s consent.


The purpose of this innovation is to…

…dramatically enhance the privacy, integrity and security of transactions with highly sensitive, cutting-edge cloud-based services (especially personal health record management) performed on smart mobile devices.

It does this by…

…taking a unique virtual ID of the user (either self-selected or assigned by the transaction service), specific to the application context, encrypting it using Lockstep’s standards-based encapsulation process, and binding it into the associated app at download time. Thereafter, standard digital modules in the device automatically and indelibly ‘seal’ all data originated from the app with the relevant ID.


This innovation improves on what came before because…

Data streams sent into the cloud from conventional apps have no inherent ‘pedigree’ as to their origin. They are typically identified by association with manually entered data to identify the user. Standard authentication methods usually elicit excessive and redundant personal information (like name and address), which leaves transactions vulnerable to cross-linking and fuels identity theft.

Its various benefits to the customer/end-user include…

…much greater convenience; dramatically enhanced privacy by eliminating the linking of transactions; in turn, the possibility of safer, more advanced sensitive applications (esp. personal health records) in the cloud; faster end-to-end transaction processing.


In the past, this problem was solved by…

…weak authentication of user identity via static password entry, one-time password, SMS confirmation, etc. (all inconvenient to use) with no assured binding of identity assertions with transaction streams. State-of-the-art authentication and identity management are achieved using chip cards; Stepwise Mobile implements the same core PKI-based technology as chip cards, in a more practical and available form factor.

Its predecessors/competitors include…

… biometrics (typically fingerprint scanning), as the only other advanced authentication mechanism for mobile. Biometrics fundamentally converges all IDs, as opposed to allowing diverse, private, app-specific virtual IDs as per Stepwise.


It is made for…

The rise of highly sensitive, highly personalised and highly diverse applications in the cloud, where service providers need superior authentication of users, and users demand supreme confidence in the safety of their increasingly complex and distributed data streams. The prime examples are personal health records (PHR) and shared electronic health records (SEHR). Just as demanding, especially when users wish to maintain a portfolio of virtual identities, are online social networks (where Stepwise also has the power to convey anonymous proof of age, membership and other attributes), dating services, voting and interactive polling, and participatory behavioural advertising.


It is available for sale through…

…systems integrators and managed security service providers, who licence the core patented IP from Lockstep Technologies, and deploy it to a variety of devices.

Our marketing strategy is to…

…leverage Lockstep’s reputation in privacy, e-health and government policy, plus our network of affiliated thought leaders, to position Stepwise with more innovative cloud services. We promote the unique ability of Stepwise to safeguard sensitive customer data and identities. We focus on high-end services, with the appetite to differentiate with a no-compromise approach to their customers’ privacy and safety.


While the judging is now officially over, you can still show your support for this innovation in one of the following three ways:

  1. Hit the VOTE UP button: Top left of each page (Not available for IE users)
  2. Trigger a Reaction: Re-Tweet, Like on Facebook, etc.
  3. Leave a Comment: Share the love!

To check out the Anthill SMART 100 Readers’ Choice winner for 2010, click here.