“It is mutual trust,
even more than mutual interest,
that holds human associations together.”
H. L. Mencken
Owners and operators of a global Trust Framework that provides a secure, “real identity” assurance for digital transactions. Understanding who you are dealing with and having trust in the authenticity of a digital transaction is missing from current Internet and mobile commerce.
- An appropriate platform for business - static and mobile
- Based on the law, evidence and traceability
- Interactions based on the needs of the two contracting parties
- High levels of identity assurance
- Information assurance and provenance
- People controlling devices not devices controlling people
- True eradication of paper and ink
- Business processes across boundaries
- Move towards autonomic compliance (e.g. Data Protection Act)
- Security is an outcome of our approach and is engineered in
- Protection of intellectual property
Many people ask us what we mean by the term trust framework. There are a number of obvious examples, such as the banking SWIFT system. This is a closed system for a specific purpose. The Aletheia Trust Framework is a 'public' infrastructure for general business and is open.
The best definition we have come across is from the US lawyer Thomas Smedinghoff and American Bar Association lead on digital trust issues. An acceptable Trust Framework is a system that:
- Provides enforceable rules for a workable and trustworthy identity ecosystem that are binding on all participants
- Adequately protects the rights of the parties
- Fairly allocates risk and responsibilities among the parties
- Provides legal certainty and predictability to the participants
- Complies with / works in conjunction with existing law
- Works cross-border (state or country)
What problems do we address?
The debate around what's wrong with the Internet has continued for years. As the debate continues, there seems to be little progress on a lasting solution, just more 'sticking plasters'.
Aletheia's unique and fundamental shift to an approach built upon the law,
and how we do business genuinely crosses that void, and puts control back where it needs to be.
- Inability to transact electronically with confidence and trust
- Problems with identification and authentication of customers or citizens
- Client on-boarding, KYC, AML and beneficial ownership
- Electronic signing of contracts not fit for purpose
- Online fraud and misrepresentation
- Online interaction is too complex for the user
- Regulatory compliance & accountability almost impossible on electronic channels
- Personal Data Loss, privacy and confidentiality
The Aletheia Solution
Our starting point – it’s not about the technology. Instead we respect the law and legal/commercial requirements, which have been in existence for hundreds of years, a proven model for business and interactions.
- We provide evidential weight traceability & auditability
- Our approach mirrors the physical world so always works. Our philosophy is based on how you would interact if there were no computers?
- Our interactions are on a peer-to-peer basis so no centralised data repository
- Our Identification and authentication is a mutual two-way process not allocated to you by another party
- We provide real-time reference / verification of credentials through trusted parties
- Our environment is secure and encrypted both in transmission and storage
- Our environment is tested and certified by accredited authorities
- There is mandatory auditing of local actions and the option of 3rd party auditing
- There is no name@domain address to identify people and / or organisations
- We enable multichannel n-factor authentication
We have designed and built a proprietary method by which individuals and organisations can interact electronically across a trusted infrastructure in a way that:
- Shifts focus from underlying technology to how it is applied;
- Shifts control away from the technology function and back to the boardroom;
- Reduces spend on ‘sticking plaster’ solutions and technology overall;
- Makes the technology an appropriate business tool, not a collection of gadgets;
- Protects the privacy and human rights of the individual;
- Reduces the cost and complexity of complying with legal and regulatory obligations, and
- Allows an Operator to correctly monetise digital channels.
- In ‘designing in’ all of the above, it became apparent that current technologies are obstacles and a fresh approach is required.
- The model that we have developed is robust, extremely comprehensive, end-to-end, massively scalable
- and protected.
- This is all based on an invention subject to patents.
KNOWING WHO YOU ARE DEALING WIT?H IS THE CRUX OF THE PROBLEM
There are regular reports of cyber attacks on large organisations in the public and private sectors and these appear to be growing in both regularity and scale. Cyber security budgets increase year-on-year, and yet the problems continues to worsen. The current approach is clearly not working.
The underlying problem that is disregarded is that we can't be confident in who we are dealing with. If we don't know who we are dealing with, then we cannot assess if they are likely to be malicious or not.
Allocating a login to someone doesn't make them accountable as you cannot 'bind' their login id to their legal identity. This is a unique element of the trust framework - legal identity not technical identity.
WHY SHOULD YOU CARE?
Improving how we communicate
Are you worried about sending sensitive commercial information in the clear using email? You should be.
Our software allows an organisation to replace email when sending documents or messages to your customers or colleagues.
Interactions between you and your customers are defined by a trusted relationship.
The interaction is peer-to-peer – there is only you and your customer in the transaction.
Have high levels of assurance that your message has been delivered and read.
No more problems with larges files being held up or rejected by mailbox size limitations.
All interactions are encrypted.
All interactions are stored in an audit log.
If protecting your customer data is a major problem you wish to solve, give us a call to find out more about our unique capabilities.
Protecting your IP
Does your business develop valuable intellectual property?
Our software allows you to protect your intellectual assets by controlling access to sensitive information through roles
- Information can be shared with parties within a trusted process.
- Access is controlled by the role the party has within the process, not by their login credentials.
- Processes can be defined across organisational boundaries e.g. with patent lawyers
- No information is sent using email or file transfer, so always within the control of the organisation.
- Store all your IP assets in a register
- Audit all interactions with your IP assets, e.g. who viewed a document, where it was sent, when it was edited, etc
- All IP is securely stored in encrypted format
If protecting your intellectual assets is a major problem you wish to solve, give us a call to find out more about our unique capabilities.
Protecting your reputation
Would your business reputation be tarnished if your customer data were compromised?
Our software allows an organisation to protect sensitive customer data without impacting on your business operations.
- Trusted processes can be defined according to roles rather than login credentials.
- There are no passwords to steal
- All company data is encrypted and securely stored.
- All interactions with customer data is audited
If protecting your customer data is a major problem you wish to solve, give us a call to find out more about our unique capabilities.
Replacing a plethora of passwords
Is password replacement something that your organisation is struggling to achieve?
Our software enables and organisation to do away with passwords and login credentials.
- Control access to resources and documents by using trusted processes based on user roles and requirements.
- Security of assets and business records is enhanced as there are no passwords to steal.
- All interactions within the organisation are stored on a tamper-proof audit log.
- Authentication is fully in your control, so there is no 'one size fits all'
- Every relationship has a unique method of authenticating.
- Unlike with passwords, you cannot create accidental vulnerablities by writing down passwords - they don't exist!
If you would like to eliminate passwords and login credentials within your organisation, give us a call to find out more about our unique capabilities.
Document signing with multiple signatures
Do you require multiple parties to sign a digital document?
Our software enables an organisation to define a trusted process where multiple parties can sign the same document.
- We can even have witnessing in an electronic signing event.
- Have high levels of assurance that each signing party is genuine.
- Understand the role of the signee and whether they have sufficient authority to act.
- Our process carries evidential weight in a court of law.
- We do not use certificates, which are problematic when it comes to evidence.
- There are no passwords or login credentials, so there is nothing to steal.
All interactions are stored in a tamper-proof audit log.
If obtaining multiple digital signatures (or just digital signing) is a major problem you wish to solve, give us a call to find out more about our unique capabilities.
Replacing PKI & SSL Certificates
Would you like to avoid implementing or replace SSL certificates in your organisation?
Our software enables users and devices to managed using trusted relationships.
- There are no certificates to implement, replace or revoke.
- Users and devices are either ‘trusted’ or ‘not trusted’ all within the control of the organisation.
- There are no third parties required to issue certificates.
- You remain in control at all times.
- You don't have to pay for certificates.
- You avoid the overhead of certificate management.
All interactions within the organisation are stored on a tamper-proof audit log.
Our commercial model
Aletheia licenses the use of its infrastructure and software on a geographic / sector basis.
A suitably qualified organisation can acquire a licence for a territory or an industry within a
territory. Licencees at a national level are referred to as ‘National Operators’ and are for
commercial or civil government use.
The licensing structure permits sub-licensing by National Operators to sub-operators who
operate in specialist sectors.
Aletheia manages the licensing ‘chain’ where each link in the chain is responsible for the link
immediately below. The infrastructure manages the metering of transactions and provides
billing information for fees due by each link in the chain.
The diagram below shows the operation of the Aletheia model, being the Framework and
Core Framework, by contrasting its core functionality with the steps in a typical 3G/4G
licence process that a large national mobile telephony operator would have to consider.
The tools and functionality of the Aletheia Trust Framework allows organisations to work
seamlessly across organisational and national boundaries. We take care of the transport
layer ensuring that authentic transactions are carried out between the correct parties.
“Trust is at the very heart of everything we humans do. In an instant, trust can be lost forever. As trust grows, so does confidence and in the field of commerce, the more we trust the more we do business and the more we prosper.
Jon Roffe, CEO & Founder, Aletheia International
If any of the above if of interest, and you and you would like to know more, please get in touch.
We protect our intellectual property with care, so we limit what we reveal online. We are happy to be more open with legitimate parties.
+44 (0) 2033 936977
1 Royal Exchange, London, EC3V 3DG
Aletheia International (Holdings) Limited makes no warranty or representation that the web site will meet your requirements, that it will be of satisfactory quality, that it will be fit for a particular purpose, that it will not infringe the rights of third parties, that it will be compatible with all systems, or that it will be secure.
Whilst every reasonable endeavour has been made to ensure that all information provided on this web site will be accurate and up to date, Aletheia International (Holdings) Limited makes no warranty or representation that this is the case. We make no guarantee of any specific results from the use of our services. No part of this web site is intended to constitute advice and the content of this web site should not be relied upon when making any decisions or taking any action of any kind.
Limitation of Liability
To the maximum extent permitted by law, Aletheia International (Holdings) Limited accepts no liability for any direct or indirect loss or damage, foreseeable or otherwise, including any indirect, consequential, special or exemplary damages arising from the use of the web site or any information contained therein. Users should be aware that they use the web site and its content at their own risk
Nothing in these terms and conditions excludes or restricts Aletheia International (Holdings) Limited’s liability for death or personal injury resulting from any negligence or fraud on the part of Aletheia International (Holdings) Limited.
Law and Jurisdiction
These terms and conditions and the relationship between you and Aletheia International (Holdings) Limited shall be governed by and construed in accordance with the Law of England and you agree to submit to the exclusive jurisdiction of the Courts of England.
Aletheia International (Holdings) Limited is register in England, number 07808088. Our registered office is at 24 Picton Court, Hussar Court, Waterlooville, Hampshire PO7 7SQ