Inman

Trust Stamp will use selfies to protect your email

Have suggestions for products that you’d like to see reviewed by our real estate technology expert? Email Craig Rowe.

NEW YORK — Thanks to social media and the web, our personalities are quickly becoming entirely digital, intangible doppelgängers of our true selves built on ones and zeros.

It’s no wonder real estate scammers and other criminals have turned their attention to our online identities and the bank accounts, devices, and social security numbers connected to them.

Wire fraud related to real estate is on the rise, and a number of vendors are popping up to help banks and title companies stay a step ahead of the skullduggery.

Trust Stamp is one of them.

Trust Stamp CEO and cofounder Andrew Gowasack

At 2018’s Inman Hacker Connect event in New York City this week, CEO cofounder Andrew Gowasack discussed from the stage the risks associated with current forms of biometric identification, such as fingerprint access to our phones and retina scanning.

“The FBI’s last number for real estate wire fraud was $969 million,” Gowasack said.

Gowasack told the New York City crowd that fingerprints can be lifted from stolen phones and used to access their information.

He then reminded the crowd that last year, hackers shared online how easy it is to mimic a person’s eye with a good camera lens and a color printer, and use it to beat the iris scanner on a Samsung smartphone.

The future, Trust Stamp believes, is in facial recognition, or, proof of life.

The company is developing facial recognition plugins for Gmail and Outlook that are going to make it much easier for banks and consumer data devices to ensure identities and safely share private information.

“It’s called Trusted Mail,” said Gareth Genner, Trust Stamp’s cofounder and executive counsel. “It’s in beta, an we’re waiting on the integration with Microsoft Outlook. It’s currently integrated into Gmail.”

Credit: Trust Stamp

Customers can sign-up to test the beta now on Trust Stamp’s website. The company plans to release the plugin publicly in February.

“It will just appear inside your normal email client, and it’s a button that says, ‘encrypt’ and ‘decrypt,'” Genner explained.

“You’ll be asked to take a photo the front and back of your driver’s license, we do the forensic examination of that, and compare that to your secure selfie, and apply proof of life, and create a secure identity for you.”

Wire fraud is often rooted in email. People send requests from similar accounts with similar names (or sometimes completely unrelated names) and within minutes become criminally wealthy.

After that initial setup process, a person need only take a photo with the encrypt button to lock-in their identity to the recipient.

Genner told me that their company delayed launch of the product during the fallout of the DocuSign Hack of 2017, in which millions of customer email accounts were accessed.

“We were doing what DocuSign does, what everyone does, which is to store credential so a secure server.” Genner made sure to air-quote the word “secure.”

“After that, we built the system to store two separate private keys for you. One on your device, and a second on private key on our server,” Genner explained.

The phone accesses and compares live biometrics, then sends it to the Trust Stamp servers to verify. If the phone is hacked, the server confirmation stands in the way, and vice versa.

Use cases for Trusted Mail include encrypting attachments, closing statements, wire information, and any form of PII (personally identifiable information) document.

Have a technology product you would like to discuss? Email Craig Rowe