TokenOne

TokenOne is a cybersecurity software company based in Sydney, Australia, focused on identity theft prevention through a patented authentication technology. The product provides a Two-Factor Authentication (2FA) solution built on One-Time Pad principles. Unlike conventional authentication systems, TokenOne does not require users to enter or reveal their PIN at any point during the login process. Instead, it uses a combination of smart device identification (possession factor) and Zero Knowledge Password Proof (knowledge factor) to authenticate users. **How It Works:** - Users register their mobile device as a unique hardware token and create a secret PIN. - During authentication, the PIN is never transmitted or revealed — not to the service being accessed, nor to TokenOne itself. - The device must be physically present and profiled to complete authentication. - Both authentication factors (device possession and PIN knowledge) are considered strong, distinguishing it from solutions where one factor is weaker. **Key Design Principles:** - Based on One-Time Pad encryption concepts, meaning there is no underlying algorithm that can be reverse-engineered or cracked. - User self-management: users register and manage their own device and PIN without requiring administrative overhead. - Designed for scalability across large user bases. The solution targets organisations seeking to secure access to deal rooms, client portals, corporate records, and critical systems while maintaining compliance and ease of use for end users.