Category: sezame Info

A lot of times when the team is out there talking to prospective customers, this is one of the first questions we hear. They see what sezame does and compare it to stuff they already use (and probably like). That’s a good starting point! So let me try to explain why and where things are a little different if you start using sezame.

There are many apps out there in today’s app stores making use of fingerprint and other biometric authentications like face or iris scan: your banking app may be one of them, and cloud storage providers (like Dropbox or OneDrive and many others), email clients or financial transaction apps in general on the other hand (like your credit card company’s app or PayPal).
They all make use of the great opportunity and the high user acceptance already built into mostly all modern smartphones by using your biometric identifiers for safely accessing services they provide. Without the constant hassle of entering PINs or passwords whenever you open them up or want to use them. This works great and is a big step towards a world where we no longer need passwords.

We leverage these sensors as well, but our concept has a different approach. Let me try to explain it with a picture: keys and doors. The apps you are using today allow you to access a service (open a door) in a 1:1 ratio. You want to access your cloud storage: open the app and access it – storage door opens with storage key. Access your bank account: same story, open app, open account. You get the picture. So for every one of the services you want to use, you need the app for that service.

Sezame is designed to work like a master key: with one single key (app) you can access all of your services (doors) – admittedly not today, but more and more doors accepting your master key are added every month.

On top of this, to stay within the picture, with your single purpose keys, you will, like on your existing key ring and all respective doors, have all levels of security. Knob locks and lever handle locks, furniture locks, cylinder locks, deadbolts etc. Why? The way more than 90% (probably more like all of them) of today’s apps use the fingerprint for convenience only – typically the app allows you to set a PIN and then you can enable the biometric sensor (really like a convenience override) so you don’t have to enter the PIN every time you open the app. However, what happens under the surface (the app accessing the online service with the credentials stored in the app) typically is the good old username/password combination sent to the service you are accessing. Remember furniture locks? Some implementations combine this with additional security measures, e.g. a cell phone serial number or a number generated by the app and so combine the device and your credentials. Like a twin lock, highly improved security, unfortunately rarely implemented like this as it requires a lot of service side changes to accept the additional ‘key’. By adding the local fingerprint lock on the phone the user already feels safe anyway, so why go the extra mile …

With sezame, we not only enable services to allow secure access for their users, we also give them the tools to quickly and – depending on IT knowledge level – surprisingly easily implement the solution into their IT infrastructure. Once installed, we always require multi-factor authentication (MFA) on the service side. Going back to our door lock picture, we always make sure you brought all 3 keys required for one door – on every door you want to open with your master key.

In April 2018 we visited CyberCentral ( in Prague, a very informal dedicated cybersecurity conference in Europe. CyberCentral is a small cybersecurity conference in a two-day setting where everybody gets to know each other, and which is focused on exchanging ideas and stimulates that everybody gets real interaction with all other participants.

Some of CyberCentral’s topics from this year’s event were:

  • An insight from previous fraudsters how criminals think and how easy it is to hack passwords and credit cards or on how to convince normal people with a professionally faked account into trusting the fraudster.
  • GPDR, how will it affect everyone’s life or not? Will this new guidance really be in place end of May or do we continue in the beginning without taking all measures into account;
  • Blockchain security, how secure is it also when looking at the infrastructure it’s using and how can blockchain help in combatting fraud;
  • How easy it is to hack passwords, IoT devices, etc., showing us that testing products for security is really needed in today’s world.

For sezame it was especially interesting since we got the opportunity to present our product on main stage and next to that get some great feedback by the panel and the audience hearing our story. This will enhance further our story to make it even better addressable and understandable. Thanks CyberCentral for having us!

Sezame, the solution which will help the world from the nuisance that passwords and PINs pose to all our life’s today and makes this world safer!

Last week sezame was invited to join Advantage Austria‘s trip to Munich and Stuttgart for the Innovation Days Automotive 2018. Together with a highly innovative crowd of Austrian start-ups (Butleroy, Crypta Labs, ibiola mobility, Nekonata, Payuca, sensideon and Moonvision) we’ve been able to present our multi-factor remote authentication solution to some of the key players in the German automotive sector: BMW startup Garage, in-tech, next47, Startup Autobahn and RBVC. What a great opportunity for us to be part of this truely perfectly organised set of pitches and breakout sessions, every minute of this was worth it!

Sezame visiting HIMMS’18

In March 2018 we visited HIMMS in Las Vegas. HIMMS is the largest IT for Health exhibition worldwide and means Health Information Management Systems Society. Why did we visit HIMMS as our first visit to a healthcare exhibition? To put it bluntly the reason was that within the European healthcare sector the policies and decisions for healthcare are mostly done by the government which don’t take into account startups and thus it’s difficult in Europe to enter this domain easily. Next to that we think our solution is very well capable of supporting the healthcare sector since we are compliant to the European GPDR and eIDAS standards and our solution is simple and secure to use. Only in the US, Americans spend annually 3.4 trillion dollars on health ( which gives a picture how big this market is for IT.

What did we see at HIMMS, what were the largest takeaways?

  1. Healthcare is now primed for a digital transformation. Thanks to the $35 billion invested in putting electronic healthcare records in every hospital and doctor’s office, most healthcare providers are now computerized. With the EHR basics in place much more money will be spent in coming years. Also, Jared Kushner explained at HIMMS that The White House is fully focused on achieving interoperability of healthcare records;
  2. Enterprises are recognizing the safety, efficiency, and storage capacity of the cloud. From Amazon’s AWS to IBM’s Watson, virtually all 1300 vendors exhibiting at the show were promoting their cloud solutions;
  3. Artificial Intelligence, Machine Learning, Data Analytics, and Augmented Reality aren’t just coming: they are already here;
  4. Apple, Amazon and Uber entering the healthcare field captured everyone’s attention with the hope of a new casino game that is a guaranteed winner. Each of them represents an area — group purchasing via Amazon, employee clinics by Apple and transportation via Uber — that is currently covered in some form or fashion. It’s not that these companies will turn the sector around instantly, but it did create a buzz which the old-fashioned companies need to start innovating.

Especially the first two take-aways are interesting to us. In the US the majority of interactions in the healthcare system is based on 1-factor authentication solutions or even no additional checks (in case of the usage of hospital badges e.g.). We also noticed that biometric authentication was not yet mainstream in healthcare solutions.

Our solution can be used within the healthcare domain on various use cases for e.g. logging into online accounts (with our solution there’s no risk of fraud, since only the account holder can log into the account), logging into a computer (no password needed anymore), logging into subdirectories / files with biometric authentication, validation of a customer on the other end of the phone line via remote biometric validation, unlocking electronic key lockers, or even linking a healthcare badge when walking through e.g. a hospital. As long as a smartphone can be carried along through the healthcare facility and the requester for the authentication is connected our solution works… simple and very secure!

Help us spread the word and free the world of the nuisance that passwords and PINs pose to all our lifes today and let’s make this world safer – especially in the healthcare environment!

We realize biometrics is a very worrying subject. Your passwords might get stolen, a very inconvenient thing to happen (if you ever had one stolen and then used, you know the feeling), but there is an upside (if you want to look at it from a positive perspective) – you can set a new password on all accounts you used it and you are ‘safe’ again. But with your biometrics, there is no such thing as changing them in case of theft – they will stick, no reset possible.

That’s why here at sezame we opted for the one path where this does not pose a threat – we do not have access to your fingerprints or face scans, we do not store them and we certainly do not send them over the internet – encrypted or not!

We follow the same pattern led by the industry giants implementing biometric sensors – your data stays within your most personal device, your smartphone. It never leaves the phone and (up to today) there is not one documented incident where the bad guys where able to access these biometrics on a phone – they are safely locked away in a so called TPM (trusted platform module) – a cryptoprocessor on the mainboard with isolated communication capabilities towards the main processor or the internet-connected modules. The implementation of these secure co-processors in today’s smartphones makes it literally impossible to access the raw fingerprint data via the operating system or any applications running on the phone (again, as of today, not a single documented incident). If you want to read more about this (in great detail, here’s a link to how Apple implements this in today’s iPhones: iOS_Security_Guide and Touch ID advanced security technology

So under the (pretty safe) assumption that your fingerprints or face scans are secure on your device, we decided to use an approach leveraging these sensors and their built-in security the way they were designed.

What are the advantages of remote authentication compared to the existing Touch ID solutions many apps already use on my iPhone?

There are many apps out there in the app store today that already make use of Touch ID & Face ID (on Apple smartphones) or fingerprint authentication in general (on most Android smartphones): your banking app, cloud storage providers (like Dropbox or OneDrive and many others), email clients or financial transaction apps (like your credit card company’s app or PayPal) and even your Amazon shopping app. They all make use of the great opportunity already built into mostly all modern smartphones of using your biometric identifiers for safely accessing services they provide without the constant hassle of entering PINs or passwords whenever you open them up or want to use them. This works great and is a big step towards a world without passwords.

So what is different if I use sezame?
The main difference is the way sezame makes use of these biometric sensors built into your most personal device. We leverage this secure approach of storing your biometrics (as you surely have heard before, your fingerprint details never leave your phone, they are securely stored in the phone and can not be retrieved by anyone, including us) to enable you to remotely log into your preferred service via your device. With all the aforementioned examples, you are more or less only replacing a locally stored PIN or password for your app with your fingerprint – releasing this stored PIN. sezame on the other hand enables this via its patented process e.g. on remote websites but more generally speaking also allows for unlocking more or less any service on a connected device (that can make use of our unique process via the installed SDK – a little piece of code available on all major platforms like Java).

Once your favorite website, service or device has implemented our solution, all you need to unlock, open or enable it is your fingerprint on your smartphone – secure and simple. So unlike the solutions you already know making use of Touch ID etc. which can only unlock one service/app locally because you stored a PIN for that app first, our solution has the potential to unlock mostly everything (if implemented on a wide enough scale of course) – and this without storing passwords or PINs, not centrally and not locally on your phone. So one app will be able to unlock all the services you use on a daily basis with the same method and the same convenience – again and again and again. Help us spread the word and free the world of the nuisance that passwords and PINs pose to all our lives today!

photo credit: © Nicholas Brooks

Panel discussion Driving Digital

We just returned from Austin, TX where we had the pleasure to not only visit the great festival for digital innovations, SXSW, but also were invited to participate in a panel discussion on how the automotive industry is challenged in times of digital transformation. Moderator Engelbert Wimmer, CEO of e&Co AG, hosted a full hour discussion with three Austrian startups, Butleroy, Humanising Autonomy and sezame, presenting their views and visions for the cars of the future. Hosted by Austrian Day at the German house, this was a great opportunity for us and our fellow peers to provide insights into the daily challenges and opportunities when large corporations meet small startups. An enticing and lively conversation about tomorrow’s cars, how biometrics can assure that only the authorized owner can drive them, how effective security can only be achieved if it is friction-less for the consumer and more, all led by a brilliant moderator with deep-rooted knowledge in the automotive industry, captivated the audience and made for another highlight at this great event in Southern Texas!

photo credit: © Nicholas Brooks

Dear friends of sezame,

Helping the world getting rid of all passwords through remote biometric authentication got a step closer! 2017 has been a successful and busy year for us. Some highlights: we have been able to integrate the sezame technology into the first B2B and B2C environments, we got invited on a number of world renowned conferences and we worked a lot on developing new products. Time to give you all an exciting update what we did and what’s coming in the next couple of months!

“This solution convinced us, it is easy to use, but at the same time it offers our users optimum safety” (Christian Pfundner CIO Schrack Technik)


Next to stabilizing and improving our core B2B product we developed our first end-consumer (B2C) service which has been launched in January and can be obtained through an in-app purchase in our renewed sezame app. We are very proud to present a biometric vault called SAFE, in which you can safely store all your private and confidential information. It doesn’t matter where you install it, on a USB stick, somewhere on a hard drive or in the cloud, our solution makes it possible to safeguard your information by remote biometric authentication. It’s available through an annual subscription in the app store for 9,99 €, but as an introduction to our new product SAFE we changed our regular 3-month grace period to a 12-month grace period. So please download our sezame app for free and start using SAFE. If you like it also tell your colleagues, friends, about our product so they can use the same offer as well. This special introduction offer is valid until 28 February 2018. You can install SAFE on as many devices as you own. For more information please visit


Our product fits any company since replacing passwords with our solution will relief the IT helpdesk from a number of tickets and next to that you will benefit from minimized costs in comparison to other solutions. Sezame will visit a large number of different conferences to get different sectors acquainted to our product. To name a few where we will be present before the summer of 2018. Please contact us to visit us there and get a personal product demo.

Mobile: Mobile World Congress, 26 February – 28 February, Barcelona, Spain

Healthcare: HIMMS, 5 March – 9 March, Las Vegas, USA

Interactive, Film and Music: SXSW (South by SouthWest), 9 March – 18 March, Austin, USA

Fintech: MoneyConf, 11 June – 13 June, Dublin, Ireland

Internet of Things (IoT): IoT World Europe, 12 June – 14 June, London, UK


If you wish to receive further information please contact us by phone or mail:


Phone: +43 670 2044272

To stay tuned on the latest developments and follow us on our social channels or visit our homepage

Thank you

The sezame team