DataInherit

DataInherit lets you store passwords in the cloud and assign beneficiaries

Next Story

Asus has the first Nvidia Optimus laptops~!

[Switzerland] Would you be comfortable with storing your passwords in the cloud? That’s the hope of DataInherit, from Swiss banking security specialists DSwiss, which launched a new password ‘safe’ that lets you store your most important passwords on the company’s servers.

Along with the advantage of being able to retrieve those passwords from wherever you have an Internet connection, the service offers an interesting additional feature: the ability to assign beneficiaries – loved ones, or perhaps business associates or next-of-kin – should anything happen to you. It’s an increasingly awkward problem as we move more and more of our life into the digital domain, how to give others access to that data after we’re gone.

DataInherit data safes have what the company calls “inheritance technology”, which is a fancy way of saying that users can assign beneficiaries to individual data assets “and DataInherit carries out the data inheritance process as specified by the customer including the notification of beneficiaries.”

For its password safes, DataInherit is adopting a freemium model. A free version enables customers to store up to 50 passwords and includes 10MB for documents. While a premium offering costing €1 per month features unlimited passwords storage, 100MB for documents and SMS authentication (mTAN). That’s pretty expensive if compared to other cloud storage offerings based on storage size alone, but it may be worth it for many for the inheritance feature alone.

DataInherit says it will be launching a dedicated iPhone App for its Password Safe service next month.

  • Davor

    good idea, however it remains unclear how they plan to persuade people that secure data is more secure on Net than at their own homes (or physical safe). At home there will potentially be only limited number of ‘intruders’. But on Net there are thousands of highly skilled hackers who are able to penetrate all security fences. Abit scary indeed. Even if they have secure passwords etc, some hacker can secretly record my password while I am typing it on my computer, and use it against me.

    • reto

      apparently, they offer optional 2-factor-authentication with a one-time-password (mTAN) to mitigate password-theft on the client side.

  • http://www.datainherit.com Tobias Christen

    Thanks Davor and Reto,

    You rightly point out a fundamental challenge that DataInherit/DSwiss (and most other online services) has to address: trustworthiness.

    While there are many factors that build trust (like company history, company size, usability, etc) I would like to address shortly the security angle.

    As the designer of the service, we are convinced that storing your passwords/documents in the DataInherit safe is more secure than leaving them on an (infected?) computer at home.

    In contrast to most other services we have made some design decisions that satisfy highest privacy and security requirements:
    – all of your data is strongly encrypted and access to the encryption keys is only possible with the user’s password (http://en.wikipedia.org/wiki/PBKDF2).
    – this is why we don’t store the users password in any form, which then requires that needed to put more effort into the authentication method, here we used a so called SRP method (http://en.wikipedia.org/wiki/Secure_remote_password_protocol).
    – this gives you the same usability as normal uid/pw based authentication but removes quite many risks and
    – as Reto points out, on top of that we have a 2-factor authentication
    -In contrast to even high security banking and government services we are not able to reset your password. None of our employees or any third party can ever see your data.

    Hence, I would go as far as claiming that the easiest way for a hacker to get to your data is attacking your home PC.

    So from a security perspective, I believe we have taken all possible steps and went through high implementation costs to build an extremely safe and secure service. Unnecessary to mention that all our servers run in banking data-centers with highest physical protection.

    I am more than happy to provide also technical answers via email (support (at) datainherit.com).

    Regards
    Tobias Christen, CTO DSwiss Ltd.

    PS: read more about our security measures under http://www.datainherit.com/en/data_safes/technical-security.html

  • http://www.datainherit.com Tobias

    Thanks Davor and Reto,

    You rightly point out a fundamental challenge that DataInherit/DSwiss (and most other online services) have to address: trustworthiness.

    While there are many factors that build trust (like company history, company size, usability, etc) I would like to address shortly the security angle.

    As the designer of the service, we are convinced that storing your passwords/documents in the DataInherit safe is more secure than leaving them on an (infected?) computer at home.

    In contrast to most other services we have made some design decisions that satisfy highest privacy and security requirements:
    – all of your data is strongly encrypted and access to the encryption keys is only possible with the user’s password (http://en.wikipedia.org/wiki/PBKDF2).
    – this is why we don’t store the users password in any form, which then requires that needed to put more effort into the authentication method, here we used a so called SRP method (http://en.wikipedia.org/wiki/Secure_remote_password_protocol).
    – this gives you the same usability as normal uid/pw based authentication but removes quite many risks and
    – as Reto points out, on top of that we have a 2-factor authentication
    -In contrast to even high security banking and government services we are not able to reset your password. None of our employees or any third party can ever see your data.

    Hence, I would go as far as claiming that the easiest way for a hacker to get to your data is attacking your home PC.

    So from a security perspective, I believe we have taken all possible steps and went through high implementation costs to build an extremely safe and secure service. Unnecessary to mention that all our servers run in banking data-centers with highest physical protection.

    I am more than happy to provide also technical answers via email (support (at) datainherit.com).

    Regards
    Tobias Christen, CTO DSwiss Ltd.

    PS: read more about our security measures under http://www.datainherit.com/en/data_safes/technical-security.html

blog comments powered by Disqus