The problem IdenTicket solves
Need For 2FA in Ticketing
Rising Incidents of Account Takeovers
- Account takeovers (ATOs) have become a significant problem in the ticketing industry.
- Cybercriminals are constantly finding new ways to exploit stolen credentials obtained through data breaches, phishing, or social engineering
Preventing Identity Fraud
- One of the most significant issues in ticketing today is identity fraud, where someone uses another person's ticket to gain access to events.
- Tickets are often resold or transferred, and without proper identity verification, it's challenging to ensure that the person presenting the ticket is the rightful owner.
Ensuring Legitimate Access
- In many cases, tickets are tied to specific identities, especially for high-profile events where security is paramount.
- If someone other than the registered individual uses the ticket, it can lead to significant security risks.
- For example, unauthorized access to a VIP area or an event with strict entry requirements could compromise the safety and experience of other attendees.
- 2FA ensures that the person presenting the ticket is the same individual who registered or purchased it, reducing the risk of unauthorized access and maintaining the integrity of the event.
Solution
Ticket Tied to Your Identity and Wallet
By linking tickets directly to a user's identity and wallet, you eliminate the risk of unauthorized access and ticket misuse. This ensures that tickets are not just a transferable commodity but are uniquely associated with the individual who purchased them.
Time-Based OTP Verification – 2-Factor Authentication
Implementing a time-based OTP as part of your 2FA process ensures that even if someone gains access to a user’s wallet or other credentials, they still cannot use the ticket without the time-sensitive OTP. This adds an essential layer of security, preventing unauthorized users from claiming tickets that don't belong to them.
Challenges we ran into
Integrating with Nillion’s Technology
- Integrating the ticketing system with Nillion posed its own set of challenges. The decentralized nature of Nillion, while beneficial for security, introduced complexities in ensuring smooth communication between our system and the network.
- We faced issues with latency at times, which impacted the user experience. Through extensive testing and optimization, we managed to mitigate these delays, but it required significant effort and fine-tuning.
Ensuring Data Consistency
- Maintaining data consistency across a distributed system was another significant challenge. Because Nillion operates on a decentralized network, ensuring that all nodes had consistent and up-to-date information was crucial, particularly for the 2FA process
Cryptographic Implementation Challenges
- Developing and integrating these cryptographic protocols was challenging, particularly when ensuring they were both secure and performant.
- We had to carefully select and implement cryptographic algorithms that would provide the necessary security while still being efficient enough not to introduce significant delays in the authentication process.