The best auth is the one users never see
Test Invisible MFA in 2 hours and enroll 100% of users within a week
Relock: Invisible MFA
Stop using SMS codes for authentication
"The world does not need another Auth0..."
We agree. That's why we built something different - a fix for a very specific problem, designed to work with anything you already have.
If your users are stuck with SMS codes, despite all your efforts and investment, it will help you. It will switch them to authentication with strong cryptographic keys directly in the browser - invisibly.
We spent months working with the best cryptographers and IAM legends to make it work. Give it a look - we attach a solution brief (3 minutes) and a demo (45 seconds). Then send an email or book a call to speak to one of us directly. No pitch - all auth.
- Marcin and Prem, Relock Founders
.png?width=675&height=675&name=SMS_Cover%20image%20(1).png "Relock_SMS Cover image")
See how it works
Watch a short demo of Relock Invisible MFA for SMS users and an explainer of the underlying technology
Frequently asked questions
How is Relock deployed?
Relock can be deployed as a cloud-based service, both SaaS and self-hosted, and on premises. The core service is a scalable containerized application.
How is it integrated?
Invisible MFA supports two basic modes - authentication at access and continuous - that differ in frequency of user verification. It also enables several integration options, ranging from a simple redirect (visible to the user as a loader), to a small JavaScript SDK added to the protected application (for fully invisible authentication at every request in high assurance environments).
How much time is required for deployment?
The exact time required for deployment may vary, depending on the complexity of your current IAM stack.
Testing Relock requires typically no more than 2-3 hours, while integrating it within a basic authentication flow using SMS is possible in under 1 day.
Relock has multiple standardized integration guides available for some of the most common frameworks and software tools used.
Important: With Relock your roll-out and adoption happen at the same time. There is no action needed from your users to enable Invisible MFA and all users are covered instantaneously.
How are the One-Time Keys secured?
Relock uses several mechanisms that provide a very high level of One-Time Key security:
Interdependent encryption - Neither the browser, not the server holds the encryption keys required to read its OTKs. They are mutually encrypted and can only be decrypted in communication between the two.
Fragmented secrets - Relock uses not one, but a set of keys, including both private and symmetric secrets that are stored fragmented, using the entire browser environment. The system makes it resistant to standard infostealers that allow session cookie theft.
Browser fingerprint - In addition to the encryption inherent to Relock, browser-side secrets are additionally signed using a dynamic browser fingerprint that prevents their use in case of an exfiltration.
Inevitable compromise detection - The system retains a memory of the OTKs previously used (without storing the keys themselves) and their sequence. Even if compromised on the browser side, the window of an attack is very narrow. Any action from the legitimate user will inevitably trigger key renewal in the service and an immediate block / discovery of the attack.
Relock Invisible MFA is a patent-pending technology filed with the US PTO.
What is Relock's pricing?
Relock offers two pricing options:
Usage-based pricing for all deployments using Relock's cloud-based SaaS service.
License-based pricing for all deployments using self-hosted or on-prem services on own infrastructure.