How Woven Works?

The key differentiator between Woven and other services is that we verify the true identity of the user. We authenticate WHO is logging in, not WHAT is being typed as a username and password.


 User Onboarding

User onboarding ensures the identity of the employee by verifying government identity documents and comparing selfie photos with the document photo. This process also generates unique cryptographic keys that are stored in secure hardware on the phone.

identity creation

First the employee downloads the Woven app, and picks a Woven username. The Woven app then generates unique cryptographic keys that get stored in secure hardware in their phone.

identity Verification

Next, the employee uses the app to scan and verify a government-issued identity document, such as a driver’s license. Woven uses forensic techniques to verify the authenticity of the document and extracts the information from the document.

facial recognition

Finally, the employee takes a live selfie so that we can compare it to the photo from the identity document. When finished the photo and other data are encrypted and stored in the phone, allowing us to re-verify identity later when needed.

User Consent Transactions

Individual consent requests are sent to the user for all logins or identity transactions that require user consent. The consent request also lists all PII that is being requested by the consent request.


 Zero Knowledge Platform

Woven verifies user information and identity, however our cloud is called zero-knowledge – we don’t store data unless it’s fully encrypted where we don’t have the keys to decrypt it.

zero knowledge

We don’t store customer PII unless it’s encrypted where Woven doesn’t have any of the keys to decrypt the data. We store one-way hash values for some customer identity claims.

secure containers

Ephemeral processing of user PII is done in secure containers that receive encrypted data from clients and eliminate the data when complete.

anonymized data for machine learning

In cases where we need to apply Machine Learning techniques to customer data, the data is associated with a UUID (Universally Unique Identifier) that is generated by the mobile app.


 Administering Woven

Almost every SaaS/Cloud app for business supports the SAMLv2 standard for Single Sign-On. Using this same standard, Woven can integrate with these apps to become your Digital Identity Provider (IdP) in a matter of minutes. 

Group 20.png

Cryptographic Multi-Factor Authentication

For all identity transactions, Woven supports up to FIVE different factors for authentication. We let the business decide what level of authentication should be required for each application or transaction type.

Protection of PII

Woven protects your PII by defining, publishing, and promoting a Consumer PII Bill of Rights that is far reaching and futuristic in its approach. It will focus on a long-term eventuality in which businesses don’t store your PII at all – it’s stored in a PII Vault within an Identity Service and accessed (with your consent) only when needed.

Digital Credentials

Woven will support the issuance of verifiable employment credentials that allow businesses to issue proof-of-employment & income credentials to their employees, forever eliminating the need to call a previous employer to verify employment.

Blockchain & Key Mangement

Our overall approach is based on blockchain technology, which solves very specific problems in making our platform hack-resistant and fully trusted. All data is stored and distributed in decentralized data platforms using the Woven permissioned blockchain.

 How Passwordless SSO Works

Woven provides an Identity-Backed Single Sign-On (SSO) solution that is compatible with the existing SAML 2.0 standard. This eliminates passwords and replaces them with secure cryptographic keys combined with authentication factors including a PIN and multiple layers of biometrics. Our solution provides everything you need to stay security compliant and safe.