Published on: August 21, 2024
In a recent SafetyDetectives interview, Simonetta d’Ottaviano, Co-founder and CEO of Nettoken, discussed her mission to make cybersecurity more accessible for households. Nettoken was born from her background in Innovation Design Engineering and aims to fill a gap in consumer cybersecurity by offering a user-friendly, multi-generational password manager. Simonetta highlighted Nettoken’s unique approach, including the elimination of master passwords in favor of secure QR code authentication and a focus on collaborative management. She also shared her vision for the future of password management, emphasizing the importance of digital footprint awareness as the industry evolves towards biometrics and passwordless solutions.
Can you share the story behind the founding of Nettoken? What inspired you to create a password manager for households?
Nettoken’s journey started as a team project during our studies at the Innovation Design Engineering joint masters at the Royal College of Art and Imperial College London. It is a multidisciplinary program focusing on combining engineering and design to drive positive impact. In cybersecurity we noticed a significant gap from the consumer’s angle, and we saw an opportunity to use our backgrounds to innovate this highly un-catered side of personal cybersecurity by creating a human-centred, user-friendly tool that combined convenience with security and privacy by design. Our journey into cybersecurity started with inventing a new authentication device for which we hold a hardware patent, yet as the technology landscape has evolved over the years, so have our methods and we focused on the digital development of the original vision.
How has your background influenced your approach to digital security and the development of Nettoken?
One could say that we experimented our way into the security sector, catalysed by our curiosity to work on a project with high social impact. We began by tackling common challenges we all face on a day-to-day basis: passwords. We saw personal cybersecurity as a real design challenge to make it less intimidating. Existing solutions are not conceived for the general public and even less so for the most vulnerable. With our backgrounds in engineering and the tools of design, we first experimented with hardware solutions, which led us to research and develop the Nettoken software platform we have today—crafting a product that would consider all the delicate dynamics that a family can face, from young to old, and provide more awareness and control.
Password management is a crowded market. How does Nettoken differentiate itself from other password managers?
Password management is a crowded market, however, decade old solutions have not reached a big gap in the market because they are mainly for businesses and the tech-savvy. Nettoken is designed for multi-generational use, not just offering a family discount but a thoughtful design that suits all ages. Nettoken positions itself at the intersection between cybersecurity, design, and education to bring concrete solutions to the broader audience by looking at it from a usability angle. We proved that even with a diverse background, we could introduce a holistic point of view to such a complex industry and fuel a conversation around the need to make access to personal cybersecurity more ‘democratic’ and easier to adopt for the non-techies. We see Nettoken as more than just a tool; it’s a movement towards a safer digital future for everyone in the household.
What are some of the key features of Nettoken that you believe are game-changers for everyday users?
We put a lot of emphasis on collaborative password management to make sharing something that can be securely tracked and smoothly managed. For example, instead of randomly sharing credentials with your spouse or partner, you can create a dedicated dashboard that only the two of you can access for accounts you have in common. You can create multiple dashboards for everything and anyone you need to share with, whether it’s for a short-term task or for a long-term collaboration. This puts better control into users’ hands and avoids texting credentials or saving them in unencrypted spreadsheets.
Now, we are working on expanding this functionality to redefine digital parenting by focusing on collaborative password management rather than restriction and surveillance. Our platform allows parents and children to manage passwords together through a shared dashboard, promoting responsible digital habits and reducing cybercrime risks.
As adults, we have lived through the expansion of the internet, from it being just a small town with no signs – metaphorically – to becoming a gigantic planet with no map to navigate the multiple routes and potential dangers. Our exposure to threats online has had a dramatic surge in the last decade due to increasing digital exposure. It’s hard to keep up, which is significant for the younger users who interact with screens before they can speak. With 1 in 3 internet users being children globally (ref Unicef), we have an opportunity to plan how children enter and operate the digital world.
Could you explain the decision behind not requiring a master password and how Nettoken maintains security without it?
Our streamlined design and development approach reimagined the traditional password manager by eliminating the cumbersome master password—a major barrier to adoption. Many users find it difficult to remember a strong master password, often resorting to writing it down, compromising security. Instead, we developed a more user-friendly solution: dynamic access via QR code scanning. The phone app securely holds the user’s encryption key in the background, while the QR code identifies the laptop, providing instant multi-device access with robust security, which is also 2FA by default because of the possession of the phone. Because every authentication creates a unique browser session, it cannot be replicated.
How do you see the future of password management evolving with the rise of biometrics and passwordless solutions?
Nettoken is, at the core, a ‘password manager’ because despite more prominent players’ efforts to go completely passwordless, an average internet user still deals with no less than 150 online accounts with usernames and passwords under their name. However, these credentials are not just something to be safely – and passively – stored; they also reflect the digital identity we have created over the years. Our ultimate goal isn’t just to provide a better password manager for the general public today but to raise their digital footprint awareness through a visual understanding of all the accounts and services they signed up for and manage them with less hassles. Even if all of these accounts went passwordless tomorrow, users would still need that overview to know what they have on the internet, no matter the authentication method used. We did our part in making Nettoken’s registration and login passwordless and ‘zero knowledge’, and we can adapt at any time should FIDO password-less standards become more widely used.