Terms of Use for Passwordless X1280 Software
Table of Contents
- Introduction
- Software Description
- Software Composition
- Distinction Between Users
- Scope and Consent for Server Software Use (For Online Service Providers)
- Obligations of Service Providers Using Server Software
- Scope and Consent for Mobile App Software Use (For Online Service Users)
- Obligations of Users Using the Mobile App
- Limitation of Liability of Software Provider
- Privacy Protection
- Intellectual Property Rights
- Governing Law and Jurisdiction
- Contact Information
1. Introduction
Welcome to the Passwordless X1280 software provided by the Passwordless Alliance. We offer this software for free to address the societal issues caused by user passwords. This software consists of the Passwordless X1280 Mobile App and the Passwordless X1280 Server.
2. Software Description
The Passwordless X1280 software is developed based on the passwordless standard technology established as X.1280 by the International Telecommunication Union (ITU). Unlike existing authentication technologies, Passwordless X1280 allows users to authenticate to online services without entering passwords. Instead, the online service submits an automatic password to the user, which the user verifies using their smartphone.
The Passwordless X1280 Mobile App is installed on the user’s iPhone or Android phone, generating and displaying an automatic password for the user to compare with the one provided by the online service. If the passwords match, the user approves it using their biometric information, granting access to the online service. The user approval generates an authentication value sent to the Passwordless X1280 Server for verification.
When a user accesses an online service, the automatic password approval through the Passwordless X1280 App replaces traditional password entry, enabling passwordless login. The automatic password changes each time the user logs in, eliminating the need for password management.
It is a unique mutual authentication technology that allows users to verify the legitimacy of the online service and vice versa using smartphone biometric technology. Traditional biometric authentication only verifies the user, whereas this technology allows out-of-band biometric authentication using the smartphone’s biometric sensor even on devices without such sensors, like PCs or smart TVs, offering a cost-effective solution.
3. Software Composition
Passwordless X1280 software comprises a mobile app and server software, referred to as Passwordless X1280 Mobile App and Passwordless X1280 Server, respectively.
4. Scope and Consent for Server Software Use (For Online Service Providers)
The Passwordless X1280 Server is available for use by entities providing online services (individuals, corporations, government agencies, etc.) with a legitimate business license or legal status to offer online services. However, to install the Passwordless X1280 Server, one must be a member of the Passwordless Alliance and receive installation key approval from the Alliance. All online services can operate the server by registering the installation key with the Passwordless X1280 server.
5. Obligations of Service Providers Using Server Software
Online service providers are responsible for all aspects of integration and operation of the Passwordless X1280 server software, including any defects or issues arising during operation. By agreeing to this, they may use the Passwordless X1280 server software.
6. Scope Limitation of Server Software Use
While the Passwordless X1280 software is free, it is only for B2C or G2C services, targeting customers or members. It cannot be used for internal employees or contracted external entities. Usage as an authentication method for internal employees or contractors is prohibited.
7. Scope and Consent for Mobile App Software Use (For Online Service Users)
The Passwordless X1280 Mobile App is available for consumers, customers, or members using online services. It must not be used for employees under employment contracts or external suppliers contracted to provide goods or services.
8. Obligations of Users Using the Mobile App
The Passwordless X1280 App includes advertisements that users must view to use the service. Google AdMob service provides these ads, including Google’s related advertising tracking. To link specific online service IDs with the app, users must scan the registration QR code or enter the registration code provided by the online service. The app can manage multiple IDs from various online services.
By linking multiple IDs to the Passwordless X1280 app, users benefit from password management freedom. Future updates will offer a subscription service to remove ads. Users must maintain biometric information on their smartphone and remember the app’s PIN code. If biometric authentication or the PIN code is lost, users cannot use the app and must bear any resulting responsibility.
Passwordless Alliance cannot restore linked IDs and information if the smartphone is lost, as authentication keys are split between the service and the smartphone. Users are responsible for the inconvenience caused by smartphone loss or app deletion and must re-register with the online service.
9. Limitation of Liability of Software Provider
The Passwordless Alliance is not responsible for restoring linked IDs and information if the smartphone is lost. We strive to eliminate software vulnerabilities but cannot guarantee security beyond those in the mobile app and server. The Passwordless X1280 software is provided as is, and we are not liable for any accidents or damages caused by its use. Compensation for paid subscribers will not exceed the monthly subscription fee.
10. Privacy Protection
The Passwordless X1280 app does not require user registration, so we do not store any personal information. Neither the mobile app nor the server holds personal data, only storing information necessary for service operation.
11. Intellectual Property Rights
The Passwordless X1280 software is the intellectual property of DualAuth, licensed to the Passwordless Alliance for redistribution. Unauthorized use, modification, or decompilation of the software beyond the terms of use is prohibited.
12. Governing Law and Jurisdiction
These terms are governed by and construed in accordance with Swiss law. All disputes related to these terms will be subject to the exclusive jurisdiction of the Swiss courts.
13. Contact Information
For inquiries regarding these terms, please contact the Passwordless Alliance legal team at Legal@passwordlessalliance.org.