OpenID Connect
Standard OIDC flow — redirect, authenticate, receive an ID token. Works with any OIDC-compatible application. Learn more →
Introduction
IDToken Seal is a passwordless authentication system built by id3 Technologies. Instead of passwords or one-time SMS codes, your phone becomes your login — using a real identity document and your face to prove who you are.
The Problem with Passwords
Section titled “The Problem with Passwords”Passwords are the weakest link in digital security. They get stolen in data breaches, tricked out of users by phishing, and reused across dozens of services. Adding a second factor (SMS codes, authenticator apps) helps, but doesn’t fix the root cause: identity is self-declared. Anyone who knows the right string of characters gets in.
IDToken Seal takes a fundamentally different approach: no passwords exist to steal, and identity comes from a trusted document — not from something the user typed into a form.
What the User Experiences
Section titled “What the User Experiences”Two moments, then it’s done:
Enroll once. You scan your identity document (passport, national ID, or company badge) with your phone. The app reads the chip, verifies it’s genuine, and creates a secure digital credential on your device. This only happens once. Learn more →
Log in anywhere. When a website or service asks you to authenticate, it shows a 6-digit code. Your phone receives a push notification with the same code. You confirm the codes match, glance at the camera for a quick face check, and you’re in — under 10 seconds, no password needed. Learn more →
This works on websites, kiosks, smart TVs — anything that can display a code.
Why It’s Trustworthy
Section titled “Why It’s Trustworthy”Three things make IDToken Seal different from typical “passwordless” solutions:
Identity is document-based. Your credential is derived from a government-issued passport or an organizational badge — not from an email address or phone number. The identity document is read via NFC and its authenticity is cryptographically verified. Learn more →
Authentication is mutual. The service proves itself to you (by displaying the code) at the same time you prove yourself to the service (by confirming it). This makes phishing structurally impossible — a fake site can’t produce the right code. Learn more →
You control what’s shared. Each service requests specific identity claims. A bar might only get “over 18.” A bank gets your full name and nationality. You see exactly what’s being requested and can deny any scope. Learn more →
How Services Integrate
Section titled “How Services Integrate”For the service integrating IDToken Seal, it looks like any modern identity provider:
SAML 2.0
Enterprise SSO integration. IDToken Seal acts as a SAML Identity Provider for systems that speak SAML. Learn more →
Direct JWT
REST API + WebSocket for full control over the authentication UX. Real-time session updates, stateless token verification. Quick Start →
Digital Wallets
Issue Verifiable Credentials that users store in wallet apps and present anywhere — even offline. Ready for eIDAS 2.0 and the European Digital Identity Wallet. Learn more →
The Bigger Picture
Section titled “The Bigger Picture”IDToken Seal goes beyond login sessions. Because the identity behind every authentication is anchored to a real document, the system can also issue portable digital credentials — signed proofs of identity that live in your phone’s wallet and can be presented anywhere, even without an internet connection.
A traditional login gives you access to one service for a limited time. A digital credential is something you keep and can present to any verifier: a border agent’s tablet, an age-restricted online service, or a corporate access system. And just like login, you choose what each credential reveals.
Learn more about Verifiable Credentials →
Who Is This For?
Section titled “Who Is This For?”Developers
Integrate passwordless login with a few API calls. Standard protocols, real-time UX via WebSocket, stateless verification via JWT. Quick Start →
Security Architects
Document-anchored identity, mutual out-of-band authentication, hardware-bound keys, and an immutable audit trail. No user database to breach. Security Model →
Product Teams
Replace passwords and reduce account fraud. Under 10 seconds to authenticate. No password reset flows to build or maintain. How It Works →
Built on International Standards
Section titled “Built on International Standards”IDToken Seal combines three international standards:
| Standard | Role |
|---|---|
| ITU-T X.1280 | The authentication protocol — defines how the service and user mutually verify each other through an out-of-band channel |
| ISO 22376 (VDS) | The identity credential format — a Visible Digital Seal derived from a passport or organizational document, cryptographically signed and compact |
| ISO 22385 (ESEDS) | The trust governance framework — a PKI chain that traces certificate authority back to a recognized governance body |
Each standard handles one concern. Together, they provide passwordless authentication backed by government-grade identity trust. Explore the trust architecture →
The IDToken Seal Ecosystem
Section titled “The IDToken Seal Ecosystem”Auth Server
Orchestrates the authentication protocol. Generates codes, verifies mobile responses, issues identity tokens, manages trust. Quick Start →
Mobile App
The user’s authenticator and credential wallet. Holds the digital credential, receives push notifications, performs face verification. Learn more →
VDS Issuance
Creates tamper-proof digital credentials from identity documents — reading the chip, verifying liveness, and signing the result. Learn more →
Admin Console
Operator dashboard for managing enrollments, monitoring sessions, reviewing audit trails, and checking trust infrastructure health. Learn more →