I’m excited to announce we have a WordPress plugin that is now ready for beta testing, which takes only a few minutes to implement and for your website to start getting new users.

Why would you want it? If you run a WordPress website, and you want users, but you’re concerned about the impact of a privacy breach, we’re a solution worth trying.

How does it work? We can vet users to any level of compliance you require. We can check to see that they’re 18 or 19 years old for example. We can verify where they live. We can verify they are not known money launderers or terrorist financiers, if you’re a money service business or in a high risk industry.

If you don’t need us for compliance, or attribute verification, but just want access to our userbase so they can also become your users, our service is free to use.

If you’ve logged into WordPress before, the below screenshot looks familiar, however note the addition of “Login with OpenID Connect” which will be added when you’ve integrated with us.

Once you click on the OpenID Connect link, you’re brought to the ID VPN Login:

Any users coming in from our WordPress plugin will be assigned a virtual ID on your platform. For example, if Jim Smith agrees to be user on your system, ID VPN may assign them a name like “Jennifer McBride” on your system, while verifying any compliance claims you require. This means that if, or when, your WordPress website is ever hacked, you aren’t really concerned and neither are your users, as you don’t have the real names or ID attributes in your system.

In the example below, you can see that once I logged on to ID VPN, for this WordPress installation it has generated me an email that will forward to my real email address, and it’s assigned me a name of “Grace Hayashi”. The owner of this website will never know me as anything other than Grace, and if/when this website is hacked, the attackers will only know me as Grace Hayashi.

For the techies reading this, we do this by implementing OpenID Connect (OIDC) using pairwise hashing. This means that if law enforcement ever come to you because they see suspicious activity from “Jennifer McBride” on your system, you would redirect them to us where our lawyers would ask for a production order, in which case we could identify Jennifer McBride as Jim Smith, thus ensuring you’re in compliance with all regulatory laws.

How big of an issue are WordPress breaches? Here are a list of WordPress vulnerabilities as of late, and note this is just with WordPress itself, not plugins. According to statistics from 40,000+ WordPress Websites in Alexa Top 1 Million, 73.2% of the most popular WordPress installations are vulnerable. They are vulnerable to exploitable vulnerabilities that can be detected with free automated tools, within seconds. It is surprising how most of them haven’t been hacked yet.

If those figures are not disconcerting, I don’t know what is. While there are a lot of solutions to help you automate patching and security updates, why not de-risk yourself from privacy breaches by learning how to operate without storing the personal information of your users.

It’s as simple as that. If you run a WordPress website and want to give us a try, or have any questions about the service, email kris@idvpn.ca and I’ll get back to you within one business day.


0 Comments

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.