Frequently Asked Questions

Fraud Prevention

The best way to contact us is via email. Just send us a message through our contact form, and we’ll get straight back in touch with details on pricing so you can start protecting your site from fraud.

What do they do with it?

Hackers use stolen data to attempt account takeovers, deploying automated botnets to test breached credentials against thousands of commercial web apps, mobile apps, and e-commerce sites. Once they’re in, they’ll masquerade as a genuine user to commit fraudulent activities in your website.

How do criminals obtain breached account information?

To seek out breached credentials, cybercriminals head to the Dark Web where this information is openly traded and in vast quantities. To stay one step ahead of the hackers, that’s precisely where we go too. We never pay for data, but we know where to find it.

Am I likely to fall victim to online fraud?

Sadly, the number of data breaches is on the rise, so it’s becoming more and more likely every day that your site could be the next target for the fraudsters.

I’d Like to Know

How will I know if someone attempts to enter breached account credentials?

If anybody tries to enter a breached password into your site you will automatically be notified, and that user will be blocked from proceeding and asked to enter an alternative.

How secure is the EyeOnPass API?

EyeOnPass is incredibly secure. It uses a particular version of salted BCrypt, HMAC-SHA512 hashed with a secret key, encoded and truncated, before lastly being encrypted with an asymmetric RSA-OAEP public key. The RSA private key is stored safely in an HSM on the server side to decrypt and compare the values. The API also uses a secret cryptography technique™ to make the very same password input show up as a random output string and appear like another hashing algorithm making it theoretically impossible to crack.

Am I likely to fall victim to online fraud?

Sadly, the number of data breaches is on the rise, so it’s becoming more and more likely every day that your site could be the next target for the fraudsters.

How else can EyeOnPass protect my business?

As well as at the login, EyeOnPass will stop a user from entering a previously breached password at the point of registration and password change, ensuring your site is kept secure at all stages.

Can EyeOnPass protect my site from a breached password if an existing user has already entered it?

Yes. Even if a user had entered a breached password during the sign-up phase before EyeOnPass was active on your website, this user would be unable to re-enter it the next time they log in, and you will be notified.

Where is EyeOnPass registered?

EyeOnPass is part of the Eyeonid Group AB (publ), Swedish publically listed on the Nordic MTF Stock Exchange. Our registered addresses are Eyeonid Inc 541 Jefferson Ave, Suite 100, Redwood City, CA 94063, U.S., and EyeOnText BVBA Grote Hondstraat 44, 2018 Antwerpen, Belgium.

More About Us

How can I contact EyeOnPass?

The easiest way to contact us is to send an email through the contact form on our website. Whatever your question about the EyeOnPass API, don’t hesitate to get in touch.

Where is EyeOnPass registered?

EyeOnPass is part of the Eyeonid Group AB (publ), Swedish publically listed on the Nordic MTF Stock Exchange. Our registered addresses are Eyeonid Inc 541 Jefferson Ave, Suite 100, Redwood City, CA 94063, U.S., and EyeOnText BVBA Grote Hondstraat 44, 2018 Antwerpen, Belgium.

Press and Feedback

Testimonials

If you’d like to leave a testimonial, we’d be very grateful. Please send your thoughts over to us via the contact form on our website.

I’ve got an idea!

Whether you’re keen to share your experience with EyeOnPass with us or have some suggestions as to how the service could be improved, we’d love to hear from you.

I want to review EyeOnPass

If you’d like access to the EyeOnPass API for review purposes, please get in touch with our press team.

Contact the EyeOnPass press team

For any press or media enquiries, please contact press@eyeonpass.com.

Sales Enquiries

I have specific requirements

Our sales team is fully-equipped to deal with any particular requests, large or small. Get in touch via the contact form on our website, and we’ll come back to you with a solution.

How do I contact EyeOnPass for a quote?

The best way to contact us is via email. Just send us a message through our contact form, and we’ll get straight back in touch with details on pricing so you can start protecting your site from fraud.

Security and Notifications

How will my customers/users be informed?

As soon as anyone attempts to enter breached account information into your site, they will receive an instant notification informing them that this password has been blocked and direct them to choose a safe alternative

How will I know if someone attempts to enter breached account credentials?

If anybody tries to enter a breached password into your site you will automatically be notified, and that user will be blocked from proceeding and asked to enter an alternative.

How secure is the EyeOnPass API?

EyeOnPass is incredibly secure. It uses a particular version of salted BCrypt, HMAC-SHA512 hashed with a secret key, encoded and truncated, before lastly being encrypted with an asymmetric RSA-OAEP public key. The RSA private key is stored safely in an HSM on the server side to decrypt and compare the values. The API also uses a secret cryptography technique™ to make the very same password input show up as a random output string and appear like another hashing algorithm making it theoretically impossible to crack.

How many unique passwords do you have in your database?

EyeOnPass has over 1billion passwords in its database, but this number is continuously growing.

How else can EyeOnPass protect my business?

As well as at the login, EyeOnPass will stop a user from entering a previously breached password at the point of registration and password change, ensuring your site is kept secure at all stages.

Can EyeOnPass protect my site from a breached password if an existing user has already entered it?

Yes. Even if a user had entered a breached password during the sign-up phase before EyeOnPass was active on your website, this user would be unable to re-enter it the next time they log in, and you will be notified.

Are you PCI DSS certified?

Yes. We are proud to be PCI DSS compliant and abide by the regulations governing the safe handling of all sensitive financial, and personal information.

Didn’t find what you were looking for?

Ask us a question