Diego Valsesia

ToothPic provides solutions on technologies for the recognition of photographic devices.ToothPic’s mission is turning every smartphone into a secure and user-friendly key for user authentication. ToothPic is an official university spin-off of Politecnico di Torino, a major engineering school in Italy and Europe, and is incubated in the universityincubator I3P, recently recognized by UBI Global as the best public incubator worldwide. ToothPic was founded by a team of 4 researchers and professors from Politecnico di Torino, and in 2018 received a seed from VV3TT, an Italian Venture Capital fund dedicated to Technology Transfer from public research. ToothPic technology is protected by 4 patents, and won several prizes in competitions dedicated to startups and twice the Seal of Excellence issued by the European Commission. ToothPic’s target is the market of authentication systems. Its technology recognizes the unique pattern of invisible imperfections that characterize smartphone cameras to protect cryptographic keys stored on devices, that are commonly used for user authentication, digital signature, blockchain related applications. The additional layer of security represented by this random unclonable feature can be obtained with no additional hardware and related costs. A Software Development Kit has been developed for Android and iOS. It can be integrated into existing third-party apps and authentication systems, allowing the device possession verification by (de)obfuscating asymmetric cryptographic keys. Users’ credentials are not stored in a centralized service provider server - representing a single point of failure exploitable by an attacker, but they are distributed on users’ devices. Hence, an adversary willing to violate those credentials should target each single user device, facilitating for service providers the migration from an on premises architecture to the cloud, because they don’t need to manage sensitive users credentials, but only their public key.