Investor Deck

Executive Summary

Pain Point

In a world where data security is more important than ever before, it is vital for anyone connected to the Internet to maintain highly secure passwords. The problem is that the strongest passwords employ the culmination of many characters, numbers, symbols, and are created without words - something that people can’t easily remember. To make matters harder, passwords should be different across all websites. In a survey consisting of 103 responses, over 95% of people indicated that they need to remember passwords for over five different online services.

Solution

PassCrypt is a decentralized password manager that enables its users to generate, store, backup, and autofill their passwords like traditional password managers but with increased security and an emphasis on ownership of stored passwords. When people no longer are required to memorize their passwords, they are free to use extremely long and complicated passwords for every website they visit.

Intellectual Property

The PassCrypt name can be trademarked and all its written materials copyrighted. While there is little chance of patentability with software, the storage/retrieval processes could be patentable.

Competitive Advantage

While the concept of a password managers isn’t novel, the world has never seen the full capabilities of a decentralized solution. The biggest problem with current password manager solutions is that they are all private companies with a central point of failure and vulnerable to hackers.

PassCrypt’s competitive advantage is in that it is decentralized. All passwords are encrypted before getting sent to a publicly managed network managed by thousands of nodes, commonly referred to as the blockchain. With this model, there is no central point of failure and users retain ownership of their data, since only they know where on the blockchain their information resides. For these reasons, PassCrypt can claim 100% uptime, something that no other competitor can.

Development Status

The first alpha version of PassCrypt has been tested and vetted. This version demonstrates a proof of concept and is the minimum viable product for this venture.

Next Steps

BETA LAUNCH: Once the PassCrypt software has been fully developed with all bugs fixed, development will shift to working on both the Google Chrome browser extension for even easier autofilling and the iOS and Android mobile apps. The beta launch is slated for Q3 2018 and will be limited to the University of New Hampshire’s network of students, faculty, staff, and alumni.

PUBLIC LAUNCH: PassCrypt will remain in beta until the mobile apps, software, and browser extension is ridden of bugs. At this point, a public launch is set for Q1 2019.

EXIT: PassCrypt’s early investors will be able to sell their PassCrypt tokens during the ICO that will launch with the public release.

Report for the Holloway Championship

1. Problem: Our lives are quickly integrating with the online world. We now store our dearest memories, manage our finances, socialize, shop, book vacations, and even control the heat in our homes from our devices. While the number of accounts grows exponentially as this integration progresses, we do not properly protect ourselves online. Passwords are the only piece of information guarding this personal information and, with our highly limited memories, we create and reuse simple passwords. We also tend to use them over extended periods of time without changing them. Those who use password managers can use much more secure passwords but are still exposed to unnecessary risk because they are trusting private corporations with their sensitive information, which is all stored on their centralized servers that are prone to downtime and are common targets of hackers. People buy insurance, have police officers, locks, and home-security systems to protect their physical lives. Online protection can be made even simpler. It does not take an army to protect our lives and identities: just one secure key to this world.
2. Solution: PassCrypt’s approach to achieving maximum security in today’s digital world is to store passwords on a blockchain (reference this video for an in-depth explanation of this technology). Put briefly, a blockchain is a decentralized database of information publicly available to and managed by all, rather than a centralized database that only one entity controls. While the idea of publicly storing passwords may sound bizarre, passwords stored on a blockchain are encrypted, where decryption is computationally infeasible. As is the case with any password manager, these passwords are secured with a private key which needs to be stored securely, as their private key is what enables decryption of their hashed passwords. There are a wide variety of asymmetric hashing functions, all of which are extremely secure, and many backed by the U.S. government. For example, fifty supercomputers that could check a billion billion (1018) keys per second (if such a device could ever be made) would require 3×1051 years to exhaust every single possible key generated by the AES algorithm. PassCrypt not only merely secures passwords, but it also helps to generate secure passwords, alert the user if any password has been compromised, and encourages the user to frequently change their passwords.
3. Competitive Advantage: Current password managers store their customers’ passwords on a single server. If the server locks up or there is an outage, their customers will be unable to access their passwords. The PassCrypt team believes that it is important for online users to be able to not only properly protect their online lives and identities, but to also have access to their passwords (and, in turn, their accounts) 24/7/365. This is made possible through the Ethereum network, which is comprised of more than 20,000 nodes. A node is any computer using its processing power to maintain the network. In addition, current password manager users must remember their master password. PassCrypt wants to simply this for their users by removing that requirement. Instead of requiring a master password, users authenticate with their Ethereum wallet (could be physical or virtual). PassCrypt offers a more secure, accessible, and simple to use platform for internet users to protect their lives and identities online.
1. There are similar blockchain password manager platforms on the market, but they are lacking key features and are being managed by non-transparent and untrustworthy teams. Developers around the world are currently trying to apply blockchain technology to anything and everything. The key to coming out on top in this market is to be first to successfully market with a well-developed product to establish market dominance before others have a chance. Google was not the first search engine, but their ability to successfully develop and market their product made them the biggest search engine today.
4. How does it work? PassCrypt is a software application for desktops, mobile phones, and browsers, meaning its users can access their data and automatically log into sites by having the browser extension autofill username and password fields automatically. PassCrypt facilitates the generation, management, and storage on the Ethereum blockchain.
1. To interact with the Ethereum network, a user must have an Ethereum wallet. As such, users are prompted to link their Ethereum wallet after downloading PassCrypt (linking their wallet doubles as a means for payment). A wallet consists of two things: a public key, which is analogous to a bank routing and account number, and a private key, which is analogous to the password to their online banking account. Users will either use their own Ethereum wallet to sign into PassCrypt or use PassCrypt to generate a new wallet for free. They will then begin to store their passwords, with the option of using PassCrypt’s password generator to create brand-new, highly-complex passwords. PassCrypt stores their data locally for free with the option to backup their passwords to the blockchain for a fee. The incentive of backing passwords up to the network is that they can then be synchronized across multiple devices and will be retrievable all the time.
2. Where passwords are highly sensitive data, it is important that they cannot be viewed by just anyone. PassCrypt achieves industry-grade security through cryptography. Each password is encrypted on the user’s machine with their public key before being sent to the blockchain and becoming anonymous in its permanent home on the network. When the user wants to fetch their passwords, PassCrypt retrieves the encrypted passwords from the blockchain and decrypts them with their corresponding private key.
5. N/A
6. Market: Where bitcoin is the most widely used cryptocurrency, its user base can be studied for a benchmark of our immediate target market. Currently, there are approximately 28.5 million bitcoin wallets that hold a non-trivial balance (more than 0.001 BTC), according to data compiled by Bitinfocharts.com. Since most bitcoin users have several bitcoin wallets and use multiple wallet addresses, the number of bitcoin users is likely less than that. To establish a lower-bound estimate, the most popular bitcoin wallet and exchange provider, Coinbase, reportedly has over 13 million users, suggesting that the number of bitcoin users is somewhere between 13 million and 28.5 million. Using a conservative estimate of people familiar with blockchain, PassCrypt’s short-term market size is 20 million users. If PassCrypt can capture 5% of this market, its client base would be one million people. The market for the product is quickly growing and PassCrypt’s total addressable market is anyone with more than one password online.
7. Revenue Model: PassCrypt is free to all users. The software will generate highly secure passwords and store them encrypted locally. If a user wishes to have passwords synced across multiple devices, they must back them up on the blockchain. Backing up to the network also protects the user if their local machine gets stolen or crashes. Whenever users want to either backup or retrieve a password, they will pay a single fee. This fee is composed of two parts: a mandatory service fee that is required by the Ethereum network to process the transaction of information and the commission fee that is paid directly to PassCrypt. The first fee is paid to miners of the Ethereum network, whose computers do the actual data processing and supporting of the Ethereum network and cannot be avoided - it can be understood as a bank transfer fee that is required to send money from one account to another. The second fee is PassCrypt’s revenue driver; it goes directly into PassCrypt’s business Ethereum wallets. This fee is set to 10¢ per password. For example, if a user wishes to backup 10 passwords and the network transaction fee is 50 cents, they pay $1.50; that is, 50¢ to the Ethereum network and $1.00 to PassCrypt. Assuming half of our short-term user base backs up and retrieves five passwords per month (based on PassCrypt’s monthly password refresh prompts and our survey showing over 95% of adults manage 5 or more passwords), PassCrypt captures annual revenue of $250,000 with our short-term market.
8. Sales and Distribution: The team can get the word out about PassCrypt’s password manager solution by promoting both on social media and in person. PassCrypt is strategically positioned to hit the market at the right time while blockchain technologies are exploding in popularity. Some of PassCrypt’s differentiating features include a password generator, daily security check-ups, around-the-clock monitoring of breached passwords, and its superior user interface. By promoting this powerful solution, people will begin to understand the indispensable value and security PassCrypt provides them. Because the software is free to use with optional fees for backing up, any user can test the product before spending any money. Where Reddit is the home for the cryptocurrency community, its subreddits provide highly valuable marketing channels. For example, a single post to the Ethereum subreddit alone could generate up to 300,000 impressions. Other subreddits include Ethdev (with 10,000 subscribers), Cryptocurrency (with 600,000 subscribers), Blockchain (with 26,000 subscribers), Compsci (with 200,000 subscribers), and Technology (with 6,000,000 subscribers). In combination with social media, well-placed blog posts, articles, and participating in, exhibiting at, or sponsoring blockchain conferences would be great for marketing PassCrypt. In-person marketing is also highly valuable. The team will begin suggesting it to the students and faculty at UNH and to local businesses.
9. Team: Dylan Wheeler is a sophomore information technology and philosophy student with a focus in business administration. He has been programming for over eight years, owns his own software company, and has a growing interest in developing decentralized applications using blockchains. Dylan is an associate of the Rines Angel Fund. Both an entrepreneur and an investor, he has seen both sides of startups and understands what makes a good company. He participated in the Holloway Competition in 2017 as a freshman with his professional development logging tool, Loggit, and has since become profitable. His role on PassCrypt is front-end developer.
1. Colin Small is a sophomore computer science major. He is from Los Altos, California, in the heart of Silicon Valley. He most recently interned at an aerospace startup, Astro Digital, as a mechanical engineering intern. Previously he interned at an electric bike startup, also as an engineering intern. Like Dylan, he is a member of the university’s Rines Angel Fund. He has 4 years of programming experience through university courses, separate online courses, side projects, and hackathons. His role on PassCrypt is front-end developer.
2. Brandon Bryant is a graduate student studying data science at the University of New Hampshire. Brandon has a B.S. in computer science and has experience writing smart contracts and code on top of the blockchain technology. Brandon’s senior year capstone project was to build a multi-platform application to run on Android, iOS and desktop. Brandon and the team have all the skills necessary for making PassCrypt a great piece of software. His role on PassCrypt is back-end developer.
3. Angela Tidd is a senior Business Administration major at the University of New Hampshire. She has had three internships in different companies and sectors. Having been on both the business and technology side of companies, she has developed a keen awareness of what it takes to build a technical product with the end customer in mind. Her role on PassCrypt is strategy.
4. Professor Russell Miles has 25+ years of experience working in operations and supply chain management at leading companies such as GE, Lockheed-Martin, Honeywell, Exelon, and Citibank. He is currently a full-time faculty member at the University of New Hampshire where his focus has been on connecting teams of business students with companies to work on “real-world” capstone projects. He holds a BS in Mechanical Engineering and an MBA from the University of New Hampshire. He holds an advisory role on the PassCrypt team.
10. Sources: The team has used their experience with passwords, existing password managers, and their backgrounds in computer science to help identify a real problem and to build the solution. After reaching out to members in the UNH community and others, the team has been able to determine that over 95% of respondents have over five passwords with 98% of respondents saying they reuse passwords and 87% having forgotten a password this year alone. While still a very new concept, the team is constantly working on new ways to understand the market and to realize any expansion possibilities.
11. Go-To-Market: The process of adopting a customer to PassCrypt is four-fold. First, customers must be attracted to PassCrypt through marketing efforts. Then, a customer will begin to use the software to store their passwords for free. This gives the customer the opportunity to become familiar with the platform and its features. The third stage is when a customer pays for the password management and backup services. The final stage is maintaining that customer relationship and experience in such a way that PassCrypt develops loyal customers.
1. To successfully reach that third stage of the customer adoption process, the PassCrypt team understands that there needs to not only be targeted marketing efforts and a great platform for customers to interact with, but a deep understanding of customer needs. As these first potential PassCrypt customers use the platform, PassCrypt will need to be develop relationships with them that enable the company to become privy to their feedback, questions, and concerns. This will allow the company to be agile by adjusting its outreach to potential customers and the features of the platform. The costs that PassCrypt will incur prior to earning significant revenue are minimal. The costs will be those related to hosting the site, HubSpot’s marketing services, and legal fees.
12. Scaling: Scaling PassCrypt will be essential to its ability to continually expand its customer base and provide value to customers. PassCrypt’s primary revenue driver comes from users backing up their passwords; therefore, a marketing effort to emphasize the importance of frequently-changed passwords is of utmost importance. Once the public version is launched during Q1 2019, additional customer support will be hired along with sales representatives and a CMO. The company is heavily focused on growth for the next 12 months and will need to hire additional personnel to help achieve the rate of user growth the company anticipates. Eventually, PassCrypt plans to increase salaries for the team, provide a return to investors, increase marketing efforts, and explore new features for customers while seeking strategic partnerships. Since PassCrypt is utilizing a decentralized network, there is no need to upgrade the servers or increase the number of databases used.
1. PassCrypt’s geographic footprint will expand with the business. Although the company will be advertising heavily online to a wider audience, it is likely that the initial customer base will be strongest in New England where the team is located. Operation expenses will not change due to the nature of a decentralized solution (there is no infrastructure to grow or maintain other than a website).
13. Potential Scale: The number of bitcoin users is somewhere between 13 million and 28.5 million (see response 6). Using a conservative estimate of people familiar with blockchain, PassCrypt’s short-term market size is 20 million users. If PassCrypt can capture 5% of this market, its short-term client base would be one million people. The number of bitcoin wallets is currently increasing by an average of 16,800 per day according to data compiled by Blockchain.info. PassCrypt’s long-term market is any internet user with more than one password, which is estimated to be over four billion people globally by InternetLiveStats.com. If PassCrypt can capture 1% of the global market, its user base would total 40 million users. PassCrypt can begin to tap into this global market by Q3 2019.
14. Fixed Expenses: PassCrypt’s only fixed expense is the monthly hosting cost for the PassCrypt website, where users can download the PassCrypt application and contact the team. Hosting costs vary depending on the choice of provider. For GoDaddy, domain name and hosting costs will be under $150 per year. Digital marketing costs are harder to estimate, as fees range highly from freelancers to established marketing agencies. Using HubSpot’s “Basic” tier of services, PassCrypt would pay $2,400 annually for their services (including SEO, blog and content creation tools, social media and email marketing tools, and more). The team would be issued small salaries but would be primarily working for equity in the company. Future hires would experience a normal salary.
15. Financial Resources: The financial resources that the company would seek to assemble to launch, scale, and operate PassCrypt would be from the Holloway Competition and potential private investors. The founders of PassCrypt would seek these private investors through current connections and networking both online and in person. As the blockchain community expands, there are many active groups of people that would serve as great resources to the company. Depending on the specific expectations of the private investors that invest in PassCrypt, they would be compensated with five times their original investment once the company is financially stable and profitable. The exact agreement in term of return and criteria for payback would be determined on an individual basis.
1. PassCrypt is also exploring issuing an Initial Coin Offering to the public for investment purposes once initial investors have had a chance to go after a seed round. The team would be paid in the PassCrypt token, which would incentivize demanding work. Investors of the coin would see the coin appreciate, assuming PassCrypt grows as expected. ICOs function very similarly to publicly traded stocks, except instead of issuing stock, PassCrypt issues PassCrypt tokens.
16. Top Risks:
1. Building on top of the Ethereum network
1. A potential consequence of PassCrypt living in the Ethereum ecosystem is being victim to the problems that could potentially plague Ethereum as a platform including network fees and scale. To mitigate risk, PassCrypt’s codebase will be platform-agnostic. Should Ethereum fail, it would be easy to switch to another public blockchain, further enhancing our platform’s survival.
2. Lack of blockchain adoption
1. There is a tradeoff between security and convenience, and this is especially true in software. PassCrypt and other blockchain applications lean more towards security than convenience. As such, one of the biggest threats to PassCrypt’s success is the average person not caring about the security benefits that are gained through using the application. PassCrypt’s marketing campaign will focus on educating consumers on the essentiality to focus on security over convenience in this digital age.
3. Competition
1. There are a handful of projects that are trying to solve this same problem. However, there are no finished products nor beta versions on the market. The idea of having a blockchain-based password manager is not patentable, so the biggest risk is another team beating PassCrypt to market. PassCrypt is mitigating this risk by taking an agile approach with its software development which will enable the company to deliver the most value to customers more quickly than competitors.

Smart Contract Code

pragma solidity ^0.4.0;

contract PassCrypt{
    mapping(address => User) users;
    struct User{
        Login [] logins;
        Contact [] contacts;
    }
    
    // The idea is to separate the username and password by a special character so they must use or 
    struct Login{
        //figure out the right length based on hash
        bytes32 website;
        bytes32 username;
        bytes32 password;
    }
    /*
    struct Contact{
        // figure out the right length based on hash
        bytes32 firstAndLast;//?
        bytes32 number;
    }
    */
    function PassCrypt() public {}
    
    function saveLogin(bytes32 website, bytes32 username, bytes32 password){
        User storage sender = users[msg.sender];
        bool existingLogin = false;
        //Check to see if login is already saved
        for( uint i = 0; i < sender.logins.length; i++){
            if( sender.logins[i].website == website){
                 sender.logins[i].username = username;
                 sender.logins[i].password = password;
            }
        }
        // New login
        if( !existingLogin){
                sender.logins.push(Login({
                website:  website,
                username: username,
                password: password
            }));
        }
    }
    
     function getLogin( bytes32 website) public returns(bytes32 password, bytes32 username){
        User sender = users[msg.sender];
        for( uint i = 0; i < sender.logins.length; i++){
            if( sender.logins[i].website == website){
                return(sender.logins[i].password, sender.logins[i].username);
            }
        }
        return;
    }
}

Income Statements Years 1-5

Logos and Iconography

Other Resources

PassCrypt - Google Drive

drive.google.com