Try Now

Passwordless X1280 Software Terms of Use

Table of Contents

  1. Introduction
  2. Software Description
  3. Software Composition
  4. Classification by User Type
  5. Server Software Usage Scope and Service Agreement (For Online Service Providers)
  6. Obligations of Service Providers Using Server Software
  7. Mobile App Software Usage Scope and Usage Agreement (For Online Service Users)
  8. Obligations of Users Using Mobile Apps
  9. Limitations of Software Provider Liability
  10. Privacy
  11. Intellectual Property Rights
  12. Governing Law and Jurisdiction
  13. Contact Information

1. Introduction

Welcome to the Passwordless X1280 software provided by the Passwordless Alliance. We distribute this software free of charge to address the societal issues caused by user passwords. This software consists of the Passwordless X1280 mobile app and the Passwordless X1280 server.

2. Software Description

Passwordless X1280 software is developed based on the passwordless standard technology established as X.1280 by the ITU, an international technology standards organization. Unlike existing authentication technologies, Passwordless X1280 is software that enables online services to submit auto-generated passwords to users instead of users entering passwords into online services, and allows users to verify the auto-generated passwords submitted by the online service on their own smartphones.

The Passwordless X1280 mobile app is installed on the user’s iPhone or Android phone. It generates an automatic password within the app and displays it to the user, allowing them to verify whether the automatic password submitted by the online service is correct. If the automatic password provided by the online service matches the one generated by the Passwordless X1280 mobile app, the user can approve the automatic password using their biometric information to access the online service. When the user approves the automatic password, a user authentication value is generated and sent to the Passwordless X1280 server. The server verifies the user authentication value and then approves the access.

Therefore, when users access online services from their PC or smartphone, instead of entering their own password, they approve the auto-generated password presented by the online service within the Passwordless X1280 app. This enables passwordless login to that online service.

Since the user’s password changes each time they log in with the Passwordless X1280 app, users no longer need to manage passwords.

It is the only mutual authentication technology that allows users to verify the authenticity of the online service they are accessing, while also allowing the online service to verify the user using smartphone biometric authentication technology.

3. Software Components

The Passwordless X1280 software consists of a mobile app and server software. They are named the Passwordless X1280 Mobile App and the Passwordless X1280 Server, respectively.

4. Scope of Use and Acceptance of Terms for Server Software (For Online Service Providers)

Passwordless X1280 Server may only be used by entities providing online services—such as individuals, businesses, or government agencies—that possess the minimum legal status required for online service provision, such as a business license. However, to install Passwordless X1280 Server, you must first join as a service member of the Passwordless Alliance. Only after receiving usage approval from the Passwordless Alliance will an installation key be generated, enabling server use. All online services can operate the server and provide Passwordless services to members by registering this installation key with the Passwordless X1280 Server.

5. Obligations of Service Providers Using Server Software

The relevant online service provider must bear full responsibility for integration and must also be liable for any defects that may arise while operating the Passwordless X1280 service, including defects in the Passwordless X1280 server software provided free of charge. The Passwordless X1280 server software should only be used if the provider agrees to this responsibility.

6. Restrictions on Server Software Usage

The Passwordless X1280 software is provided free of charge but may only be used for customer-facing services such as B2C or G2C. It must be used exclusively for customers or members and cannot be provided to internal employees, contractors, or outsourced vendors connected through contractual arrangements. Its use as an authentication method for internal employees or contractors is prohibited.

7. Mobile Software Scope of Use and Usage Agreement (For Online Service Users)

The Passwordless X1280 Mobile App is available for use by consumers, customers, or members utilizing the online service. This app must not be used by online service entities that have entered into employee employment contracts or agreements to supply goods or services.

8. User Obligations When Using the Mobile App

The Passwordless X1280 app contains advertisements, and users must view these advertisements to use the Passwordless X1280 service. We use Google’s AdMob service to deliver these ads, so advertising tracking by Google and Google-related services may also be provided. To link a specific online service ID with this app, users must scan the Passwordless X1280 registration QR code provided by that online service or enter its registration code into the app. The Passwordless X1280 app allows users to register and manage multiple IDs from various online services within a single app.

Linking multiple IDs from various online services to the Passwordless X1280 app offers the advantage of freeing users from password management. An additional feature to disable ad display via a monthly subscription service on the app store is planned for future release. When using the Passwordless X1280 app, users must maintain the biometric information registered on their smartphone for identity verification and remember the PIN code registered in the app. If the smartphone’s biometric authentication fails or the PIN code is lost, the user cannot use the Passwordless X1280 app and must bear all responsibility arising from this.

Because the Passwordless Alliance stores authentication keys separately for each service and smartphone, it cannot restore any IDs or linked information connected to online services under any circumstances if a user loses their smartphone. The user is solely responsible for any inconvenience caused by the loss of account information registered in the Passwordless X1280 app or restricted service access due to smartphone loss.

When linking an online service ID using the Passwordless X1280 app, the existing user password is automatically changed. Since the user password changes each time the user logs in with the Passwordless X1280 app, the user no longer needs to manage passwords. If a user temporarily wishes to use the online service without the Passwordless X1280 app, they can log in using the online service’s password recovery or reset function. Users are responsible for any inconvenience caused by restricted service access due to smartphone loss or app deletion. Additionally, if a user loses or changes their smartphone, they must re-register the Passwordless X1280 app with the relevant online service. We provide the Passwordless X1280 server to online services and provide the Passwordless X1280 app to users’ smartphones. We cannot determine which online service ID is linked to which Passwordless X1280 app installed on a user’s smartphone.

9. Limitations of the Software Provider’s Liability

Because the keys required for the passwordless service are stored separately only on the relevant service and the smartphone, the Passwordless Alliance cannot restore the ID linked to the online service and its associated information under any circumstances if the user loses their smartphone. We strive to eliminate software vulnerabilities to the best of our ability, but we cannot provide security beyond the vulnerabilities of mobile apps and servers. Under no circumstances will we be liable for any accidents or damages resulting from the use of the Passwordless X1280 software. We will not compensate free users under any arbitration outcome, including court orders. For paying subscribers, compensation will be limited to an amount not exceeding the monthly subscription fee for that month.

10. Privacy

Since there is no separate registration process when first installing the Passwordless X1280 app, the provider of this software does not retain any personal information. Neither the mobile app nor the server stores personal information. Only the server and app retain information about which specific online service IDs are linked to which mobile apps.

11. Intellectual Property Rights

The Passwordless X1280 software is the intellectual property of DualAuth. The Passwordless Alliance has licensed perpetual usage and distribution rights for this software and redistributes it to users and online service providers in accordance with the Passwordless Alliance Terms of Service. Therefore, modification, decompilation, or any use beyond the Terms of Service is strictly prohibited.

12. Governing Law and Jurisdiction

These Terms shall be governed by and construed in accordance with Swiss law. Any disputes arising in connection with these Terms shall be subject to the final jurisdiction of the courts located in Switzerland.

13. Contact Information

For inquiries regarding the Terms of Service, please contact the Passwordless Alliance Legal Team. Contact: Legal@passwordlessalliance.org