Identity Protection

PrayMore user accounts offer a high amount of flexibility and scalability while maintaining a transparent experience to users.  We have made the design decision to never store passwords or allow direct authentication into PrayMore.

PrayMore leverages global authentication providers to make sure a person is who they say they are.  At the moment we use Apple, Google and Microsoft to authenticate that the person is really the person attached to a specific email address.  The providers (Apple, Google and Microsoft) have spent billions of dollars in infrastructure to be trusted in the identity space.  PrayMore is allowed to offer a secure service as a result of these companies and their investments.  

When a user tries to use the PrayMore application for the first time, they are asked to authenticate.  When the user authenticates, PrayMore receives the user's Name and email address from the provider.  The only information that the provider receives is that the user has used PrayMore to authenticate.  No other information about the user is exchanged.  At this point, because there is a high level of trust between the provider and the user AND there is a high level of trust between PrayMore and the provider.  There is now a high level of trust between the PrayMore and the user.  At this point, PrayMore has concluded its business with the provider and the user's device becomes trusted as belonging to that user.

Because very little information is exchanged between the Identity Provider and PrayMore, the user's privacy continues to be protected.  Identity theft is not possible through this model.