View all Insights

Feb 24, 2022 / 3 min read

Introducing Uplink

Share your data, not your password

By removing Atomic’s infrastructure as a middleware between the user and the payroll system, Uplink is a leap forward for the privacy, conversion, and coverage of payroll connectivity.

The future of data portability

Atomic believes that the future of payroll connectivity is going to be fundamentally different than it is today. Data portability will be enabled through standardized authorization protocols, such as OAuth. This transformation will be accelerated by consumer demand for financial products, encouraging collaboration between Atomic, financial institutions, and payroll providers.

The portability of banking data has followed a similar transformation, one that initially faced criticism from top banks. Months later, those same banks followed their criticism with financial backing and a data sharing agreement that included an API to support the use case.

The keystone to this transformation is technology that protects consumers, employers, payroll providers, and financial institutions. Atomic invented Uplink to bridge the gap between where our industry is now, and where it will inevitably arrive.

The current state of authentication

The current state of authentication

The pattern established in our industry is architected such that a user’s device transmits credentials to a third-party system, and the third-party then establishes a session with the payroll system. This approach does not always implement open standards for access delegation.

Uplink is secure delegated access

Uplink is secure delegated access

Uplink is designed to disrupt the traditional model by creating a direct connection between the user’s device and the payroll system. By exposing Atomic’s decision engine directly to the user’s device, Uplink delivers on a main pillar of OAuth, wherein users share information with third-party applications without sharing credentials.

Uplink in action

Uplink in action

Using native device recognition, time and effort to authenticate is dramatically reduced, while security is heightened.

An upgrade to security, coverage, and conversion

User’s credentials stay on their device

Since the account authentication happens on the user’s device in an OAuth-like approach, Atomic has no need to ever receive the credentials. The session is established directly between the user’s device and their payroll provider. The best way for us to secure credentials is to never receive them.

  Improved security.

Real password-manager support

Payroll connectivity vendors, including Atomic, have been unable to offer true password manager support. Since the user is technically not on the payroll system’s domain or app, password managers are unable to use domain matching to autofill the credentials. The user experience turns into manually browsing a list of all credentials within their password manager rather than autofill technology working as you’d expect. Uplink overcomes this challenge by using the payroll system’s native authentication system. Password managers natively recognize the domain and are able to properly autofill credentials without added friction.

  Increases conversion rate.

Hardware authentication friendly

FaceID, TouchID, YubiKeys, you name it. There is a growing number of hardware solutions for a device to prove itself. With the authentication happening on the actual device, Uplink is the only payroll authentication technology in the industry to support hardware authentication.

  Increases coverage & conversion rate.

Employer VPN compatible

Being an intermediary between the user and the payroll system has historically prevented user’s from automatically sharing their payroll data if their employer enforces VPN connectivity as a prerequisite to data access. Uplink expands employer coverage and enables these users to share their data while respecting the measures employers have taken to protect company resources.

  Increases coverage.

Native device fingerprinting

Upon establishing connectivity on behalf of a user, our cloud infrastructure is occasionally recognized as a new device. This can trigger outcomes such as confusing alerts or additional authentication challenges, both of which add intentional friction to the consumer completing their goal. With Uplink, the user’s device is recognized as the device already on file, eliminating the need for confusing alerts or extra security challenges.

  Increases conversion rate.

Familiar authentication experience

With and without Uplink
Atomic offers a consistent authentication experience across all payroll providers. With Uplink, we’re also able to optionally offer the payroll provider’s native experience and learn which experience leads to higher conversion rates. For example, in the event that a payroll system’s authentication experience is not designed for mobile devices, we can use our mobile-optimized user experience. On the other hand, if presenting the native and familiar Google sign-in flow leads to an improved outcome, then Uplink allows us to get out of the middle. The user can continue to use the flow they’ve likely navigated dozens of times before.

  Increases conversion rate.

How do you get Uplink?

By simply installing our native SDK for Swift, Kotlin, Flutter, or React Native, you have everything you need to be a part of the future of payroll connectivity.