When Jennifer Lawrence’s iCloud account was hacked and photos were leaked in August 2014, companies like Apple heard the call for using stronger cyber security authentication tools to protect their customer’s data. One such tool, which could have protected iCloud user accounts, is Strong Authentication, otherwise known as two-factor authentication.
Strong Authentication replaces a simple userid and password with a combination of userid and password plus some kind of token. The token could be a cell phone or device, like a Cryptocard which receives a code sent from Apple or Twitter. For enterprise applications, the token could be a cell phone’s serial number (IMEI) or user’s thumbprint.
Strong Authentication is not a novel security technique. Companies have employed Strong Authentication when offsite employees connect via VPNs to corporate networks. But Strong Authentication’s expansion has been slowed by the perceived complexity and high costs of installing and deploying such systems.
4 Security Startups Decrease Cost and Complexity of Deploying Strong Authentication
To simplify deployment and lower costs, several startups have developed new products targeting businesses hoping to combine Strong Authentication with other detection and monitoring tools:
Duo Security provides two-factor authentication for cloud and on-premises applications. Duo Security stresses the ease of deploying their product to protect users’ data and applications. Due Security’s clients include Bechtel, Facebook, NASA, Random House, Toyota, and Box.
- DataFox Score: 1032
- Location: Ann Arbor, MI
- Total Funding: $19 million
- Recent Funding: $12 million in September 2014
- Investors: Benchmark Capital; True Ventures; Google Ventures
CertiVox has developed M-Pin, a product enabling users to log into websites with a pin and doing away userids and passwords completely. Certivox One uses its own encryption algorithm, as opposed to most companies utilizing openSSL encryption, and recently deployed open-source software. CertiVox’s clients include Intel, Experian, and the US Air Force.
- DataFox Score: 1002
- Location: London, UK
- Total Funding: $17 million
- Recent Funding: $8 million in March 2014
- Investors: NNT DOCOMO Ventures; Octopus Investments
Nok Nok Lab builds its products around a new protocol known as Online Secure Transaction Protocol (OSTP). OSTP will replace combinations of user ids and passwords with strong authentication devices such as browser plugs or device chips. OSTP is targeted toward financial transactions, though its scalable for the Internet of Things. Nok Nok Labs’ backers include security industry veterans from PGP, Netscape, and PayPal.
- DataFox Score: 954
- Location: Palo Alto, CA
- Total Funding: $44 million
- Recent Funding: $8.3 million in December 2014
- Investors: ONSET Ventures, Lenovo, DCM, Raven Venture Partners, DDS
LaunchKey provides a “multi-factor authentication and real-time authorization platform” for mobile devices, websites, kiosks, vehicles, and industrial equipment. Launch Key’s product works best with the Internet of Things, such as newly developed internet-connected automobiles and health monitors. Launch Key recently raised $3.8 million in new funding and indicated it was beginning pilot tests with multiple Fortune 500 companies.