The latest financing, which has taken the startup’s valuation to $46.1M, is a result of BigID’s timely offering: helping companies comply with the Global Data Protection Right (GDPR) data privacy regulations. This need for compliance with a new legal framework and increasing pushback from privacy-focused consumers has changed the way software companies look at privacy solutions. It has also helped BigID move and grow fast in the global data protection market which is expected to reach $14.1B by 2025.

PC: BigID

Privacy Matters

BigID’s big idea is privacy. The startup believes that privacy is hard even for the most sophisticated companies because they have long approached privacy through policy and processes, not product.

So even as customer-preference and behaviour data is essential for any data-driven organization, privacy hasn’t been. Companies might keep customers hooked through granular data and tailor experiences for them, but structuring, mapping, analyzing this data on a regular basis is not easy. It’s highly challenging for companies to sift through large volumes of data, document it, find whose data they have, its context and the risks around in.

Big ID’s big idea is that privacy can be a product

Most of the data that companies collect contains personal identifiable information (PII). PII was initially restricted to credentials and payment card information but the expanding definition means the problem has only got worse. BigID, additionally, has discovered another shortcoming: most companies rarely have complete knowledge of this data’s location. In fact, according to a study commissioned by Gemalto, the majority of companies (55% of respondents) do not know where their payment data is located.

Large organizations collect and store huge amounts of data but it’s difficult for them to track, secure or report on this data’s history or flow. However, knowing what is customer PII data, along with who has touched it when and how, is increasingly mandated under regulatory requirements. Policy demands and compliances such as GDPR, then, mean that understanding PII is not a good-to-have but essential and crucial to a business’ future.

Putting Privacy First

BigID Founder and CEO Dimitri Sirota, who is called a “privacy expert” and is a serial entrepreneur and investor, says that the company has innovated around four core components: First, they provide companies with the ability to find whose data they have. Second, they help them find all personal data, not just PII. Third, they help them operationalize that data and finally, they help companies move from spreadsheets to data-driven processes. Previously, Sirota founded two enterprises software companies focused on security and API management that were sold to CA Technologies.

The BigID team (PC: BigID)

More elaborately, BigID’s solution uses machine learning to automate how companies track and secure sensitive data to avoid breaches and non-compliance with data protection regulations. Simply, it helps companies replace “inaccurate survey and spreadsheet-based privacy compliance with data-centric enterprise privacy management” and thus helps them meet emerging privacy and data protection regulations like the GDPR.

GDPR, in fact, a key reason why companies like BigID matter today. The regulation has made companies tighten their processes and change how they perceive data privacy, or risk paying hefty fines. As companies scamper to comply with the GDPR, BigID’s solutions have proved timely and important. While it competes with other privacy-centric companies like IBM, OneTrust, Trustarc and others, GDPR means there’s plenty of business for many.

It’s a top reason why the company has seen its latest round of funding: “With the advent of the GDPR, more companies are shifting from manual and survey-based compliance to data-centric automation and operationalization,” Ariel Tseitlin the partner at Scale Venture Partners said. “BigID’s advanced privacy automation technology provides enterprises a first-of-its-kind ability to address critical privacy requirements like right to be forgotten and data usage record keeping at petabyte scale, across any data, on-premises or in the cloud.”

But BigID believes that their solutions go beyond GDPR. As some U.S. states mull over privacy laws, Sirota has argued that because of consumers’ pushback and rejection of being unsympathetically used for sales, companies realize the need to build a privacy-centric organizations. “Our Series B round validates our unique approach to privacy management that takes into account not just what data enterprises are collecting and processing, but most importantly, whose data it is.” But even then it’s the need to be GDPR compliant that is keeping BigID occupied. Sirota told media that that it’s been “tough to keep up with demand”, that he could “double” his sales team “and still keep everyone busy” as the company partners with corporations, big system integrators, and value-added resellers.  

A meme shared by BigID on its social channels (PC: BigID)

How BigID Works

BigID’s proprietary scanning technology locates sensitive data and provides a score to measure data’s identifiability. A data inventory is built after the scan that determines the residency of the organization’s identities to make sure that the correct regulations apply. The scanning process can give a quick snapshot of stored data or help build a more holistic map of stored data. After the scan, data is classified appropriately to apply the correct security control or decide about compliance, encrypted storage, deletion, archiving, etc. The startup also helps organizations comply with right to be forgotten, document data processing, and manage risk around the data so that they could be proactive in securing it.

BigID also helps is in consent management. It manages consent of customers and employees, as well as enforces their rights over the personal data and thus allowing organizations to search, identify, segment, and amend personal data as necessary.

Sirota says that what their automation means for an enterprise is that they can move from spreadsheets to a data-driven privacy framework which allows them to better protect their information.

An equally important byproduct of this data-processing is that it helps organizations scoop more value and better insight from their data. What’s noteworthy is they do so in an ethical, safe, and secure way.

The post Helping companies keep privacy first in NY: BigID appeared first on Techweek.

Although the health-tech is a densely populated sector, higi shows a lot of promise owing to its differentiated offering. This is why, only last month, this Chicago-based startup successfully raised $21.3 million, in Series C funding from 7wireVentures and Flare Capital Partners. With this influx of capital, higi hopes to drive up its number of access points, increase consumer engagement, and grow its headcount by 25 percent in the next 12 months.

higi’s Anatomy

It’s no secret that silent killers such as diabetes and heart attack are on the rise in the US. Additionally, with an expected shortage of more than 100,000 doctors by 2030, people need to start taking their health into their own hands.

In response to this need for self-health screening, higi was founded in 2012 by Khan Siddiqui and Michael W. Ferro Jr. Roughly translated to mean “origins”, in an ancient Central African language, higi strives to be the genesis of basic health information that enables users to live and feel better. Of recent count, an estimated 47 million people have used this biometric screening platform, conducting over 271 million tests.

The higi app, commercially launched in 2015, is now the fastest growing segment of the business. It easily links with the user’s health wearable, device or app; and tracks their vital stats in real time. Also, since Americans tend to visit grocery stores or pharmacies around 1.6 times per week, higi’s 11,000 FDA-cleared health tracking stations have been placed inside such shops. These health stations are now situated within five miles of 78 percent of the U.S. population, through a myriad of tie-ups with local retailers.

Once the health assessment is complete, user data (from the app and station) is securely collated to build a unique health profile for each individual. Updated in real time, the health profile, aims to keep users aware enough to fight your craving for that heart-attack on a plate monster-burger or the sweet-terror of a chocolate cake. higi has, therefore, become one of the first & most accessible means of detecting signs of hypertension, diabetes, and other treatable health conditions.

The consumer-centric, data-driven engagement service has also partnered with CRM and care management platforms, in order to bridge the existing healthcare gap. higi, in association with Rush, has created an app that allows users to share & integrate their health profiles with the electronic health records (EHR) maintained by healthcare providers.

The value proposition seems to work out very well for higi user, Susan Webb. Her blood pressure always shoots up at the doctor’s office, owing to hospital-led stress – giving a very wrong indication of her general condition. With the higi data, she is able to easily share BP results & other health parameters across various points in time, with her doctor.

Social Media of Health Living

The biometric screening app, also seeks to be the ‘Facebook of health’. This means that users of the higi app (‘higsters’) can follow others with similar interests, keep track of their health exploits, and encourage them to reach their health goals. They can also earn points (called watts) by participating in challenges for walking, biking or even by just checking in at the higi health station. Such a social wellness networking platform was built to inspire users to reach their health resolution, through gamification.

higi for Business  

Apart from tying up with retail stores; the platform assists corporate health & wellness providers to conduct employee outreach, draw up their health profiles and measure the efficiency of existing care management programs. For governmental organizations, pharmaceuticals & life science organizations, higi generates leads and collects data for awareness programs and clinical trials respectively.

Interestingly, the biometric screening health stations are currently equipped with body composition grips, USB ports and cameras. While these features are not currently active, it’s in the brand pipeline and could be potentially chargeable features.

Today we are faced with super-long wait-times to get an appointment at the doctors’, coupled with the world’s highest out-of-insurance consult costs. Together with intuitive health platforms such as Heal, the startup ecosystem is a few steps closer to achieving the dream of accessible healthcare for all.

As Higi CEO, Jeff Bennett, put it – this really is an exciting time to grow with its customers and help healthcare systems improve consumer engagement, close gaps in care, and lower costs.

The post higi : Your Friendly Neighborhood Biometric Screening Platform appeared first on Techweek.

Prakash Sundaresan (Left) and Amit Mital (Right) during a demonstration at Finovate in 2017

Founded in 2016, Trusted Key’s leadership team comprises of Prakash Sundaresan (Founder and CTO), Amit Mital (Chairman), and Amit Jasuja (CEO). The technical credentials of the team are also strong with Amit Mital having 46 patents to his credit and Prakash Sundaresan having been the former CTO of Microsoft Asia-Pacific R&D. Trusted Key has also been active at various forums demonstrating their product and winning awards. It was also covered in the CIOReview’s “20 Most Promising Identity Governance & Administration Solution Providers – 2017”

Prakash Sundaresan with the Blockchain Education Champion Award at Blockchain Essentials in Education 2018

Trusted Key Solutions

Trusted Key’s products help in three critical areas – making KYC easier, securing authentication without passwords, and preventing frauds. A 2017 report by Thomson Reuters found that the global annual average spending on KYC is $48 million, with banks spending an average of $70 million. While passwords are the most common way of authentication, they can be compromised. Every year, billions of leaked username-password combinations are found. Identity frauds, where credentials of one person are used by an unauthorized person for financial gain, are on the rise with over 16.7 million victims and losses over $16.8 billion in 2017.

Trusted Key solves these challenges with a system that has three components – a smart phone, cryptography and Blockchain. Cryptography is a way of converting text from one form to another to disguise the information and Blockchain is a decentralized way of recording transactions. Trusted Key has developed an App which is a digital wallet where a user can log in and locally store their credentials in a cryptographically secure environment after verifying the authenticity of the credential. The App can only be accessed by entering a key or by unlocking it with a fingerprint. Currently, Trusted Key supports driver’s licences, passports and cards (credit, etc.).

An ID card being uploaded on the app

The system is very elegant. Anyone can download the Trusted Key App and create an account. The user can then upload a driver’s licence or passport to be authenticated while also providing a live selfie from the app the ensure that the identities match. Once the verification is done, a digital version of the id containing all the information is given. This is stored locally on the device and is cryptographically secure giving access only to the user. The user can use this to verify his/her credentials online. With no passwords being involved and the credentials being stored locally on the device, the authenticity of a transaction is significantly higher. Apart from having permissioned and public models, the unique thing about Trusted Key is that their platform can be used by others to build their own digital identity wallet.

The Trusted Key Open Network

Trusted Key Impact and Economics

The impact Trusted Key has is significant. It makes customer acquisition easier for Banks as they can onboard customers with verified KYC documents without the customer having to visit a branch. The verification system helps merchants verify a transaction with the buyer. Merchants are otherwise in a precarious situation where outcomes such as turning away a good customer or accepting a fraudulent transaction results in losses. The applications that Trusted Key is focused on range from education and healthcare to enterprise access management and financial institutions.

What makes Trusted Key powerful is not just the security and convenience it provides, but also the underlying economics. E-commerce companies, banks and other financial institutions have large teams focused on detecting and preventing frauds. With large investigation teams, the marginal cost of verification or investigation is high. Trusted Key can reach a point where the marginal cost (cost of verifying another transaction or user) tends towards zero. This makes scaling viable and mass adoption possible. Trusted Key is able to make the business model more secure without disrupting it. Financial institutions and merchants end up saving on chargeback fees due to frauds and fines for not complying with KYC requirements.

Team Trusted Key at the Mobile World Congress 2018

Since 2014, the Blockchain space has seen innovation and several use cases.

The Blockchain identity space has a similar trend with many startups emerging since 2015. The competitive landscape has giants such as IBM, Microsoft as well as startups and open source projects. Consortiums focused on Blockchain based identity solutions also play a pivotal role in the landscape.

Learning Machine and Cambridge Blockchain are two formidable US based competitors who have recently raised $3 million and $7 million respectively. With pilot projects with the government of Malta, MIT and Federation of State Medical Boards, Learning Machine has an advantage in the education space. Cambridge Blockchain has strategic alliances with IHS Markit and LuxTrust to provide its KYC and identity services. The startup has been quick to expand overseas, setting up an office in Paris and joining a European initiative backed by the government of Luxembourg called INFRACHAIN with members such as Deloitte and Ant financials among others.

Trusted Key ran a pilot project in partnership with the National Health Information Sharing and Analysis Center (NH-ISAC) for digital identity in the health care space. The project has the potential to reach more than 150 million consumers in the U.S. Trusted Key is part of the Decentralized Identity Foundation (DIF) consortium with Microsoft, IBM and others.

In an increasingly digital world, digital identity is an important piece in the system. While systems may be trust-less, trust continues to be essential. Alliances that Blockchain identity companies build will determine their acceptance in the market. The evolution of this sector will be interesting to watch. Maybe in a few years, we might be using the Trusted Key App to create a bank account.

The post Trusted Key’s Blockchain Identity Solutions appeared first on Techweek.

Auth0, a Seattle-based Identity-as-a-Service (IDaaS) startup with offices in Buenos Aires, London, Sydney and Tokyo and 300 employees believes it can make the internet safer with a new way to identify users. With a view to capturing some part of the Identity Access Management (IAM) market – projected to surpass $13 billion by 2021 –  Auth0 provides developers and enterprise customers with a secure and extensible identity platform, enabling them to resolve various different scales of identity use cases. The company authenticates more than 40 million logins daily and boasts an impressive roster global enterprise partners that includes companies like Atlassian, NVIDIA, Dow Jones, Mozilla, AMD, and Schneider Electric.

Their growth has been sustained since being founded in 2013; revenue in 2017 doubled over 2016, and the company added 1500 new customers in the last year alone. According to CEO and co-founder, Eugenio Pace, this was indicative of the need and demand in the market for an end-to-end identity solution.

Eugenio Pace – Founder & CEO, Auth0

The Auth0 Story

Eugenio (pictured here, courtesy Auth0) met co-founder and current CTO Matias Woloski at Microsoft in 2006 as a Product Manager, while Matias was an Enterprise Architect at Southworks – one of Microsoft’s biggest global vendors based out of Argentina. They collaborated together and bootstrapped the company to build a minimum viable product between 2012 and 2013. After a few large customer wins, more traction and visibility in the identity market, they brought Jon Gelsey on board as CEO in January 2014, who had been Microsoft’s Director, Strategy and M&A. By September 2014, when Auth0 received its seed funding of $2.4 million, it had several clients; most notably, Berkshire Hathaway’s travel insurance arm and Schneider Electric. The seed round was led by Bessemer Venture Partners with participation from K9 Ventures, Portland Seed Fund, and NXTP Labs.

The company has raised a total of $54.3 million, with the latest round in June 2017 at a $250 million evaluation. It has undergone three rounds of funding after the seed, with renewed participation from Bessemer and K9 showing sustained investor interest. The company also added Trinity Ventures which led its Series B in 2016, before going international with Japan-based NTT DOCOMO Ventures and Australia-based Telstra Ventures joining in the 2017 Series C. The company grew considerably during Jon’s tenure as CEO, becoming a multinational corporation with a development, marketing, sales, finance, and operations team catering to customers in more than 70 countries.

The company leveraged their former Microsoft credentials to add to their team, with many of its most prominent executives coming from their former employer, headquartered in neighboring Redmond, merely 15 minutes away from Auth0’s Bellevue office. The company used its growing team to fuel product development, evolving its offerings both in terms of scope and features. In June 2015, it was focusing on APIs, identity management for IoT devices, and had recently unveiled multifactor authentication functionality. By August 2016, it added passwordless authentication, support for extensions, and anomaly detection tools to its product features, making a space for itself in the growing identity management space.

The increased need for identity management for the digital ecosystem

Driven by an increased expectation of seamless platform, service, and product interoperability in a world increasingly reliant on cloud and mobile technologies, the demand for robust identification systems has only increased since Auth0 was born. To ensure access across multiple devices while safeguarding privacy, companies active in the digital domain – SaaS, e-commerce players, and their ilk – rely on identity verification systems. Users rely on such systems to prevent misuse and also to safeguard their bank account and/or medical records. Ordinarily, any developer needing to verify user identity would have to write complex lines of code and integrate into existing technology infrastructure to develop a robust identity verification system. Further, they have to develop architectures and hierarchies to provide differentiated access to their various programs and modules to different levels of users, and also help provide access control across web, mobile, IoT, and internal applications.

Auth0 provides developers and enterprise customers with a secure platform to integrate with, enabling them to resolve various different scales of identity use cases. Their platform currently secures 1.5 billion logins per month, preventing more than 1.3 million malicious logins over time. In a world where companies have to build complex digital ecosystems and regulate access between external customers, trusted business partners, and internal employees, the company looks to offer reliable and easily integrated identity management modules to the market. The company commissioned a Forrester Total Economic Impact report which found Auth0’s solutions helped improve conversion rates, gain increased business from partners, and restrict developer costs. These marque customers of the platform showed a cumulative increase of $2 million in revenue, and a reduction of $3.7 million in IAM-related management costs.

Market recognition for Auth0

Buoyed by this strong and in-demand value proposition, Auth0 is considered one of Seattle’s top 10 most highly valued SaaS startups. It used the funds from its latest funding round to power its international expansion, opening branches in London, Sydney, and Tokyo, and to expand its leadership team with industry leaders brought in as Chief Information Security Officer, Chief Marketing Officer, and as General Counsel. This is part of the company’s plans to raise the company’s profile, adding new sales, marketing, and customer success capacity in addition to engineering resources.

The company’s desire to raise its profile is impressive, given the accolades it has already collected. A sustained effort towards a welcoming work culture and ethos (including a remote working policy that relies on their own systems) was instrumental in making it one of Seattle’s top 10 employer brands according to Hired’s 2017 Global Brand Health Report. The company’s collection of industry-leading talent and targeted delivery of enterprise services even landed it on Business Insider’s list of 51 enterprise startups to bet your career on in 2018.

The present and the future

Over the past few years, Auth0 has become known as a company that provides a universal platform for any identity use case. This shift in strategy also comes as Jon Gelsey stepped down as CEO in December 2017, assisting in the transition as Founder Eugenio Pace took his place. As companies develop their own or rely on various cloud services to provide their services across a more networked world, Eugenio wants Auth0 to use single sign-on products to help manage this complexity.

Conventional IAM consisted of two distinct functions: authentication, i.e., the verification that the user is who they say they are, and subsequently authorization, i.e., providing access to different buckets of content on the basis of the authentication. If server-side systems can communicate with each other and convey authentication credentials, platforms will just need to link user authorization credentials and allow the user to access their account without logging in.

This is of immense potential in an era where data is being declared the world’s most valuable resource. Collecting user data allows today’s AI-driven algorithms to create statistical models on the basis of their behavior. Companies can use insights drawn from this data to personalize company offerings and provide opportunities for more targeted messaging. This helps companies increase their sales and conversion rates. But how is Auth0 communicating this value proposition to the market at large?

Martin Gontovnikas (Gonto), Auth0’s first marketer, says he beat the flat signup growth trap with a combination of data-driven analytics and empathy-driven human outreach. Under his instigation, the company’s approach is developer-focused and two-pronged. The company focuses on producing digital content targeted towards developers looking for a greenfield IAM solution. It also focuses on attending developer conferences, making human connections that have helped the company’s website reach the top 5000 in the country purely on the back of sustained developer interest. Further, their content strategy has resulted in an impressive 96% of its inbound leads driven by content, and have helped maintain a healthy monthly sign-up rate.

A new CEO, and a new Chairman on the Board, a rich history of product development and innovative marketing, a timely and in-demand value proposition – Auth0 has a lot of interesting variables going into 2018. But there’s one constant in IDaaS – reliability. As OneLogin, a company offering a similar product, found itself breached in 2017, there is some wariness about how secure these companies are. On Auth0’s part, it is continuing to push the envelope; it will be providing authentication services to Coinsource, the world’s largest Bitcoin ATM operator, and to Google Cloud customers through its platform partner program. The company has essayed an impressive growth story, established a strong brand presence, and crafted a popular solution to a universal problem; if the company can continue offering reliable IAM services and avoids breaches, it could have the potential to stand with the likes of Amazon, Microsoft, CostCo, Starbucks, and Redfin as one of Seattle’s most prominent companies.

The post Worldwide cyberattacks vs. Auth0 – the IDaaS startup securing your identity appeared first on Techweek.