Confident Technologies Makes Its Debut in Restart of Vidoop’s Security Software
Curtis Staker tells me that Portland, OR-based Vidoop had a Web security idea that was just too good to let die. So Staker, a veteran software security executive, helped to acquire Vidoop’s assets in January, moved the software development operation to Solana Beach, CA, near San Diego, and today is launching the reincarnated business as Confident Technologies.
What’s the idea?
Instead of requiring online users to gain access to a secure website by providing a username and password, Confident Technologies has developed an alternative authentication process based on recognizing images. The company says its technology generates a unique, one-time access code each time a user seeks access to a secure website, yet Confident’s approach also is intuitive and easier for customers to remember.
Staker says the human brain has an easier time remembering images and broad categories, such as dogs, airplanes, and flowers, than remembering lengthy strings of letters and numbers—especially when many users must keep multiple user-password combinations for all the different sites they log onto. In terms of intuitive simplicity, Staker says, if you’re searching for your car in a big parking lot, is it easier for you to remember your license plate number, or what your car looks like?
In announcing its business debut today, Confident Technologies says its approach makes life easier for online users by providing a randomly generated image to protect online transactions and sensitive information. With “image-based verification,” a user selects categories of images that are easy to remember, such as cars, airplanes, and insects, the first time he or she registers with a website, such as an e-commerce or online banking site. Then, every time the user logs into that website, he or she is presented with a grid of randomly generated images—each with a randomly generated number or letter overlaid on the photo. A user simply identifies the images that fit the previously selected categories.
Confident Technologies says its authentication software can work as a stand-alone solution or as an extra layer with existing security protections. The company says it offers its product as Web-based software-as-a-service, or under a customer’s control as a virtual appliance in a data center.
Staker, who previously headed Malta-based GFI Software and San Diego’s Websense (NASDAQ: WBSN), says he also likes the prospects for generating advertising revenue. “There’s a wild viability, a wild upside, to using advertising for these images,” he says. “Instead of putting up stock photos [for example], users could pick a driver, golf ball, and golf club.”
Confident Technologies says it also offers an alternative to Captcha, the squiggly letters and numbers popularly used to verify whether a user is human (and to block automated log-in attempts used to spam). The company also provides what it calls “out of band” verification that sends a secure, one-time password through a text message or automated call to the pre-registered telephone number for a cell phone. For example, spokeswoman Sarah Needham says, “an online banking website would typically use out-of-band verification as a second layer of security if the consumer is attempting to log-in or make an online transaction from an unrecognized computer, or a computer that has an IP address registered in a suspicious geography, or at a strange time of day.
“If you tried to log in from China in the middle of the night, or if your computer was under the control of a bot that was logging in from a suspicious geography in the middle of the night, or if a hacker knew your online credentials and was trying to log in from a different computer, it would trigger an out-of-band verification step,” Needham says. “An automated call is sent to the phone number that you gave the bank when you registered, and they would call you on your phone to verify that it really is you trying to log in or make that money transaction.”
Staker declined to disclose how much the buyers paid to acquire the technology and other assets from Vidoop, which was founded in 2006, and which Staker says was an insolvent business that had raised between $5 million and $10 million from its private investors.
The company has only four employees and four contractors, who are mostly software developers from Vidoop. In restarting the business, Staker recruited two other Websense expatriates: executive vice president William Goldbach, who is overseeing sales, marketing, and business development; and Roman Yudkin, the chief technology officer. “I wanted to incubate things for a while,” Staker says. “We rebranded and renamed the company, along with the recasting of websites, names, and terminology.”
Staker says the company is initially targeting financial institutions that provide online banking and investment management services. “They’re the logical choice to have them embed our technology in their system,” he says, noting that 40 percent of the population doesn’t bank online, yet a banking transaction that costs $26 to conduct in person costs just 6 cents online. Confident Technologies also is targeting e-commerce websites, healthcare organizations, social networking sites, and Web developers.
Staker says funding for Confident Technologies has come primarily from a $3.5 million bridge loan, which appears to be sufficient to get the company up and running. “If we do an A round [of venture funding],” he says, “It will be for a really good reason.”