EXCLUSIVE: Password-free technology vendor LaunchKey gets picked up by authentication and fraud protection vendor Iovation.
Security vendor Iovation is acquiring privately held password-free log-in vendor LaunchKey in a bid to improve user security and reduce the risk of fraud.News of the acquisition was provided exclusively to eWEEK, but terms of the deal are not being made public.LaunchKey was founded in July 2012 and has raised $4 million in venture funding.
Iovation, in business since 2004, has built out products and platforms to help reduce fraud online.”Up until now, Iovation has been focused on doing two things for approximately 1,500 brands around the world: fraud management and device-based authentication,” Greg Pierson, CEO and co-founder, told eWEEK. “Both of those services leverage an underlying data asset that is completely unique and proprietary to Iovation.”
That data asset is a knowledge base that includes profiles on more than 3 billion unique consumer devices. Pierson said that Iovation’s knowledge base doesn’t rely on IP or MAC (media access control) addresses to identify devices. Rather, Iovation’s goal is to understand where and how a device is used to help establish a reputation for a device and its user.
Going a step further, Iovation is able to make connections across related devices that might be used by the same end user, he said.
Today, Iovation receives approximately 700,000 reports a month of various types of attempted fraud that occur across the company’s customer base, Pierson said.
Those reports inform the knowledge base about devices that are identified as being used maliciously.
Iovation’s customers were telling Pierson that they were also looking for a path for improved authentication that doesn’t involve passwords, which is where LaunchKey fits in.Geoff Sanders, co-founder and CEO of LaunchKey, explained that when he started his company, the mission was to create an alternative to traditional password-based authentication.”So with LaunchKey, we created an end-to-end, multifactor authentication and authorization platform,” Sanders told eWEEK. “At a high-level, the platform includes an API that enables applications to push authorization requests to end users through their mobile devices.”The combined company is building an integrated product called the Iovation LaunchKey MFA (multifactor authentication) platform that extends LaunchKey’s existing capabilities.”Imagine everything that both organizations do independently now available as a service,” Pierson said. “LaunchKey on its own didn’t have the global risk and connected device view that brings visibility.”Pierson added that the LaunchKey now isn’t just about authenticating an individual user; it can now also extend to understand the global reputation of a given user or device. He also expects that with the addition of LaunchKey, Iovation will now have more customer touch points and opportunities to help build up user and device reputation overall as well.”It’s about combining capabilities to make each one better,” Pierson said.One of the use cases for LaunchKey today is with the open-source WordPress content management system. LaunchKey has a plug-in for WordPress that can help enable site administrators to deploy password-less multifactor authentication. WordPress is often also an entry point for developers to use LaunchKey, Sanders added.”Approximately a quarter of the internet runs WordPress; so, yes, we want to have a footprint there,” Sanders said.He explained that all LaunchKey services use a central REST-based API.There are multiple industry efforts to help create new forms of authentication, including the FIDO Alliance. LaunchKey is a FIDO sponsor, Sanders said.”We’d love to see FIDO gain traction,” he said. “With that said, we’re not FIDO-compliant yet; it is on our roadmap, and we’re keeping an eye on it.”Overall, the big challenges for the combined Iovation and LaunchKey business are about speed to market and educating organizations about the password-less future.”Historically, we’re all just so used to using passwords that the idea of not using passwords to securely log in is just a foreign concept,” Sanders said. “So there is a bit of an education challenge to get people to move beyond the idea of passwords, which are so ingrained in society.”Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com.
Follow him on Twitter @TechJournalist.