Trusona Attacks ‘Last Mile’ Authentication Problems for Critical Web Transactions

Feb. 25, 2016

Trusona Attacks ‘Last Mile’ Authentication Problems for Critical Web Transactions E-commerce antifraud veteran Ori Eisen is heading up a new authentication technology provider that will focus less on retail e-commerce transactions and more on the most critical and sensitive Web and mobile transactions “where you absolutely have to know who is on the other end,” Eisen told Trusona came out of stealth mode this week with an $8 million funding round led by Kleiner, Perkins, Caufield and Byers. Solutions for e-commerce like the one he built at 41st Parameter (which he sold to Experian in 2013 ) that root out fraud, but run in the background so they will not affect the customer experience, work very well in the e-commerce space and for 99 percent of Web transactions, he said. But, “when you have a nuclear power plant, or are sending millions of dollars daily in financial transactions, “99 percent doesn’t cut it anymore.”

Trusona is a hardware- and in-person-based solution that Eisen said addresses “the last mile” of authentication in critical environments like energy infrastructure, brokerages and institutional banking. Eisen said critical social media accounts—for example, the White House’s Twitter feed—is also an application, but Trusona is not yet active in that space. So far, according to the company, Trusona’s core technology has experienced zero fraud in more than 119 million transactions.

Eisen said the technology is able to deliver 100 percent accurate authentication for several reasons. First, the person who needs authenication credentials must be invited by Trusona or one of its trusted agents (i.e., an existing corporate customer of Trusona). That person downloads an app and scans their driver’s license. A physical authorization token will only be sent to that address via restricted delivery by the post office (requiring signature and identification to complete delivery). Then the user has a six-digit PIN and the physical token that reads the magnetic signature of one of the user’s payment cards and the characteristics of the way the card is swiped.

“Security compromises are no longer a once in a while event, they happen daily,” said Ted Schlein, general partner at KPCB. “As such, it’s time we create truly unbreakable products that thwart malicious actors and keep our most sensitive and personal information safe.”