Our tech start-up of the week is Sedicii, creator of a new way of securing and validating people’s identities in such a way that their personal information is not put at risk.
The Waterford Institute of Technology (WIT) campus company has developed technology that authenticates users without the need to transmit private information over the internet or to store that private information on servers.
Sedicii uses a protocol called zero knowledge proof, which can prove a person knows something without the need for them to share or disclose it.
By eliminating the need to transmit and store private information, Sedicii has radically increased the security of a person’s online identity and reduced the business risk for the enterprise.
If your organisation stores passwords or other personal customer data, then you are a potential user of the Sedicii technology, explains co-founder Rob Leslie.
“Companies around the world are spending over US$2bn on authentication solutions and yet every week we read of another well-known company that has fallen victim to hacking and lost millions of private customer details, such as passwords, credit-card numbers, email addresses and more.
“The cost of losing this data can be catastrophic, so the risk should not be taken lightly. Clearly, a lot more needs to be done to protect customers’ private information.
“Sedicii is currently working with organisations that require single sign-on authentication for multiple internal applications or who currently store large volumes of sensitive personal user data. Our current target verticals are retail, airlines, telecoms/consumer broadband, utilities, government agencies and banking.
Leslie is a serial entrepreneur. An electronics engineer by profession, he has a successful track record of establishing and growing businesses to considerable scale. He spent 20 years earlier in his career in Japan.
There, he was part of the management team in Dell Japan that established and grew the business to almost 300 employees and $300m turnover in four years. He also co-founded, grew and ultimately sold PTS Japan in 2000, having achieved a $33m company valuation within five years of establishment. He is also a co-founder of Global Business Register in Ireland, which specialises in sourcing official business information for anti-money laundering (AML) and Know Your Customer (KYC) compliance services.
Fellow Sedicii co-founder Richard Coady has 20 years of experience in technology sales and business development locally and globally, and has a proven track record and strong expertise in strategic market development, commercial planning/positioning, negotiation, relationship building and delivering results in evolving markets.
During his career, Coady has held senior positions with BT (Esat Net), WBT Systems, Prometric and Certiport. As a core member of the Sedicii management team, Coady will be responsible for implementing the international sales strategy for the Sedicii portfolio of authentication and identity applications, and lead the efforts to successfully recruit and support new customers.
Sedicii authenticates users in such a way that the user’s password never leaves the user’s browser, is never stored on an authenticating server and the verifier is not able to impersonate the user.
Sedicii is based on the zero knowledge proof protocol (ZKP), which is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any additional information apart from the fact the statement is indeed true. Such an approach to authentication is considered to be the most secure way of proving identity.
The simplest way to describe how it works is to use the analogy of the lie detector.
“We are trying to prove you are telling the truth through some high-speed mathematical magic that happens between your browser and the server,” explains Leslie.
“A series of mathematical challenges are sent to your browser by the server. Your browser responds to them and if all the responses are correct then we have proved successfully that you are telling the truth and you are authenticated.
“All this happens within one second and all the user has to do is enter their username and password, just like they have always done. All the magic happens under the hood and is invisible to the user,” he said.
“We want to be the solution of choice that organisations will use to protect their users’ personal information from misuse or theft. Or, to use Sedicii to prove that a person really is who they claim to be when transacting or doing business online.”
The next stage
“Our discussions with large, global organisations in banking, telecoms, airlines, gaming and others have been extremely positive,” Leslie said.
“We are currently piloting Sedicii with a large supplier to the consumer broadband industry in the UK, where they are using it for a single sign-on service for employees to access multiple internal applications.
“We are on the verge of agreeing two more pilots with similar use cases but in different industries. We will continue to take a controlled and focused approach to support our ‘early-adopter’ customers in the short/medium-term in order to build trust and reputation.
“We have just completed three months in London as part of the Oxygen Accelerator Programme, where we were based on the Google campus.
“This culminated in a showcase demo day, where we presented to over 150 investors ranging from high net-worth individuals to early stage VCs. We have received a lot of interest and are very confident that we will secure the funding we need to get to the next stage of our journey.”
Leslie said the company experienced many challenges to get to its present stage – the key was remaining true to itsvision.
“It’s about building a great product that our customers can trust and rely on; building a great team so that we can execute effectively and efficiently so that our customers can have total confidence in us; and ensuring we have sufficient funding in place to allow us to get to our next major milestone so we can achieve our customer acquisition and business goals,” he said.
Getting to scale
Leslie noted that there are a lot of start-ups trying to make headway in Ireland right now.
“I fear that there is going to be a big problem when many of these companies try to access funding to grow and scale because of two things.
“Firstly, the risk appetite of Irish investors is pretty conservative and secondly, the pool of available funds for investment is not big enough to support the number of start-ups seeking to access it.
“This will undoubtedly mean a lot of companies running out of cash even though they may have the bones of a very good business. Not every company is going to be a global blockbuster, such as Twitter or Facebook, but there are many that have the potential to be nicely profitable and sustainable given the right foundations being put in place.”
Leslie pointed out that Ireland is a very small market and so strongly advises tech start-ups to spread their wings and be willing to travel.
“In addition to the UK being a much bigger market, London is hot right now and they have some fantastic tax supports for start-ups through the SEIS and EIS programmes.
“UK-based investors can invest in Irish companies and still take advantage of UK tax breaks provided some conditions (that are fairly easy to comply with) are met.”