Beyond Identity unlocks $1.1bn valuation with its passwordless tech

22 Feb 2022

Image: © bestforbest/Stock.adobe.com

The New York start-up has created ‘invisible’ and ‘un-phishable’ multifactor authentication technology that aims to revolutionise cybersecurity.

We may be one step closer to doing away with passwords entirely, as US-based security start-up Beyond Identity has developed multifactor authentication (MFA) technology that it claims could make cybercrime a thing of the past.

The start-up announced a valuation of $1.1bn today (22 February) after raising $100m in a Series C funding round led by Evolution Equity Partners. This brings its total funding raised to $205m since it was launched in 2020.

The vulnerability of passwords in the face of cybercriminals is not unknown and an alternative has been a long time coming, with newer technologies such as MFA becoming more mainstream.

Many enterprise organisations have introduced MFA for staff and users, and Microsoft made MFA mandatory for its cloud service provider programme and other partners.

However, MFA is not a silver bullet to cybersecurity problems and comes in many forms, each with its own advantages and disadvantages. Examples of MFA types include one-time passcodes, knowledge-based authentication and biometrics.

Going passwordless

Beyond Identity has developed a novel MFA technology that cryptographically binds a user’s identity to their devices. Describing the tech as “invisible” and “un-phishable”, the start-up says its MFA uses public and private key technology to completely remove passwords from the authentication process instead of “simply obscuring them”.

TJ Jermoluk, co-founder and CEO of the New York-based start-up, thinks that the cybersecurity industry is “coming dangerously close to being complicit in cybercrime” and that investing heavily into legacy authentication technology, such as passwords, will not protect companies.

“Password managers, phishable MFA and outdated VPN technologies are not the answer and will not close the wide-open door that criminals waltz through every day. Today’s [funding] announcement sends a loud message that failure is no longer an option,” he said in a statement.

Beyond Identity said its core architecture combined with its modern authenticator and “advanced policy engine” ensure that only authorised users and devices are granted access – with every device needing to comply with the start-up’s security policies before and after the authentication request.

Mario Duarte, vice-president of security at cloud data platform Snowflake, said that controlling who accesses systems “is only half of the battle”, with the other half being to ensure that the devices they are using to access systems and data are secure at the time of login and beyond.

“Beyond Identity created a next-generation authentication solution that does both and is an important part of our zero-trust program,” he added.

The company’s annual recurring revenue grew more than 300pc between 2020 and 2021, with a 640pc increase in customers. It has more than 180 employees across North America and the EMEA region.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Vish Gain was a journalist with Silicon Republic

editorial@siliconrepublic.com