London-based security company CertiVox, which sells information security infrastructure-as-a-service — providing enterprises with a multi-factor online authentication solution that does away with the need for passwords and usernames, has closed an $8 million Series B round of investment from new investors NTT Docomo Ventures (making its first investment in Europe), along with existing investor Octopus Investments.
CertiVox said it will use the new round of funding to accelerate development and reach of its M-Pin Strong Authentication Platform, which is a software-based multi-factor authentication platform that replaces password-based logins without the need for third-party authentication devices.
The company told TechCrunch it now has more than 100 customers using its technology, including USAF, Parallels, Dematic, Intel and Bosch.
Specifically, CertiVox said it plans to use the funding to expand its sales, business development and marketing efforts, and expand partnerships with cloud service providers, OEM channels (including smart device makers and mobile service operators) and independent software vendors.
The mobile element explains NTT Docomo Ventures’ interest. The Japanese mobile operator announced an investment arm last year. Security and safety was one of the strategic fields NTT identified when it launched the fund.
CertiVox’s flagship M-Pin authentication system works in the browser or on mobile devices, with a focus on being user-friendly and avoiding the complexity that can dog some multi-factor authentication security systems. The technology can either be deployed by CertiVox’s customers on premise, or operated as a cloud-based service.
Their users then type a four-digit PIN into CertiVox’s software PIN pad to authenticate a session by generating a cryptographic key. The company says the system works in the same way that bank ATMs authenticate a user session.
This “strong authentication” competes with traditional two-factor authentication providers who offer software or hardware systems, such as RSA, Vasco, Google Authenticator and others, says CertiVox. However it claims its system is “more ambitious” — by aiming to replace password-based authentication entirely, as well as providing two-factor authentication, all in one.
“M-Pin uses a zero-knowledge proof protocol so that passwords are never used or stored in a vulnerable database, making the password database breach threat a thing of the past. CertiVox, enabled by its strong cryptographic background, is unique in this approach,” it says.
Commenting on CertiVox’s new funding in a statement, Nobuyuki Akimoto, Senior Vice President and COO at NTT DOCOMO Ventures, said: “CertiVox’s M-Pin Strong Authentication Platform is a great and innovative platform, and ideally suited for today’s smart devices. M-Pin provides a much-needed advancement for user-friendly, scalable, strong authentication security.”
In another supporting statement, Luke Hakes, from the ventures team at Octopus Investments, added: “It is a great accolade for the team at CertiVox to have the backing and support of NTT DOCOMO, Japan’s largest mobile services provider. This is clear evidence that CertiVox’s M-Pin Strong Authentication Platform is a market-leading technology. Octopus has believed in what CertiVox is doing right from the start and we are delighted to continue to support the business as it moves into the next exciting stage of its development.”