Trusted Transactions | Entersekt Blog

Trend alert: authentication acquisitions

Posted by Jolette Roodt, Writer/Analyst, Entersekt

Find me on:

Apr 11, 2017 9:00:00 AM

Acquisitions.png

Digital security is becoming a part of everyday life and is no longer something only banks need to care about. As such, smaller-fry authentication companies are being picked up by big service-provider fish at a rate worth mentioning – and not for a song, either, as recent figures show. Why is this happening, and what does it spell for the future?

 

In February of 2015, Twilio, a San Francisco-based company that integrates voice communication and messaging into business software, acquired the two-factor authentication (2FA) startup Authy for an undisclosed amount. This made it possible for Twilio customers to integrate Authy’s 2FA security into their Twilio product instead of building their own 2FA from the ground up.

Calling for reinforcements

Simplifying the integration of authentication capabilities soon became a common motivation for acquisitions. For example, two months later, global customer relationship management (CRM) giant Salesforce bought Texas startup Toopher and turned its technology into Salesforce Authenticator, which is now an optional add-on to Salesforce’s standard offering. In the same month, Early Warning extended its authentication services to mobile by buying Authentify for an undisclosed amount.

Among the most significant recent acquisitions of 2016 was that of biometrics technology provider EyeVerify by Ant Financial, operator of Alipay and affiliate of Chinese e-commerce success story Alibaba, with the purpose of adding another security factor to Alipay’s authentication. American Express also acquired InAuth to increase its fraud prevention capability, while Visa bought CardinalCommerce to help secure payments across all platforms.

Other major acquisitions of authentication companies in the past two years are listed below.

Date

Company acquired

Company focus

Acquired by

Amount

May 2015

IDchecker

Identity verification 

Mitek

$10.6 million

July 2015

Authasas

2FA

Micro Focus

Not disclosed

November 2015

SecureReset

MFA

Core Security

Not disclosed

June 2016

Encap Security

MFA

AllClear ID

Not disclosed

August 2016

2FA, Inc.

2FA

Identity Automation

Not disclosed

Eliminating external threats

With phishing success rates at an all-time high, corporations are increasingly looking for easy-to-use and secure ways for employees to log into virtual private networks (VPNs) from both computers and mobile phones, at the office, and at home. Identity and access management (IAM) will be key in this respect, which is why security leaders like HID Global and Gemalto are getting in on the action. Below are some noteworthy IAM acquisitions from the past two years.

Date

Company acquired

Company focus

Acquired by

Amount

March 2015

Quantum Secure

IAM

HID Global

Not disclosed

November 2015

Xceedium, Inc.

IAM

CA Technologies

Not disclosed

January 2016

Praxism UK

IAM

PWC Scotland

Not disclosed

April 2016

Device Authority

IAM

Cryptosoft

Not disclosed

August 2016

Redcore

IAM (Australia)

Accenture

Not disclosed

August 2016

PhenixID

IAM

Clavister

Not disclosed

December 2016

3M IAM

IAM

Gemalto

$850 million

Enterprise cybersecurity solutions are also on the uptake in an attempt to combat large-scale data breaches, and companies in this space are now teaming up to reinforce their protection capacity. In January 2016, intelligence-led security provider FireEye paid $200 million for iSight Partners, adding to its threat prevention arsenal, while HORNE LLP acquired Halberd Group to form HORNE Cyber Solutions.

Joining the march

Twilio buying Authy was only the first in a long line of authentication acquisitions that is still going strong. March 2017 saw LogMeIn acquire AuthAir, Inc., and US multinational CA Technologies absorb software-as-a-service (SaaS) provider Veracode. As the trend to offer security with your product spreads beyond the financial industry, it will become harder to sell digital services that do not integrate strong security features in ways that appear seamless to the end-user.

Topics: Knowledge based authentication, Identity enablement

    

About Trusted Transactions

Trusted Transactions is Entersekt's blog devoted to keeping our customers, prospects and friends updated with industry news, security threats and technology advances in consumer authentication. We can protect against online banking fraud and account takeovers. Trusted Transactions brings you industry data and insights to help safeguard your online and mobile banking and payments transactions. 

Subscribe to Entersekt's Blog

Download white paper:  OTP: Security past its  expiration date 

Follow Entersekt