September 24, 2020 – This morning, Plurilock Security (PLUR.V) began trading on the Canadian Venture Exchange.
When investors talk about new technology companies, they often like to ask: “What PROBLEM is this tech solving?”
Ever been hacked?
Locked out of your own account?
Lost your password?
Fumbled the answer to security questions?
Had your work-flow stalled because of a “Login Authentication Error”?
Unless you live in a driftwood shack on a Haida Gwaii beach and use carrier pigeons to send messages – I’ll bet you answered “yes” to each of those questions.
This [above] is the problem Plurilock is solving.
This [below] is their solution:
“Plurilock is an identity-centric cybersecurity company that reduces or eliminates the need for passwords by measuring the pace, rhythm and cadence of a user’s keystrokes to confirm their identity.”
Below is an overview of Plurilock’s technology:
The idea that your typing-style creates a unique identifier, is not entirely intuitive.
But as I write this article, I’ve been watching and analyzing the way my fingers interact with the keyboard.
I discovered – to my surprise – that I seldom use my baby right-finger on the SHIFT button. If I need to write a capital “Z”, I hit SHIFT with my baby left-finger, then swoop my right hand across the keyboard to hit the “Z”.
The differential in the time it takes me to type SHIFT-J and SHIFT-Z is part of my unique typing signature.
I touch-type all other keys – except numbers – which I “hunt-and-peck”. I noticed I’m quicker at finding 5-8 than I am at finding 1-2 and 9-0.
Plurilock’s Artificial Intelligence (A.I) can learn my “unique typing signature” in under 60 seconds.
That means, as soon as I start typing, it knows it if it’s me or not.
The company’s technology has the power to disrupt the current status quo: Multi-factor Authentication (MFA).
Eighty-one percent of security breaches result from stolen credentials.
MFA mostly prevents this.
But 63% of users dislike office MFA, and 60% of admins actively avoid it.
MFA is the cauliflower of internet security protocols.
No-one disputes that it’s packed full of vitamins – but the taste is off-putting – so diners push it to the side of their plate.
User push-back isn’t the only issue.
MFA devotees have discovered that the system is fallible.
“Nearly all major web services now provide some form of two-factor authentication, but they vary greatly in how well they protect accounts,” reports The Verge, “Dedicated hackers have little problem bypassing through the weaker implementations, either by intercepting codes or exploiting account-recovery systems.”
For this writer, anything that requires verification via texting is problematic because I’m often in Asia – using a Chinese SIM card.
Being blocked from Adobe Creative Cloud while I’m in the mountains of Guizhou shooting a documentary is BIG problem.
That could cost me thousands of dollars.
This authentication quagmire isn’t just affecting little guys like me and small companies with weak security back-ends.
“Multifactor Authentication (MFA) issues are impacting a number of Microsoft Azure and Office 365 customers in North America,” reported Zdnet in October 2019, “So far, the causes aren’t known, but Microsoft engineers say they’re working on it”.
Plurilock uses behavioral biometric, environmental and contextual technologies to provide invisible, adaptive and risk-based device and malware protection, and continuous identity assurance.
Don’t we already have “biometric” authentications – like “facial recognition” and “Fingerprint verification?
The answer is “yes” but they don’t work very well.
My brand-new HP laptop recognises my face only 40% of the time, and the nifty fingerprint login option stopped working on Day 2 (to be fair my fingertips are worn smooth from decades of typing).
Another issue is that industry-standard biometric authentication stops working after you’ve logged in, which creates vulnerability for an unattended or stolen machine.
PLUR’s flagship products are Plurilock DEFEND and Plurilock ADAPT.
Plurilock ADAPT Highlights:
- Benefits of MFA without requiring users to interact with their phones
- No new hardware
- No need for fingerprint readers
- No need for face scanners
- No need for hard tokens
- No MFA codes via SMS
Plurilock DEFEND highlights:
The world spends a lot of time locking down logins. Yet almost no time is spent confirming identity once the login flow finishes.
- Real-time identity
- Confirm a user’s identity continuously, every 3-5 seconds
- Lasts for the duration of open session work
- No gaps or uncertainty.
- No new hardware.
- Preserve a full-day identity trail
- Require only standard keyboards and pointing devices
- No hardware required
The company will know which account is responsible for key actions and events, and also which human being is responsible, regardless of the account used.
On July 30, 2020 Plurilock was awarded a new USD $198,000 contract by the US Department of Homeland Security (DHS) to continue its development of advanced machine-to-machine (M2M) authentication and anomaly detection tools.
The is the third in a series of related contracts funded through the DHS Science and Technology (S&T) Directorate’s Silicon Valley Innovation Program (SVIP) and renews the ongoing collaboration between Plurilock and DHS.
“The contract demonstrates the interest that leading government agencies have in our behavioral biometrics technology,” stated Ian Paterson, CEO of Plurilock, “and in the anomaly detection and artificial intelligence capabilities that power it”.
The technology is applicable to the Internet of Things (IoT) authentication in US federal networks, and “may also find other applications as machine-to-machine authentication becomes critical to the security of modern work environments”.
“We’re finding that businesses that are on the smaller side but are growing tend to need our services and products even more than the larger, more established businesses,” stated Paterson in an interview with Equity Guru’s Gaalen Engen, “If you’re in a large organization, you have some economies of scale. Maybe you’ve got a dedicated security person on your I.T. team and they’re looking after security.”
“For the emerging business, particularly businesses that are migrating to the cloud, it becomes even more important,” continued Paterson.
Two weeks ago, Plurilock announced that it will receive services and funding from the National Research Council of Canada (NRC), providing Plurilock with up to CAD $120,000 to support the development of its “advanced passwordless authentication technologies that can be used in commercial, enterprise, and highly regulated cybersecurity environments”.
“This non-dilutive funding supports our current research and development goals at Plurilock,” stated Paterson, “We’re excited that support from NRC will enable our effort to ultimately bring that experience to market.”
Brand new company.
Addressing an expensive endemic problem.
An elegant, innovative A.I-powered solution.
Partnered with the U.S. Department of Homeland Security.
Financially and logistically backed by the Canadian government.
Strong opening play.
- Lukas Kane
Full Disclosure: Plurilock is an Equity Guru marketing client