Google recently acquired Israeli startup SlickLogin, which uses sound waves as a security layer for two-factor authentication. Here's why it matters.
Still reeling from a recent security breach that left nearly 55,000 Google accounts compromised, Google has acquired an Israeli security startup called SlickLogin that uses sound waves to add another layer of security to login authentication. The company was founded about a year ago by three graduates of the Israel Defense Forces' cybersecurity unit.
SlickLogin's technology emits a high-frequency sound from a user's smartphone. A user simply places their phone next to their computer and they will be able to log in. The sound wave technology can be used as a single authentication measure, or can be used as one part of two-factor authentication for even stronger security.
Interestingly enough, SlickLogin never even made it to market. According to Nimrod Kozlovski, a partner at Israel-based JVP Cyber Labs, it seems they went straight to acquisition.
"SlickLogin was known only in the cyber experts community and not known to the public. They only recently announced their product and were bought prior to any market penetration or major investment. It is uncommon that a company is acquired at such [an] early stage by a multinational corporation," Kozlovski said.
Security startups are gaining traction worldwide, but cybersecurity startups are especially big in Israel right now. With GE announcing its early investment in Thetaray and IBM purchasing Trusteer, it's becoming a common occurrence for multinational companies to step into the startup space in Israel. Even Prime Minister Benjamin Netanyahu declared: “Beersheva will be the new cyber capital of Israel.”
It seems that Google is working to beef up its security measures across the board. In January, Google purchased Impermium, a startup focused on eliminating spam and online fraud. According to TJ Keitt, senior analyst at Forrester, authentication is a major issue for Google.
"It's a multi-factor authentication play, which has always been an important question for prospective Google Apps customers. In some heavily regulated fields, IT leaders are required to put certain levels of security around systems containing potentially sensitive information. So, some early Google efforts to address this have been forcing users to use PINs sent to mobile devices (something they'd made available in the consumer market).
"But with the increasing diversity of devices available on the market, and IT departments not necessarily exercising full control over these devices, two-factor authentication with mobile devices could be compromised," Keitt said.
No one can say definitively what Google will use the SlickLogin technology for. They could absorb the company and mix it into their secret sauce, or they can further invest in, and develop, the technology to use it to make Android and/or Chrome devices more secure.
Some factors that could point to absorption are the fact that SlickLogin's CEO Or Zelig has already changed his job title on LinkedIn to "Product Manager at Google" and the SlickLogin site quickly changed its contact email to firstname.lastname@example.org. According to Gartner's Ant Allan, this acquisition could help with the move toward a more "frictionless" user authentication experience.
"SlickLogin reduces the work a user has to do to authenticate compared against OTP hardware tokens, OTP apps, and other OOB authentication methods, for example. It is not the only solution that does so. In the mid to long term, we expect an increase in adoption of user authentication methods that are essentially passive (recognition technologies). SlickLogin is a step in the right direction (as long as it is as secure as it needs to be!)," Allan stated.
Up to this point, Google's main argument for the use of products like Chromebooks was that they were comparable to their Windows counterparts. With the addition of new security measures, like those offered by SlickLogin and Impermium, Google could be making the push to offer their products as a better, more secure, alternative to Windows.