Beyond Identity secures $75 million in funding to eliminate passwords and usher in a new era of passwordless authentication
Computer passwords have been around for about 60 years now. The first computer password was developed in 1961 at the Massachusetts Institute of Technology, for use with the Compatible Time-Sharing System (CTSS). That password later gave rise to many of the basic computing functions we use today. With millions of people using vulnerable passwords, software engineers later came up with the idea of two-factor/multi-factor authentication (2FA/MFA), to provide an extra layer of protection used to ensure the security of online accounts beyond just a username and password.
However, 2FA and MFA are not without their own issues and drawbacks. There are security vulnerabilities with 2FA and MFA, for example, using brute-forcing 2FA verification code. One tech startup is on a mission to not only address these issues but also want to put an end to the use of passwords and usher in a new era of passwordless authentication. Beyond Identity is a New York-based startup that is aiming to eliminate passwords and replace them with a chain of trust. We first wrote about them back in April after the company announced it launches with $30 million in funding.
Today, Beyond Identity announced it has raised a $75 million Series B funding to fuel further innovation of its industry-leading, advanced passwordless identity platform and to build a global footprint, including the acceleration of distribution channels, OEM partners, and international sales and support. The round, which was led by existing investors Enterprise Associates (NEA), Jim Clark, and Koch Disruptive Technologies, LLC (KDT), brings the company to $105 million.
Founded in April 2020 by Jim Clark and Thomas Jermoluk, Beyond Identity provides the next generation of secure digital business by replacing passwords with fundamentally secure X.509-based certificates. This patent-pending approach creates an extended Chain of Trust™ that includes user and device identity and a real-time snapshot of the device’s security posture for adaptive risk-based authentication and authorization.
Over the years, customers have been attracted by the company’s secure, scalable, and frictionless passwordless authentication, but what has really gotten their attention is the platform’s advanced architecture and ability to incorporate granular endpoint security data into a continuous risk policy-based authentication model. The company is currently supporting customers whose workforce counts range in size from less than a hundred, to hundreds of thousands of employees and is attracting businesses that are working to deploy its advanced identity platform to tens of millions of their end-user customers.
“The past seven months have been a challenging time and have forced organizations to rapidly adjust to supporting fully remote workforces, a change that will be largely permanent,” said Forest Baskett, General Partner at NEA. “The industry was moving incrementally in the direction of passwordless approaches, but Beyond Identity’s innovation leapfrogged all others with an elegant architecture and powerful solution. As investors, the opportunity to ride that wave with the leadership team they have assembled was simply too hard to ignore.”
Unlike previously available solutions like two-factor/multi-factor authentication (2FA/MFA) or password managers (which attempted to increase security but also greatly increased user friction), Beyond Identity’s advanced passwordless identity platform increases both usability and security, lowering cost and complexity while removing friction for users. The company has continued to rapidly extend its coverage – expanding its Beyond Identity Authenticator to all major operating systems (macOS, Windows, iOS, and Android).
In just a few months since launch, Beyond Identity has streamlined the adoption of passwordless identity management across any business context by offering a completely cloud-native platform, supporting proven industry standards (e.g., OpenID Connect, SAML, TLS, and X.509), and developing formal integration partnerships with single sign-on (SSO) providers, including Ping Identity, Okta, ForgeRock, Microsoft, and others.
“Passwords are so repeatedly exposed that they have become a commodity for criminals. The result has been an exponential rise in account takeover fraud that is costing companies billions annually,” said TJ Jermoluk, CEO of Beyond Identity. “Too many companies use the phrase ‘passwordless’ totally wrong. They aren’t actually eliminating the password at all, just applying Band-Aids to existing legacy password systems. Fundamentally strong authentication requires that companies completely eliminate passwords. But that is just the first move, not the end game. Forward-looking companies are adopting continuous authentication, a new model that provides fundamentally strong, risk-based access, significantly reducing exposure to account takeovers and protecting user privacy.”