If you ever wanted proof that Google+ is, in fact, not a social network but rather an all-in bid for your identity, here’s your pudding: mere weeks after the announcement of the Google+ login button, hundreds of major media outlets are using the Google+ button for their web and mobile user logins.

Today, Google is announcing that American Idol, Universal Music Group, Fox Broadcasting company, and hundreds of other partners are doing Google+-flavored sign-ins. The service had around 10 partners at its launch; now, through middleman-like service providers including Gigya and Janrain, it’s expanding its reach by an order of magnitude and then some.

And while those red login buttons will often sit next to other login options, they bring a few unique benefits — especially for partners with Android apps.

“They can put Google+ signup next to Twitter or Facebook or their own authentication,” said Google exec Seth Sternberg in a recent chat about the rollout. “There are lots of great advantages for the developer and the user, but it’s not a one-or-the-other choice. … You could connect with both, or make it single sign-on.”

The Android piece is particularly interesting. If you’re a publisher or developer with an Android app to promote, a Google+-authenticated user who is browsing around your desktop website will be prompted to download the Android app, too. Then, the user can opt to get an over-the-air install of the app without ever touching a smartphone.

As Sternberg said, “A lot of times, [people] are using a web application that they love, and they don’t even realize it has an Android app. It’s just not obvious. So we’ve made it easy to get an app onto your phone with one tap.”

The little red button, he concluded, takes around two weeks of dev time to get up and running — a timeframe that’s consistent with the time between the Google+ login launch and today’s news of massive expansion.

Here’s a demo of the login button in action:

---

Big Data and Predictive/Real-time Analytics startups: Are you looking to jumpstart development & accelerate market traction? Sign up for the SAP Startup Focus program to receive technology, support, resources and community to help you develop new applications on SAP HANA, a cutting edge database platform. Get started here, and enter promo code “VB2013″ on the form.

---

Veritrix believes that you’ll only be able to truly “authenticate,” or know who’s logging into your system by physically identifying them. The company raised $2.4 million in a funding round today, according to a filing with the Securities and Exchange Commission.

Chief executive Paul Headley is listed on the filing alongside co-founder Francine Gani, software engineer Karen Ma, and Lou Pambianco. We have reached out to Veritrix for more information on the round and will update the post upon hearing back.

It seems kind of obvious that you’d need to get the identity of a person to authenticate them into your system, right? That’s not necessarily true. Many authentication systems simply trust that you are who you say you are because you know the correct username and password combination, you can provide a special code is trusted to be only sent to you (as with two-factor authentication), or with the sturdier biometrics like fingerprints and iris scans. The problem is, biometrics technology is expensive and difficult to deploy, so much depend on the more traditional authentication models.

Veritrix’s software as a service product, which it calls the Sovay Sever, makes sure that the person logging in is really the person in the chair by taking video and voice recordings of the person to let them in. That is, you can your traditional login and password combination, but then the Sovay Sever will step in and make the person record a statement through the computer’s webcam. That way there is a log kept of every time a person accesses your system.

It’s a form of accountability. Veritrix hopes that this will deter anyone from going rogue on the inside, or anyone from the outside getting in.

There is also a management dashboard for IT departments to keep track of these logs.

Veritrix was founded in 2008 and is headquartered in Palo Alto, Calif.

Webcam image via Shutterstock

The idea of a “plug and play” security tool may seem a bit paradoxical, but one company doesn’t think so. Stormpath, an authentication app that just got $8.2 million in its first round of funding today, wants you to “plug in” its login tool, and let it do all the work as your company’s first line of defense.

The funding was led by New Enterprise Associates and Pelion Venture Partners, with participation from Flybridge Capital Partners.

The company built a product that allows cloud service providers to “offload” the authentication process to StormPath. Authenticating a user is the same as identifying them — giving them a place to login and prove they are who they say they are. This process, however, can be bulky and is one of the most important security measures a company can take today. Stormpath says it can do the job better than cloud service companies can; it uses an application programming interface that developers at cloud service providers can just plug into their existing products.

From there, Stormpath takes care of that company’s authentication, password reset, and account management needs.

Companies like Stormpath may actually make a lot of sense. As a business-owner, you might have the desire to control your company’s security landscape completely on your own. But employing a dedicated company that is putting all of its resources into that one security product might actually make it stronger and more reliable.

Stormpath was founded in 2011 and is based in San Mateo, Calif. Benchmark Capital also previously invested in the company.

Storm path image via Shutterstock

Nok Nok, a company that wants to help organizations get rid of the traditional login and password, raised $15 million in its first round of funding today from DCM and Onset Ventures.

The company created a Unified Authentication Infrastructure that lets companies keep their systems safe by using the existing security products in different computers — such as desktops, servers, and mobile phones — to identify a user. For instance, you may have to swipe a finger or user your voice to prove you are you.

Logins and passwords are one of the most insecure parts of a company’s system. You need a login and password to prove that you are who you say you are. But with mobile technologies entering the workplace, as well as other Internet connected devices, employees are having to authenticate from many different access points. These add more attack vectors for someone trying to get into the system, so new forms of authentication, such as Nok Nok, are being introduced to the market.

But we haven’t yet gotten rid of the password because there simply hasn’t been something good enough to replace it. Nok Nok is working with a number of well-known organizations to put smart thinkers together to come up with the best ways to deal with this problem. Those organizations include PayPal’s electronic payment division, Lenovo, and Infineon Technologies AG.

Nok Nok was founded in November 2011 and is based in Palo Alto, Calif.

hat tip Reuters; Nok Nok image via Nok Nok

Tyfone provides secure mobile financial transactions and identity solutions. Its products include a mobile banking platform, a mobile wallet, identity management, contactless near-field communication (NFC), applications to bolster marketing campaigns, as well as complementary hardware products. Tyfone has over 50 issued and pending patents. By striking a partnership with the Portland-based company, the U.S. government can leverage the technology to serve national security.

In a statement, Technology VP at In-Q-Tel Jay Emmanuel said “We believe that Tyfone’s technology has the potential to address a wide range of complex government and commercial secure identity challenges.” Read the press release.

Fingerprint sensors are a staple of spy movies, but have yet to be an integral part of life for us civilians. However, as the use of mobile devices to exchange sensitive data, like payment information and documents, continues to explode, non-spies also require additional protection.

Biometric company Validity Sensors has completed its fifth funding round of $22 million. Intel Capital led the investment, with support from World Fair and DDS. The company announced raising the first $10 million tranche of a $20 million round on October 18, 2012.

Validity Sensors offers Natural ID solutions that authenticate users by their unique human characteristics, like fingerprints, voice, and face. Fingerprinting is the most effective method of verifying identity, and the flagship technology LiveFlex can securely replace or supplement passwords and pins.

This Series E will be funneled towards shifting the focus of the business. Whereas before, Validity Sensors shipped products to PC manufactures and was geared towards enterprise customers, it is now pivoting to the mobile and tablet market.

According to a March 2012 study by the Federal Reserve, 42% of consumers do not fully trust that their financial information is secure via mobile payments. By making consumers more comfortable carrying out transactions using their phones, the technology opens more opportunities for online commerce. Furthermore, as professionals continue to conduct business outside of secure company networks, there is a greater need to protect their data.

TeleSoft Partners took the lead on the investment, with full participation from previous investors Crosslink Capital, Panorama Capital, Qualcomm Ventures, and Venture Tech Associates.

This $22 million brings the total amount raised to $84.6 million. Validity Sensors is based in San Jose and was founded in 2000.

The update focused on two main areas of app permissions. The first gives users more control over the most private information on Twitter – direct messages. Apps that have access to your direct messages will have to ask for permission again. Any that don’t need that access will no longer have it, according to Twitter. The second now makes it very easily to understand what the app will be accessing when the user allows the connection to their accounts. For example, a list will appear (image) to inform the user of the activities that will occur, such as reading your tweets, updating your profile or posting tweets on your behalf.

Not everyone is excited about Twitter’s changes, including John Gruber at Daring Fireball, who notes that another announcement on Twitter’s API forum will make all third-party apps use OAuth for authentication. Right now, many of these apps use xAuth, an authentication that simply asks the users for their username and password within the application and only needs to store a key. With OAuth, the user will be taken to an outside web browser for authentication and then be returned — something that Gruber thinks makes for a confusing and bad user experience.

A deeper look by Gruber suggests why Twitter may be making this change. The added layer of complexity may discourage people from using these third-party apps. Conveniently, Twitter’s own applications won’t make users go through the OAuth process, which may give them a slight edge on the competition.

Twitter has also to some of the developer criticism, saying that it will push back the enforcement date for these to June 14, two weeks after the initial. As for whether this will make the experience worse for users, the company says:

We’re taking this step to give more clarity and control to users about the access a third-party application has to their account. The way users interact with Twitter’s clients is not expected to change.