July 9-10, 2013
San Francisco, CA

Early Bird Tickets on Sale

Last week I bought 13 laptops from WalMart.com. All were pretty cheap, between $500 and $700, but 13 of them added up to a rather hefty $8,000 bill on my MasterCard.

There were only two problems: I didn’t buy them, and they weren’t being shipped to my house.

I’d been hacked. Somehow, somebody in Sacramento, Calif., was going to get 13 Dell Inspirons at my expense. Lucky them … and unlucky me.

But not only unlucky me — a staggering one in four Americans report being a victim of identity fraud, according to a new study by Jumio, a leading credit card validation service for web and app-based commerce. And 83 percent of us worry about identify theft.

Source: John Koetsier

Fraudulent WalMart.com orders charged to my account

That’s a problem, because commerce is increasingly going mobile. Two-thirds of us own a smartphone and/or a tablet, and most of us plan to use them to buy things in the near future. A full 48 percent of us use our mobile devices to check something as sensitive as our bank balances. But as we do, we’re opening ourselves up to even more avenues of fraud and scamming.

“Users may be willing to accept risk now in favor of convenience, but this tolerance will weaken as fraud continues to grow,” Daniel Mattes, founder and CEO of Jumio, said in a statement. “The industry needs to get on board to protect our customers as much as the customers themselves need to take greater precautions.”

Investigators in my case suspected a phishing attack, in which you get an email purportedly from an online store that leads you to a fake but real-seeming site that then takes your credentials, but I had not clicked on any real or fake WalMart emails.

And so the only greater precautions that would have been useful would have been perhaps using unique passwords for each e-commerce site I use.

The problem of online and mobile security is a growing one. According to VISA, mobile commerce fraud was $2.7 billion in 2010, $3.4 billion in 2011, and $3.5 billion in 2012. And Cybersource says almost a third of all retailers experienced mobile fraud in 2012.

So what’s the solution?

Perhaps biometrics. Apple is said to be building a fingerprint sensor into the next iPhone model, the iPhone 5S. And Jumio’s survey says that 74 percent of us don’t feel that simple username/password security is sufficient. It certainly didn’t protect me — I was only fortunate enough to notice 13 thank-you-for-your-order emails from Walmart.com.

But biometrics won’t be available on every device, and won’t be an industry-standard smartphone feature for some time to come, if ever.

Meanwhile, according to Jumio, 69 percent of us would feel more comfortable sharing our personal information online, and buying via mobile, if there were more secure ways of storing that data online.

Source: Jumio

Mobile purchasing and banking activity

“For mobile to reach its full potential, the industry needs to adopt more consistent and accurate ways to identify and authenticate consumers,” Mattes said. “Only then will we be able to truly combat fraud.”

The question remains: How exactly that should be done?

The mechanisms for catching fraud after the fact, and protecting consumers from the consequences, are mostly in place. MasterCard canceled my credit card, WalMart canceled the transactions, and no harm was done. And big data solutions that the big credit card issuers including VISA and American Express employ to track consumers’ spending habits and suspend cards if odd or suspicious spending patterns start to emerge limit losses when the fraud proceeds successfully.

But that’s not the case every time: web and mobile security has a last-mile problem that isn’t going away any time soon.

photo credit: ToastyKen via photopin cc

Tarun Wadhwa is a research fellow with Singularity University and a researcher with the Hybrid Reality Institute.

On Saturday, The Washington Post Editorial Board jumped into a center of a decades-old debate by declaring their support for the creation of a universal national identity card.  Their argument, that the problem of illegal immigration cannot be solved with enforcement alone, is sound.  But their conclusion, that these problems can somehow be fixed by mandating a new type of document, is both shortsighted and misguided.

In reality, the process of implementing an American national identity card would be an expensive logistical and bureaucratic nightmare – and its usage alone wouldn’t bring about the types of reforms that legislators have been promising.

That’s because the problems with our broken outdated identity systems run deeply; they cannot be fixed with the “Band-Aid” approach that Washington is so fond of using.  The foundation of our system is built on top of a numbering scheme that was created in the 1930s for an entirely different purpose.  Adding strict requirements for a new identity document on top of an already dysfunctional system wouldn’t be anything more than a superficial, political solution.

Instead of spending the money to create new government departments to manage, protect, and update the records of over 300 million people, we’d be far better served by modernizing, cleaning, and standardizing the systems and databases that are already in use.

In this country, we have given the responsibility of maintaining records and issuing identity cards to state and local governments, and let each handle it their own way.  As a result, our nation’s systems are only as strong as their weakest link.  This practice was supposed to foster innovation, but instead it has lead to messy patchwork of restrictions and regulations that has undermined the credibility of the entire system.

The Bush Administration realized that creating national standards was critical to shoring up the whole system.  With the REAL ID Act of 2005, they instituted a de facto national identity system by mandating that records be centralized and state-issued IDs be brought up to a common standard.  When the legislation was ultimately implemented, it was done with virtually no public debate or input from important stakeholders (like the state governments who now have to deal with the new requirements).  How these programs are implemented sometimes matter more than how they are designed – unhappy state legislatures are still dragging their feet to meet the requirements over seven years later.

But there’s a lot more that can be done to fix the system now besides just making new laws.  In the last decade, several technologies have advanced to a point where they can now be used quite effectively to help state and local governments overhaul their systems.

Some of the largest inefficiencies in our systems occur because information stored in different government databases is not being shared properly.  With the plummeting cost of storing and transmitting data, sharing information has become much more practical.  Biometric identification is alsohelping counties to automatically weed through the fake, duplicate, and fraudulent entries with a speed and precision not before possible.  US-VISIT, the Department of Homeland Security’s biometric entry program, has also shown how this technology can scale and be effective in every day usage.

These changes can be deployed immediately, while a new identity system can take a long time to gain traction (if it ever does at all).  The longer a system is in place, the harder it is to change, and that is especially true when you’re dealing with something at the core of so many basic government functions.

At the same time, the very basis for identification systems are changing from improving government functions to enabling citizen services.  The identification needs of today’s citizens are more sophisticated than ever before – a physical card with their name is no longer sufficient; citizens need a portable, secure way to identify who they are both online and offline.

We may be reaching a point where the systems behind an identity card are becoming more important than the token itself.  The question of what type of card you are using is becoming more irrelevant everyday.  If we can improve our systems, we may be able to reap many of the benefits of having a national identity card without the burden or cost of actually having to implement one.

Expect legislators to tell us in great detail why this is not possible.  They will point to how divided we are, how large our population is, and explain to us that we’ll be fine if we don’t take action.  But while we are making these excuses, countries in the developing world are doing incredible things with their ID systems.  India is collecting biometric data from over one billion residents to issue them each a unique identification number.  Indonesia is made up of 17,000 islands – they just enrolled over one hundred million people into a new identity system in less than a year.  Ghana just broke a world record by biometrically registering and verifying 13 million people in just 48 hours.

Improving our identity systems should be a national priority – regardless of what happens with immigration reform.  Every single day people are inconvenienced, marginalized, and find themselves victims of identity theft because of our country’s faulty identity systems.  The American people deserve better than to be presented with a false choice.  They shouldn’t have to choose between trusting in a relic from the last century that keeps failing them, and being forced into carrying an experimental document they don’t need.

photo credit: Christi Nielsen via photopin cc

[This post is part of a series produced for VentureBeat by Singularity University.]

To combat corruption, a small group of entrepreneurs in the Indian government called the Unique Identification Authority has been rolling out a program to use biometrics — a technology that was once a hallmark of science fiction — to accurately identify its 1.2 billion residents.

At present, India’s departments work in isolation, maintaining a separate database to track delivery of government services to residents. Over time, systematic corruption and mismanagement have bred bad data, false information, and outright fraud. Poor laborers and migrant workers, in particular, are forced to travel far from their homes to collect their wages and benefits, having to dole out bribes to predatory middlemen along the way. A study by investment group CLSA estimated that, nationwide, of the $250 billion in subsidy and social spending on select programs over the next five years, over 40% will never make it to its intended target.

The biometrics program, which is nationally funded, has been ongoing since 2010 but just recently completed the first stage of enrollments, adding its 200 millionth enrollment several weeks ago. That’s already a population larger than any European nation.

Under the program — which will use iris scans and fingerprints – each man, woman, and child will receive an “Aadhaar” (meaning: foundation) 12-digit unique identification number over the next few years. For the poor in India, this promises to end a vicious cycle in which people cannot prove who they are and are thus denied what they are supposed to receive.

Biometric identification has been around for decades, but it has never been used on such a large scale. The technology must withstand India’s extreme weather, difficult geography, and multiple separatist movements. Large portions of the country lack reliable electricity, not to mention Internet connectivity. Developers must find a way to ensure high quality information across tens of thousands of enrollment centers. If these challenges can be overcome, there is a major opportunity to modernize and reshape the nation, and to set a precedent for the rest of the world, not only by making hundreds of millions of people recognizable by society, reigning in corruption, and improving government services but also by enabling a new mobile payment system.

Aadhaar numbers can serve as the key to bringing together various databases to clean out records. Electronic transfers can replace the inefficient and corrupt cash-and-goods distribution systems currently in place. Indians, for the first time, will be able to prove their identity in a matter of seconds with biometric scanners, regardless of location. And with close to a billion mobile phones in the nation, these Aadhaar numbers can serve as a gateway for India’s masses into the financial system.

The same systems used for transferring benefits can be used to create an economy based on mobile transactions. Two villagers could send each other money with little more than their identity numbers and an Internet connection. With an open platform, the Unique Identification Authority is inviting entrepreneurs to come build their own applications and uses to tackle the country’s multitude of data issues. Health insurance is one area that could be improved with this program — it’s currently rare in India because of how hard it is to locate and verify a person’s records.

The goal is to enroll 600 million Indians in four years. Many have expressed skepticism that they will reach their target, pointing to the numerous examples of costly, failed national identification programs around the world.  But with India already having reached the 200 million mark, it may yet quiet those naysayers.

In the process, India has industrialized the biometric space. Economies of scale have already made a drastic impact on the price of the technology. RS Sharma, Director General of the Unique Identification Authority of India has said that the agency has been able to collect each resident’s information for around $3, while it reportedly cost the UK more than $150 per person in its failed exercises just a few years ago. For most of the developing world, this would be affordable to implement.

However, the same systems that can bring accountability and transparency can be used for mass-surveillance and digitized discrimination. Privacy laws are still outdated and ineffective, and politicians have yet to overhaul the systems of enforcement. With so many different government agencies now able to store and access personal information, the potential for abuse looms large. The possibility of human error is present at every step, and there are questions whether India’s people and institutions are ready for such a dramatic change. Biometric identification has long been used for security purposes — now India will show the world how it can also be used to offer hundreds of millions their greatest chance at inclusion and a prosperous life.

Tarun Wadhwa is a research fellow with Singularity University, senior research associate with the Think India Foundation, and a researcher with the Hybrid Reality Institute. He is currently completing a book analyzing the impact of the global rise of digital identification systems. You can find out more about him on his LinkedIn page.

So you need to identify yourself. You could have your fingerprint professionally authenticated. You could also have your iris scanned. How about using your smartphone to read blood patterns in your eye? EyeVerify is bringing that technology to your iPhone in 2013.

“We’ve been using passwords and tokens for centuries, and that worked centuries ago,” said EyeVerify chief executive Toby Rush in an interview with VentureBeat. “It failed us… We need something better.”

While finger printing and iris scans have proved to be accurate ways to identify an individual, these methods require extra hardware to process the data and pattern match. The impressive part of EyeVerify is that it can match the patterns of the blood cells in your eyes to a profile that lives within EyeVerify all through the smartphone camera.

“What if you could put a security layer on for your eyes only,” said Rush (anyone else see the pun?). “It’s pure software.”

The technology is dense, but seemingly user friendly. You access it through an app that is using EyeVerify’s service, it will not be its own, stand-alone application. These applications could include banking apps, perhaps proprietary documents, and more. When the identity checker is open, you hold up the camera to the person’s eye. It will detect if the eye is on a living person and then apply green cross hairs to the center of the eye on the screen. A man’s voice with then instruct the person to look up and to the left, when the app will take a picture of the eye and then up and to the right, when the app will take another picture.

These images are then matched up against a template that was previously created of the vascular makeup of your eye. If there is an approval, EveVerify’s servers send back a yes and the app opens up.

Companies such as Google’s Android are using bio-security features, such as face recognition, to allow access to the phone itself, but Rush doesn’t believe EyeVerify will ever be a product that opens someone’s phone. Instead, the company is focusing on the financial industry, healthcare, and other high-security sectors.

“People just aren’t that security conscious, but there is a subset of [use-cases] where people are security conscious, like Mint,” said Rush, referring to Intuit’s financial planning app that syncs up various banking and investment accounts.

Rush told VentureBeat that EyeVerify has taken on $1.4 million in funding to be used to deploy five to seven pilot tests this summer. The pilots will be in a number of different sectors. In order to introduce the user experience to the consumer market, the company is thinking about creating a password storing application. This app would house all of your passwords for the many accounts Internet users hold today but would only be accessible by scanning your eye-blood.

Security is a hot-button issue, as almost everything in our modern lives is touched by the digital world. It’s now possible more than ever for someone to input a username and password and pretend to be someone they’re not. In order to feel more secure, people are looking at biometrics options such as EyeVerify. Other biometrics companies, such as Clear, are looking to target those highly private sectors. Currently, Clear uses a profile of you made up of your drivers license, a head shot, and a fingerprint or iris scan to quickly authenticate your identity and get you through TSA’s security lines.

EyeVerify’s round was led by Kansas City venture fund Think Big Ventures, with participation from MidAmerica Angels and Nebraska Angels. The company also plans on hiring more, with 90 percent of those hires going toward software developers. EyeVerify launched in January 2012 and is headquartered in Kansas City, Kansas.

First image via Shutterstock

The test was conducted by Tom Owen, of Owen Forensic Services LLC and chair emeritus for the American Board of Recorded Evidence, who was contacted by the Orlando Sentinel. Owen used a software called Easy Voice Biometrics to compare Zimmerman’s voice to the 911 call screams. ”I’ve run it against 300 voices and it was better than 99 percent in all cases,” Owen told MSNBC.

When Owen ran Zimmerman’s voice against the scream on the 911 call he got a 48 percent match. He would have expected a more than 90 percent match if the voice was Zimmerman’s, as the audio on the call is quite good. Owen said he couldn’t compare the screams to Trayvon Martin’s voice, as he did not have an audio sample of the teenager.

Security firms in the tech world have begun to use voice biometrics as a way to protect sensitive data, requiring an authorized user to speak a command before accessing a certain set of files on a desktop or smartphone.

You can watch a video of Easy Voice Biometrics in action below.

• Teva acquires protein-therapeutic maker CoGenesys for $400M (release)
• ViewRay takes in $25M for MRI radiation-therapy guidance (release)
• NovaMed, Chinese clinical-research outfit, receives $14M (release)
• Progentix Ortho raises first funding round (release)
• Medical imaging co. Point Biomedical recaps with $25M (VentureWire)
• Lumidigm takes in $7M for optical-fingerprint ID systems (VW)
• Medical-software co. Compressus aims to close $14M round (VW)
• Channel Medical Partners aims for $150M med-tech fund (VW)
• Spinal-implant maker Scient’x names Michael Huggins as CEO (release)
• Specialty pharma Cardiokine names Manuel Worcel as CEO (release)
• Respiratory-disease co. Pulmatrix appoints Robert Connelly CEO (release)

Teva acquires protein-therapeutic maker CoGenesys for $400M — CoGenesys, a Rockville, Md., protein-drug biotech spun out of Human Genome Sciences in 2006, has been acquired by Israel’s Teva Pharmaceutical Industries for $400 million in cash. The companies’ joint release is here.

CoGenesys, like its former parent HGS, is focused on the development of protein and peptide drugs for a variety of conditions. The company’s two lead drug candidates aim to treat neutropenia, a depletion of white blood cells that puts people at risk of serious infection, and heart failure.

Teva said the acquisition advances its recently revised strategic goal of pursuing biotech drugs (“biopharmaceuticals”) and generic biologics (“biogenerics”). It’s not entirely clear whether Teva is interested in pursuing CoGenesys’ actual drug pipeline or simply putting its manufacturing technology to use in Teva’s existing international biogenerics business. No biogenerics have been approved for use in the U.S.

ViewRay takes in $25M for MRI radiation-therapy guidance — Gainesville, Fla.-based ViewRay, a developer of MRI-based cancer-radiation systems, raised $25 million in a second funding round. Investors included OrbiMed Advisors, Fidelity Biosciences, Aisling Capital and Kearny Venture Partners.

ViewRay claims its system will be the first to offer real-time “volumetric” imaging of tumors concurrent with radiation treatment, which ostensibly allows radiation oncologists to compensate for organ movement. The funding will go for additional staff and the manufacture and validation of advanced prototypes of the system. Our previous coverage of the company is here.

NovaMed, Chinese clinical-research outfit, receives $14M — NovaMed, a Chinese startup that performs outsourced commercial and clinical-trial management for Chinese and international drug companies, raised $13.8 million in a second funding round. Investors included Fidelity Asia Ventures, its US affiliate, Fidelity Biosciences, and Atlas Venture.

Founded in 2005 by a former AstraZeneca executive and a Chinese Internet entrepreneur, NovaMed essentially acts as a middleman for companies with drugs they’d like to sell or test in China. Depending on the client, NovaMed says it will do everything from running clinical trials and shepherding drugs through the Chinese regulatory process to manufacturing, distributing and selling pharmaceuticals.

The company had previously raised roughly $6 million. NovaMed said it will use the new funding to expand its operations and also to in-license new drugs for deveopment or sale in China.

Lumidigm takes in $7M for optical-fingerprint ID systems — Lumidigm, an Albuquerque, N.M., developer of multispectral fingerprint scanners, raised $7 million in a third funding round, VentureWire reports, citing a regulatory filing. Investors included Epic Ventures led the round, joined by new investor Sun Mountain Capital and existing investors Fort Washington Capital Partners, Motorola Ventures, Draper Fisher Jurvetson New England and Intel Capital. Lumidigm’s technology aims to read fingerprint information both from the skin surface and from subsurface layers to improve accuracy and foil attempts to spoof the technology.

Medical-software co. Compressus aims to close $14M round — Compressus, a Washington, D.C., software maker whose products link hospitals and doctors to government agencies for public-health monitoring and emergency response, is looking for an additional $1.3 million to close out a $14.3 million third funding round, VentureWire reports. The company, which was founded by three lobbyists, has so far raised more than $27 million from angel investors.

Channel Medical Partners aims for $150M med-tech fund — Channel Medical Partners, a Skokie, Ill., VC firm focused on medical-device investments, aims to raise a $150 million second fund, VentureWire reports. The new fund would be more than triple the size of its $40 million initial fund, raised in 2001. Channel aims to fund 12 to 15 startups with the new cash, and will concentrate on device firms, although it is open to investing in diagnostics, drug delivery and “specialty supply” companies as well.