Authy Focuses on Security, Allowing Developers to Focus on… Developing

AuthyDevHomepage

The question isn’t, is the password dead?, but rather, is the password enough?

Authy Two-Factor Authentication (2FA) offers a scalable secondary authentication method that provides protection beyond the basic user name plus password. Authy offers added security when building in WordPress, for SSH, and OpenVPN by offering an intuitive user experience that removes login friction while adding security.

The added layer of support protects against phishing, keylogger attacks, stolen devices, and unauthorized access, while keeping things simple for admins and end users.

Stats:

  • 11,000+ applications protected
  • 2 million+ end users served
  • Available globally
  • ~10 million customers between Authy and Twilio combined
  • Access to Twilio’s developer ecosystem of 700k

Products

AuthyX3

The company, which is owned by Twilio, offers three products:

  1. Authy OneCode sends a one-time verification code via SMS or automated voice call (illustrated far left)
  2. Authy SoftToken is an app that runs on any device and generates a one-time code (illustrated far right)
  3. Authy OneTouch allows the user to approve or deny the authentication with a yes/no response (illustrated middle)

Authy OneTouch is the easiest to use since it requires only the push of a yes button rather than entering a code.

OneTouch has a variety of use cases, including:

  • Account login
  • Large-value transaction validation
  • Multi-approval solution:
    • Escrow model (both parties need to approve)
    • Sequential approval (manager’s manager’s manager approval)
    • Primary user approval (parent approval of child’s request)

Authy OneTouch example

AuthyApproveDenyHere’s how Authy OneTouch works to authenticate a high-value money transfer:

  1. Sender enters the amount to transfer, in this case $5,300
  2. Authy sends an approval request to the sender (pictured right) as well as the recipient. The approval screen notes the institution, transaction amount, account number, and a request for the user to confirm or deny the transaction.
  3. If both parties accept, funds are transferred

For new or stolen devices, Authy offers the ability to add or replace devices to a trusted circle. This prevents fraudsters from confirming transactions using a stolen phone.

Twilio acquisition

Before it was acquired by messaging API provider Twilio in February 2015, Authy was a Twilio customer.

To preserve Authy’s product after the acquisition, Twilio incorporated Authy’s offerings into its developer portal to complement its own products. As Twilio’s founder and CEO Jeff Lawson states, “This isn’t a typical acquisition where the Authy team members will be absorbed into the borg and the product slowly forgotten. Nope. Just the opposite – we love the Authy product and are investing massively in expanding its footprint with developers of all kinds.”

The terms of the acquisition were not disclosed.

Authy’s Dan Killmer, Lead Solutions Architect, presented at FinDEVr San Francisco 2015:

 

 

FinDEVr APIntelligence

FinDEVr2016-NY-(Stacked)V2Are you building new financial technology? Be sure to check out coverage from our recent developer conference in San Francisco. We’re taking the fintech developer tool showcase to New York on March 29 & 30, 2016. Stay tuned for details.

Developer news:

  • Harvard Business Review: The Changing Economics of App Development.

The latest from FinDEVr San Francisco 2015 presenters:

  • Aberdeen Asset Management selects Markit to value hard to price assets for positions with limited market data.
  • Developer reviews Authy’s two-factor authentication.
  • PayPal among the companies highlighted in Inc.’s look back at Money20/20.
  • Thomson Reuters unveils its new desktop platform, grouping all its FX transaction venues into one single point of access.
  • Business Insider lists BehavioSec and Fidor, as “companies we wish were big the U.S.”
  • Silicon Slopes Podcast hosts Ryan Caldwell, MX CEO, as he discusses how to improve online banking.
  • Thomson Reuters unveils latest version of its tax technology platform, Thomson Reuters ONESOURCE.
  • Yodlee’s Ynext Unveils New Incubator Class.
  • Business Insider names, BehavioSec among the 12 hottest Nordic fintech startups.

Alumni updates:

  • Trulioo Selected as Runner-Up for Startup Canada Award for Innovation.
  • Xero reaches 600,000 subscribers in 180 countries.
  • VentureBurn features Entersekt CEO, Schalk Nolte.

Stay up to date on daily developments by following FinDEVr on Twitter.

FinDEVr Live: Authy Shows Two-Factor Authentication in 20 Minutes

AuthyHomepage

authy.com  |  @Authy

AuthyFor security-aware companies, Authy Two-Factor Authentication (2FA) provides a proven fast-to-implement, highly scalable, and reliable alternative to passwords. Offering an intuitive user experience and a powerful API for developers, Twilio’s Authy 2FA is used by more than 10,000 websites and apps serving millions of new economy and fintech consumers the way they like their apps: single touch with self service. Our cloud access solutions are beloved by our users and promise to bring 2FA to all apps and users.

Authy 2FA in 20 minutes:
In this session, we’ll share some of the pitfalls of 2FA projects and how Authy and Twilio tackle these issues. We’ll show you with live coding that no special security know-how is required to add SMS/Voice, SoftToken and Push-style 2FA to your project with as few as three lines of code using either REST, or a library for your favorite language. The Authy REST API takes care of the tedious details like key management, secure data structuring, intelligent SMS routing, client components, push notifications, and user self-service for phone number or device changes.”

Key takeaways:

  • Possible key reasons to switch to non-password Authy instead of building in-house
  • 2-factor authentication options offered by Authy can be done using their code or our language
  • How quickly Authy can be added to our apps and users

authy_findevr

Presenter:

Dan Killmer, Lead Solutions Architect
dkillmer@twilio.com | 917-426-4857
Dan Killmer is a technical pre-sales professional with 25 years of experience building customer confidence by demonstrating, architecting and proving technology solutions, encompassing a large spectrum of technologies.

FinDEVr Live: Authy Shows Two-Factor Authentication in 20 Minutes

AuthyHomepage

authy.com  |  @Authy

AuthyFor security-aware companies, Authy Two-Factor Authentication (2FA) provides a proven fast-to-implement, highly scalable, and reliable alternative to passwords. Offering an intuitive user experience and a powerful API for developers, Twilio’s Authy 2FA is used by more than 10,000 websites and apps serving millions of new economy and fintech consumers the way they like their apps: single touch with self service. Our cloud access solutions are beloved by our users and promise to bring 2FA to all apps and users.

Authy 2FA in 20 minutes:
In this session, we’ll share some of the pitfalls of 2FA projects and how Authy and Twilio tackle these issues. We’ll show you with live coding that no special security know-how is required to add SMS/Voice, SoftToken and Push-style 2FA to your project with as few as three lines of code using either REST, or a library for your favorite language. The Authy REST API takes care of the tedious details like key management, secure data structuring, intelligent SMS routing, client components, push notifications, and user self-service for phone number or device changes.”

Key takeaways:

  • Possible key reasons to switch to non-password Authy instead of building in-house
  • 2-factor authentication options offered by Authy can be done using their code or our language
  • How quickly Authy can be added to our apps and users

authy_findevr

Presenter:

Dan Killmer, Lead Solutions Architect
dkillmer@twilio.com | 917-426-4857
Dan Killmer is a technical pre-sales professional with 25 years of experience building customer confidence by demonstrating, architecting and proving technology solutions, encompassing a large spectrum of technologies.

FinDEVr APIntelligence

FinDEVr2015LogoV2DateAre you building new financial technology? Be sure to register soon for the only event exclusive for fintech developers, FinDEVr 2015, Oct 6-7 (fewer than a week away!) in San Francisco.

Developer news:

  • Thomson Reuters considers how APIs are changing the fintech narrative.

The latest from upcoming FinDEVr 2015 presenters:

  • FinDEVr San Francisco 2015 Presenters All Mapped Out.
  • PayPal unveils its chip card reader in the U.S.
  • Hyperwallet counts down to next week’s FinDEVr  developer conference.
  • Munich-Based Fidor Bank Launches in the UK.
  • OnDeck partners with Association for Enterprise Opportunity to facilitate up to $10 million in small business loans.
  • Aerospike releases version 3.6 of its NoSQL operational database.
  • TechCrunch: Klarna adds American Express as a partner.
  • Emerging Payments Awards selects Hyperwallet as a finalist for the Best Corporate/Government Payments Program award for 2015.
  • Braintree and PayPal reflect on their two year anniversary.
  • CNET features Personal Capital in a look at investment in robo-advisors.
  • Kaspersky’s blog mentions Twilio’s Authy as a way to protect you ID on a smartphone.
  • Avalara announces the availability of a benefits program exclusively for U.S. QuickBooks ProAdvisors® and their clients.
  • Celent advises banks to be more like Fidor Bank in order to remain relevant.
  • The Neutral Internet Exchange NL-ix will use Interxion Cloud Connect to connect to Microsoft Azure as a part of its new cloud connectivity services.
  • MX Lands $4 Million from CheckFree Founder Pete Kight.

Alumni updates:

  • Xero surpasses milestone of 100,000 subscribers in the UK.

Stay up to date on daily developments by following FinDEVr on Twitter.