Melbourne ID verification start-up iSignthis has caught the attention of the Singapore government. Photo: Patrick Cummins
An Australian online security start-up pushing hard into an area of intellectual property dominated by PayPal has won the backing of the Singapore government.
Melbourne identity verification specialist iSignthis has picked up a key role in the Singapore government’s rollout of online security tokens to its 5.3 million citizens after late last year being awarded patents likely to catch the attention of PayPal’s lawyers.
Singapore government-owned Assurity Trusted Solutions has entered a strategic alliance with iSignthis to provide identity verification for its OneKey two-factor authentication token. The government intended the token to be used as a national standard..
As part of the agreement it has also picked up rights to supply the tokens and its security network internationally in other markets. Assurity plans to distribute the OneKey token as a smartphone application for Android and iOS devices.
iSignthis chairman Tim Hart said the company had set its sights on south-east Asia and Europe.
“The citizens and residents of Singapore, the EU, most of south-east Asia, Australia and New Zealand will benefit from [evidence of identity] and [two-factor authentication] services being executed online. We look forward to building on our strategic alliance with other products and services going forward,” Mr Hart said.
iSignthis is the brainchild of John Karantzis, the former chief executive of failed Australian online movie start-up Reeltime Media. Mr Karnatzis founded the company using his own funds in 2011 and is its executive director. He said iSignthis had taken on private investors since the US Patent Office granted it patents for its identity verification process, which bears strong similarities to that used by PayPal for its online payment service. PayPal does not currently license the system to third parties, according to Mr Karantzis.
Like PayPal, iSignthis uses a process of depositing sums of money into a bank account nominated by users seeking online identity verification and then requiring them to report them.
Mr Karantzis said that, like PayPal’s system, iSignthis could reach to anyone in the banking system but differed from PayPal by taking a funding transfer and splitting it into two payments using a set ratio. The customer then reported the split to verify their identity, exploiting the verification processes already applied when the account was opened. Mr Karantzis said the use of the ratio was also distinguishing and allowed transactions to be conducted across currencies more easily.
However, he conceded he was playing close to PayPal’s territory: “If you conceptualise the intellectual property space, we would sit hard up against their patent claims. We’ve been examined by the US Patent Office, and the Australian and the European ones, and we’ve gotten through.
“I’ve only been busy since December last year, knowing that we’re not going to get sued out of existence by PayPal.”
Founder of computer security consultancy Threat Intelligence Ty Miller warned iSignthis could not be considered a silver bullet in identity verification.
“The trust associated with the iSignthis solution has an inherent assumption that financial institutions systems and processes have been implemented in a reliable fashion,” he said.
Mr Miller said bank verification systems can be bypassed and compromised bank accounts can be bought in underground markets.
iSignthis has set its sights on the European Union following the European Central Bank’s recent decision to mandate stronger transaction authentication in line with global efforts to combat money laundering and terrorism funding.