Australian startup snapshot: CryptoPhoto
- 11 March, 2013 10:05
CryptoPhoto, a startup from Noosa, Queensland, has made a two-factor authentication service using photos displayed on a smartphone or paper card.
The pitch
CryptoPhoto aims to protect a website’s user accounts from hackers and malware, while lowering support costs for webmasters, according to CryptoPhoto founder, Chris Drake.
When a user attempts to log in, the website displays an image while an app on the user’s smartphone shows a grid of several images. The user confirms his or her identity by tapping the image on the smartphone that matches the picture displayed on the website.
Start-up tips: Airtasker’s Tim Fung
Start-up tips: Advice from start-up veterans
Start-up tips: Advice from start-up veterans part II
CryptoPhoto also sends users a paper card with a similar grid of images as a backup in case the user loses his or her smartphone. The card contains a code for each image that the user can enter into the website. This helps avoid the “lost token” security issue that has compromised other authentication systems, Drake said.
Selling it
End users can use the CryptoPhoto app for free if the website owner has paid CryptoPhoto. Alternatively, the website owner can pass on the costs to end users through an in-app purchase.
The price per user can range from a few cents to a few dollars depending on the number of website users, Drake said.
The mobile app supports iOS, Android, BlackBerry and Windows Phone.
Funding it
While CryptoPhoto has been under development for five years, the trading entity set up to do business has only existed for about a month.
Years ago, while Drake was contributing to work on the OpenID specification, he became interested in the problem of getting the user to trust that a website is legitimate.
“It seemed very easy to me,” but Drake couldn’t find anyone else who came up with the same solution. So he patented it.
Drake initially funded the business himself but a few months ago was awarded a grant from Commercialisation Australia. The grant is a $50,000 payment of which Drake must match 20 per cent. “It helps me find people to get the business running,” he said.
Drake also entered and was named a winner in a competition by Advance, which provides mentorship for startups. Advance flew CryptoPhoto to Silicon Valley for a pitching conference with potential investors.
Australia vs Silicon Valley
Drake praised the work of Brisbane co-working space River City Labs to help foster a “buzzing” startup environment in Australia.
However, Drake said Silicon Valley’s startup scene is “completely insane” by comparison.
“In the Bay Area, there are probably 200 new startups a week that are taking off,” he said. “The amount of competition for the very small funding resources or any kind of attention in Silicon Valley are absolutely astronomical.”
After Advance flew him to Silicon Valley, Drake decided to stay another two months in the San Francisco Bay Area to “absorb the Valley culture” and figure out the model for a successful startup, he said.
“I don’t know yet because I’m not a success, but I’m guessing it’s based on synergies between the venture capitalists that you manage to attract and the other companies that the same venture capitalist is already assisting.”
Help is waiting for Australians in Silicon Valley, he said. Drake met a group of successful Australian startups dubbed the 'Aussie mafia', which provided a co-working space and important introductions, he said.
“My business will always be [in Australia],” Drake said. However, Drake said a Silicon Valley presence will be critical to his business’s future success.
The customers Drake “most wants to land,” including Facebook, Google and LinkedIn, “are all in the Bay Area.”
Speaking out
Drake plans to speak at TEDx in Noosa this April about how he is “disgusted with the state of the security industry,” he said.
He aims to “contrast the difference between [setting up a business] legitimately like I’ve just done versus what I see hackers doing for their businesses.”
“Doing it legitimately nowadays is becoming less and less of a sane option,” according to Drake.
Scammers can set up a website for about $20 a month and accept payments via Bitcoin, he said. “If you’re an actual trading business, you’ve got to register your company” and comply with a long list of financial laws and regulations.
“The list of overheads is completely crazy, and if your business actually becomes successful, then you’re going to be stuck with patent trolls coming out of the woodwork to destroy you, anyway.”
Startup snapshots:
If you’ve got a startup or know about a cool new Australian business, please email Adam Bender at adam_bender@idg.com.au or on Twitter (@WatchAdam).