Startup Of The Week: TrusteerA new approach to security focuses on protecting online banking and e-commerce.
The major flaw of most security software is it can't keep pace with new malware. Trusteer doesn't even try. "We assume the desktop is compromised," says CEO and co-founder Mickey Boodaei. Trusteer's software protects passwords and account numbers rather than trying to seek and destroy infections.
Boodaei tackles online banking security
Tel Aviv, Israel
Mickey Boodaei, co-founder and CEO; Amit Klein, co-founder and CTO; Shmulik Regev, co-founder and chief architect
ING Direct, Muriel Siebert
HOW IT WORKS
Rapport is a desktop agent that performs multiple functions, including encrypting all the keystrokes from the keyboard driver to the browser to thwart keyloggers. It also restricts access to the browser and browser APIs. Any attempt by a browser add-on to interact with the browser must be allowed by the software's rule set. Finally, the software authenticates the e-commerce server, whether by checking a trusted list of IPs, by reverse DNS lookup, or by using a secure DNS server hosted by Trusteer.
Trusteer's security software doesn't try to identify malware. Instead, it protects Web transactions by monitoring browser processes so malware can't log keystrokes, redirect the browser, or inject transactions. In addition, Trusteer doesn't sell to end users. It contracts with banks and e-commerce companies, which in turn offer the software to their customers.
Trusteer faces a couple of major hurdles. First, its software has to be nearly flawless, both in operation and construction. Second, banks usually don't provide security software to customers because they risk liability if something goes wrong. But the pain inflicted by criminal malware may now outweigh the risk. Trusteer's product is compelling enough to get in the labs of potential customers, where it will be pounded mercilessly. If it can run the gauntlet, look for an acquisition within two years.
CEO and co-founder Boodaei was VP of EMEA sales at Imperva, a Web and database security vendor. CTO and co-founder Klein was chief scientist at security vendor Cyota, which was acquired by RSA.