An Australian security-technology entrepreneur is hitting the streets of Silicon Valley to keep up with surging interest after his company's secure-computing technology this week won its category in the Silicon Valley Forum's highly-competitive World Cup Tech Challenge.
A reworked version of the core technology that CEO Graeme Speak and his Perth-based team developed to launch hosted-desktop provider GoPC, the new BankVault offerings have been designed to offer highly-secure transactions through a Web browser.
Originally conceptualised as a way to help laggard Windows 98 users conduct secure online banking on an inherently insecure platform, the cloud-based BankVault service is a security-focused version of GoPC technology that sets up and rapidly decommissions virtual PCs for short-term use.
Each time a new system is spun up, the template-driven service assigns it completely new operating parameters including a random IP address that logically isolates the user from whatever online resources they are browsing to. When the session is done, the virtual machine is spun down and deleted – erasing the user's history and any trace of the fact that they were online.
This approach – which abstracts the online-transaction interface from the user's own device and, more importantly, keeps the secure-transaction stream away from ZeuS and similar banking Trojans, man-in-the-middle attacks or other malware techniques – offers an alternative to conventional security approaches that focus on security-hardening full-scale PCs with persistent storage and every chance of harbouring unseen and unknown malware that can cause problems down the track.
“The whole industry is trying to do clever things to harden machines that have an array of different software products from different vendors,” Speak told CSO Australia. “Nobody is able to take responsibility for the security of this solution.”
“We have gone the opposite direction by providing an absolutely secure environment while you're doing those online transactions. There is no way a hacker could get in to see what you're doing during those 5 minutes or so – and when you're finished, it evaporates without a trace. You can't hack what doesn't exist.”
Built on a stripped-down Linux core and available in USB-carried, Web-delivered or app-based versions, the BankVault technology won plaudits at the 2016 World Cup Tech Challenge – held on Microsoft's Mountain View campus – which attracted entries from over 50 countries that were winnowed down to a final roster of 23 entries in six categories.
BankVault faced off in the Fintech category against Danish blockchain innovator CapDesk and French remote device-management vendor FAMOCO and the event's venture capital-heavy judging panel ultimately chose the “unique new tool that stops hackers at the source” as the category winner. The win has already opened doors for Speak, who has previously secured some $5m in venture capital for the business and is now looking to take its cloud-based architecture global with further backing.
And with banks increasingly evaluating their exposure to customers' security postures, he's confident that the security technology will continue to find enthusiastic supporters. “As long as these security considerations are continuing – and we know cybercrime is expanding exponentially at the moment – we know there are big problems,” he said.
“We're finding that people are really concerned, and want to do something about it.” The win validates Speak's earlier decision to push the technology into Silicon Valley, where a thriving startup culture has opened doors more quickly than in Australia's risk-averse investment community.
Investment “can happen here so easily”, he said, while Australian investors “are risk averse because so many people have made so much money out of mining and property development, and that's where the wisdom is.”
“I've been pushing this barrow uphill for 20 years now,” he said, “but as we pivot into cybersecurity now, everyone gets it. I can talk to anybody about this and they get it with half a sentence.”