Creating a Life Without Passwords

With data breaches on the rise, David Snell and FusionPipe are introducing an advanced authentication solution that securely verifies user identity and keeps information safe

How long would it take someone to guess the password to your online bank account? What about the key to your work computer? Probably not long. In 2013, Experian reported that the average user has 26 online accounts but only 5 different passwords. We’re simply far too casual when it comes to password management, and today’s hackers have modern tech tools at their disposal. Armed with a sophisticated password-decoding app, hackers can run quadrillions of alphanumeric combinations to any account, and crack eight-character passwords in less than six hours.

That’s why David Snell and Peter Luong cofounded FusionPipe Software Solutions Inc. The Vancouver-based company has developed a unique encryption system that uses password-less personal device authentication. Customers use smartphones and wearables to access systems and data without entering credentials, while decoupled encryption methods protect data breaches and improve productivity.

“Saying you are for innovation yet stymieing it through conservatism or fear will not work.”

Snell started his career at IBM before taking executive positions at Oracle, Data General, and Nice Systems. At Oracle, he took a product to a new market in less than two years, opening five branches and hiring 85 people to drive $10 million in revenue in the first year alone and $18 million the next. Luong started the company in 2010—the year that Apple announced its first iPad—and when Snell met him in 2012, Luong was looking for the right cofounder to help build FusionPipe. “What Apple and other companies are doing in mobility and devices is changing security because of the constant growth in the amount of data and the amount of devices talking to each other,” Snell says. “We saw a great opportunity to enhance security solutions in a unique way.” FusionPipe’s leaders estimate that 80 percent of breaches (which bring losses of $400 billion per year) are due to bad password policies and implementation.

And there’s a lot on the line when it comes to corporate data security. A Russian bank-hacking heist, discovered late last year, saw institutions in 30 countries lose hundreds of millions of dollars. The savvy tech criminals reprogrammed bank ATMs and hacked online platforms to steal the money and also recover consumer data. Other high-profile data breaches at companies such as Target, Sony, and Anthem have led to top officials resigning or accepting termination.

FusionPipe, therefore, has created a better way for companies to protect their data and assets. “Our solution includes a secure container that protects sensitive data, a wireless communication channel, and password-less authentication,” Snell says. He and his partners developed the unique technology in university laboratories with the world’s top experts. The complex system decouples encryption keys, taking the information that unlocks data from one device and moving it to a secondary device, such as a smartphone or smartwatch. Thieves who steal the iPhone with the keys don’t have the data they need. Those who steal the original data are missing the keys. If a theft occurs, the true owner can simply wipe his or her system clean and start anew.

Snell says the system is proving valuable in the marketplace. FusionPipe is now in the proof-of-concept stage with a utility, two mobile operators, and a pharmaceutical manufacturing company. It will commercialize its solution in 2015.

Companies with field-services workers who share vehicles and computers are using FusionPipe’s solution to audit who is using machines and accessing data. The software automatically authenticates each user, and can do so based on physical proximity through Bluetooth Smart technology. The methodology is also valuable in health care because it can replace the number of USB drives and smartcards that doctors must carry to access patient data. Studies show that doctors waste about 45 minutes per day authenticating themselves to systems, and their hospitals face multimillion-dollar fines for losing patient records. Snell says FusionPipe can reduce authentication time for each health-care professional, and cumulative savings will dramatically reduce costs and ultimately improve patient care.

These innovations were born because leaders at FusionPipe were willing to take risks. “We encourage our employees and partner universities to work with us on things that might never see the light of day, because even failed projects help us understand new approaches to what we do,” Snell says. Now engineering students are using wearable armbands and testing how gestures can impact authentication. Students at Simon Fraser University are studying behaviour anomalies and building a database that tracks a user’s exact movements. Using this information, FusionPipe can build a system that recognizes changes in how a user swipes a smartphone, for example. Abnormalities would then trigger alarms and require additional authentication for access.

Today, FusionPipe has one published patent with a positive Canadian Intellectual Property Office opinion letter and one provisional patent submitted. Snell, who has been through several big acquisitions in his career, says his company is talking to major players in the tech world. For now, he’ll focus on attacking multiple verticals while helping FusionPipe add to its suite of cybersecurity solutions. In a world where the need for mobile data security is going up, Snell and his colleagues are leading the way in user authentication.

5 Questions with David Snell

Is there a technology, trend, or idea that is driving your company forward?
Data and identity security is high on everyone’s corporate agenda. We think that achieving balance between security and authentication convenience is a big thing that will dictate the level of our success over the next two years or so. The use of personal devices—something that people already own and use on a daily basis—will play a pivotal role in solving the dichotomy of increasing or at least maintaining security but keeping authentication convenient.

How do you innovate on a day-to-day basis?
Open communications, multidiscipline teamwork, and brainstorming sessions are key to ensuring creative juices are flowing freely through all layers of the organization.

Where do you hope this innovation will lead you in the next five years?
Being the “gorilla” and leading brand in innovative, secure authentication solutions worldwide by changing the way everyone authenticates, and getting totally rid of passwords to provide convenient yet secure authentication with personal devices and wearables.

What defines an innovative company in the 21st century?
A company that is always pushing boundaries, continuously exploring new ways, new ideas, new technologies, and adaptations of existing ones to improve over what has been invented and done before without ever losing sight of your core business and who you are as a company.

How can a company encourage innovation without breaking the bank?
Innovation is dormant in all of us but needs to be brought to bear on a specific corporate goal. Human capital can be encouraged to help out, if encouraged openly and at all levels of the organization. Saying you are for innovation yet stymieing it through conservatism or fear will not work. Those who are part of the team have the most to gain, so harness this free asset!