Cyber Spotlight: Phone Pass

October is Cyber Security Awareness Month, and we’ll be profiling some of the industry superstars to help bring attention to this very important sector. Canberra’s home to some some of the most innovative leaders in cyber the world over — get to know them here!

This week we spoke to Shantanu Bhattacharya, Co-Founder, Director and CTO of Phone Pass. Learn about what they do, what they’re proud of and why Canberra is the best place for them (and you!) to do business.

Tell us about your company. When and why was it founded?

Cyber security is increasing in importance with every passing day. Greater than 60% of all cyber attacks start with identity theft. Therefore, Silicon Biometrics was invented to address the issue from a completely different approach. We formed Phone Pass to solve at least some cyber security issues from a completely different angle. Some examples are ransomware attacks, vulnerabilities in organisations due to a ‘work from home’ environment, and digital identity fraud.

What products and services do you provide?

Silicon Biometrics is at least 10 million times more accurate than the gold standard of digital identity — human biometrics. It’s also much cheaper than the de facto standard of machine identity, PKI.

So, Silicon Biometrics can solve the following problems in cyberspace, among many others:

  • Supply chain provenance in complex electronic-based devices. For example, when manufacturing an aircraft, it’s indispensable to ensure all parts originate from trusted sources and none are fraudulent. Silicon Biometrics can ensure this. Likewise, manufacturing cars, trucks, yachts, ships, submarines, tanks, missiles, etc., need similar assurance.
  • Application of blockchain to various industries is becoming increasingly popular. However, during each of these applications, there are parts different from secure blockchain nodes. Silicon Biometrics helps in ensuring secure non-fraudulent communication between blockchain and non-blockchain parts. For example, smart contracts are executed in real-time in the utility industry between blockchain nodes and smart meters at various homes.
  • Maintaining a large fleet of vehicles requires managing physical key fobs that can be subject to loss and breakage. However, if one uses electronic key fobs, it can be stolen by simply copying it. Silicon Biometrics solves this problem by associating an authorised device to hold the electronic key fob and operate the vehicle. For example, car rental companies, organisations with a vehicle fleet, military with tanks, ships, etc., can manage their fleet using electronic key fobs. Car rental companies can provide additional conveniences and features to customers as handing physical key fobs isn’t required. One doesn’t even have to manage locked key boxes for holding physical key fobs anymore.
  • Silicon Biometrics can provide a highly accurate and cost-effective two-factor authentication solution.
  • SIM-swapping fraud can be eliminated by the use of Silicon Biometrics in telecom carriers.
  • Silicon Biometrics can reduce the vulnerability of IoT security.

Besides the above, Phone Pass also provides a new way of thinking about protection from ransomware and safely working from home, even when BYO devices are used for work.

Tell us about the skillset and dynamic of the team.

The Phone Pass senior management team has more than 50 years of combined cyber security experience.

I secured the TCP/IP stack early in my career when it wasn’t free to do. This TCP/IP suite won 17 international awards in the US alone. I was the Chief Architect of a PKI-based product suite that the US and Belgian Presidents used to sign their respective electronic signature bills. Both of these experiences were part of a startup. I was the Head of Architecture Advisory and Review Board in Siemens for more than 5 years. I currently advise Federal Government agencies and large conglomerates in Australia on cybersecurity and am the inventor of Silicon Biometrics technology. I completed my post-graduation in Computer Science with Outstanding Grade (CPA system) and have completed the basic course for non-executive directors offered by the Australian Institute of Company Directors where I was one of the few chosen for the Directors Pipeline program. As an innovator, I have more than 20 invention disclosures and wrote the file system for India’s first parallel computer, called PARAM, that was architected based on transputers that intended to run Occam as its primary programming language.

Phone Pass’s Co-Founder Denis Jorgensen has been part of two startups and had many exciting roles. He successfully exited both and was the CEO of one of them. Denis started as an army officer and has completed electronic and computer engineering MBAs. He has strategic, tactical and operational expertise, with experience from the highest levels of Commonwealth government, senior public service and major US corporates, down to service desk representatives. He was a successful private sector entrepreneur with significant corporate and technical mergers, fundraising, acquisition and divestment experience. As CEO, he initiated and managed the trade sale of UberGlobal Pty Ltd to Melbourne IT Pty Ltd in 2015. He built and certified six separate gateways and infrastructure to PCI DSS, Australian Government Information Security Manual and UN IT Security standards. He was the leader of the team that developed and certified the Australian Government FEDLINK secure IP network. He also operated over 2,500m of protected data centre space across four facilities, including managing several data centre migrations.

Tell us about the current cyber landscape in Australia.

Canberra has a vibrant cyber security community, and there’s no dearth of innovative ideas or innovators. The innovation support system (like government support and the investor community) is still in the early stages and can benefit from improvement. However, it would be incorrect to single out Canberra in this respect. Australia, in general, needs a boost in the startup investor ecosystem and community. Australia could adopt some of the measures that led to the success in Singapore.

What advice do you have for startups and business around cyber security?

Cyber security has grown immensely in terms of exposure to various attack vectors, and it keeps growing with every new technology where computing is involved. 3D printing, drones, Augmented Reality, Virtual Reality, etc., all have cyber risks with devastating consequences depending on the use case. Hence, there’s no dearth of applications of cyber security. And it’s best to focus on specific use cases that benefit from the startups’ skills. However, keeping a holistic view of the selected niche is critical for differentiation, success and creating good value.

Identity fraud stats

What are you most proud of so far?

Completion of international patenting phase for Silicon Biometrics after 30 months of rigorous due diligence! There was neither any prior art found in this due diligence process through searching previous patents nor any objection from any industry player to granting a patent after publishing our patent application. We have now applied for patents in 40 different countries.

What quote or philosophy do you stand by?

Awareness of the visible and invisible technologies surrounding the solution space is critical in cyberspace.

Why do you think Canberra is a great place to do business?

Canberra has the single largest decision-making community of advanced cyber security technologies in Australia. There’s also a substantial possibility of influencing the lawmakers due to proximity.

If you’ve attended any Canberra Innovation Network events or participated in our programs, how have they helped you along the way?

I attended the inaugural cyber security accelerator program from CBRIN front-ended by Craig Davis, Hollie Bell and Irene Zhen. Together they provided huge value and helped us understand our business from a different perspective.

What does the general public not understand about cyber that just leaves you flabbergasted?

  • BYO devices have a huge cyber security impact on an organisation’s network
  • Ease of execution and impact of social engineering attacks
  • The impact of vulnerable home router configurations on organisational networks during work from home scenarios

Thanks, Shantanu! We appreciate your insight (and will think twice about how we work from home in the future!).