To this day, passwords remain the key method of verifying a user’s identity. But years of challenges and friction also remain – causing a wide range of issues for consumers and companies alike. One firm looking to change the landscape and rid the world of passwords once and for all is Zally.
Patrick Smith is the founder and CEO of Zally, the Manchester-based tech startup leading the way with continuous user authentication. Here, we find out Smith’s take on the purpose, aims, past and future of Zally; while finding out more about him along the way.
Tell us more about Zally and its purpose.
At Zally, our plan is to flip the notion of online security and identity authentication on its head. We want to power the internet through the innovative capacity of continuous authentication, facilitating a world less reliant on one-time static logins. By analysing behavioural biometric interactions, our powerful AI reveals some of the hidden patterns in human activity and can produce continually evolving profiles for users, which are entirely unique to them.
This is a major step forward and could help companies meet the ever-evolving demands placed upon them by regulatory bodies. By reducing dependencies on traditional passwords, Zally’s solution isn’t only helping to slash rates of fraud and ensuring customer protection, but also boosting conversions and helping companies to deliver seamless and positive customer journeys consistently.
This is important, especially considering the impending introduction of PSD3. The forthcoming directive will require businesses to go further in ensuring Strong Customer Authentication (SCA). Additionally, under the directive, businesses that fail to meet these demands will face greater legal liability. Thankfully, by leveraging the power of continuous authentication, companies can stay ahead of the curve.
What are some of your recent achievements you’d like to highlight?
Right now, we’re moving towards the Beta launch of our continuous authentication solution. Alpha testing for the solution has been incredibly successful. In fact, our AI model can now reach 99 per cent confidence in less than 15 minutes of use of our intuitive mobile application. This performance, with its high accuracy, meets the strict security standards required by financial institutions, which demand authentication solutions that can achieve above 98 per cent certainty.
While we work towards our launch, we’ve also worked hard to establish an experienced leadership team to support our development. Recently, we announced the hiring of Paul Wilshaw and Prabhu Prakash as our CDO/CPO and CTO, respectively, as well as David Webb as our new chairman. With proven track records within senior leadership positions at major tech companies and financial institutions, this array of experts will provide us with the strategic expertise to grow rapidly on launch.
How did you get into the fintech industry?
Around seven years ago, my father began to develop the early signs of dementia. It was a very difficult time, and I felt powerless as I watched him struggle with tasks that he’d previously been capable of. Perhaps the most notable example was the difficulty he experienced when trying to remember the passwords needed to manage his affairs effectively. In response, I decided I had to do something.
This drive led me to continuous authentication, a revolutionary concept that has the potential to flip the world of online security on its head. Rather than being dependent on static, one-time logins that are only capable of authenticating an individual at a certain point in time, solutions like Zally enable platforms to authenticate the identity of an individual around the clock, while delivering far more seamless customer experiences.
The benefits of this are manifold, but one key advantage is it eliminates the need for people to remember an array of passwords to operate online. Everyone benefits from this approach, but for people like my father, it’s a true game-changer. It’s a far more accessible way to approach the process of authentication and ensures that individuals who may struggle with existing methods are not excluded.
What’s the best thing about working in the fintech industry?
One thing I love about fintech is the sector’s willingness to embrace change and adopt new solutions to solve long-standing issues. It’s a meritocratic sector, which truly believes in the power of innovation to engender positive differences in people’s lives. That’s a belief that’s also shared across the Zally team, and a hugely motivating factor in our mission to power the internet with continuous authentication.
What frustrates you most about the fintech industry?
The sector has a major blind spot in defining ‘effective’ security; this needs to change quickly. It’s scary to think that there are over five billion internet users now, and we’re unable to determine their identities. Commentators will point to advancements in multi-factor authentication, encryption and magic links and suggest this indicates a new prioritisation of the importance of effective security, but this is misguided.
Sadly, the sector remains awash with modern authentication solutions that only provide the facade of protection. These methods are only ever capable of authenticating an individual’s identity at that specific moment in time. Simultaneously, the sector seems to be willing to sit idly by while individuals continue to utilise highly risky online security practices, such as re-using the same password repeatedly.
If you know anything about online security, you will know how dangerous this can be. Ultimately, individuals do this to reduce the risk of forgetting passwords and losing access to valuable platforms. Herein lies the uncomfortable tradeoff at the core of this issue. Companies seem happy to let their customers swap effective security for more frictionless experiences, which is a concerning situation.
What does the future have in store for Zally, as well as the broader fintech sector?
As mentioned, we’re now full steam ahead for our forthcoming Beta launch. We truly believe that we’ve built a brand-new category of authentication solution, which finally allows online platforms to know who is behind a device at any time continuously. Beginning with payment service providers and merchants, we plan to use Zally to radically change the way people authenticate across the entire digital landscape.
Any device connected to the internet would benefit from the power of continuous authentication, and as such, Zally’s future growth would appear to have no upper ceiling. Our aims are global, but for now, we’ll be focusing particular attention on leveraging our mission-driven team to drive adoption across merchants and merchant services within the United Kingdom, as well as Germany.
This initial focus on Europe coincides with the introduction of PSD3, which should bring the entire concept of continuous authentication into much keener focus. Companies across the board are currently working to find out how these new rules will affect their operations. Put simply, it won’t be long before many such companies discover that their existing protocols are incompatible with the more stringent demands of PSD3.
Now, as we prepare for our Beta launch, we invite forward-thinking companies to start considering how more effective authentication methods could help them shape a secure, user-friendly digital future across their platforms. The moment for change is quickly approaching, and businesses must ensure they’re not caught behind the curve. Thankfully, with Zally, all those concerns are effectively removed.