Google will soon hide neglected apps in the Play Store

Google will soon hide neglected apps in the Play Store

Enlarge (credit: Google Play Store)

Google Play is moving forward in its war on old, un-updated apps. The Play Store has had a rolling minimum level for Android version support for a while now; developers have to use a “target API level” that is one year old or newer, or they will be unable to update their apps. Now, Google is announcing a second rolling minimum—if an app’s target API level is two years old, the app will be hidden from the Play Store listings. That means users searching for a new app to install won’t see abandoned apps.

Android’s “target API level” system is sort of like a backward-compatibility setting for Android apps. Every new version of Android is identified by a new API level, which goes up by one with every release. Currently, Android 12L is API level 32, and Android 13 will be API level 33. Every version of Android comes with new features and security restrictions for app developers, but because Google doesn’t want to break old apps with every release, the API level system lets app developers “target” the version of the Android features and restrictions they would like to run under.

The target API level doesn’t have anything to do with the minimum version of Android that an app will run on (that would be the second big app setting, the “minimum API level”); it just lets apps say, “I am coded with compatibility for Android 12 features and restrictions, if they are available.” In this case, the app would get access to the Android 12 features and have the Android 12 security restrictions applied to it, and it would run normally on older versions.

Read 4 remaining paragraphs | Comments

#api, #google, #google-play-store, #tech

UK’s MarketFinance secures $383M to fuel its online loans platform for SMBs

Small and medium businesses regularly face cashflow problems. But if that’s an already-inconvenient predicament, it has been exacerbated to the breaking point for too many during the Covid-19 pandemic. Now, a UK startup called MarketFinance — which has built a loans platform to help SMBs stay afloat through those leaner times — is announcing a big funding infusion of £280 million ($383 million) as it gears up for a new wave of lending requests.

“It’s a good time to lend, at the start of the economic cycle,” CEO and founder Anil Stocker said in an interview.

The funding is coming mostly in the form of debt — money loaned to MarketFinance to in turn loan out to its customers as an approved partner of the UK government’s Recovery Loan Scheme; and £10 million ($14 million) of it is equity that MarketInvoice will be using to continue enhancing its platform.

Italian bank Intesa Sanpaolo S.p.A. and an unnamed “global investment firm” are providing the debt, while the equity portion is being led by Black River Ventures (which has also backed Marqeta, Upgrade, Coursera and Digital Ocean) with participation from existing backer, Barclays Bank PLC. Barclays is a strategic investor: MarketFinance powers the bank’s online SMB loans service. Other investors in the startup include Northzone.

We understand that the company’s valuation is somewhere in the region of under $500 million, but more than $250 million, although officially it is not disclosing any numbers.

Stocker said that MarketFinance has been profitable since 2018, one reason why it’s didn’t give up much equity in this current tranche of funding.

“We are building a sustainable business, and the equity we did raise was to unlock better debt at better prices,” he said. “It can help to post more equity on the balance sheet.” He said the money will be “going into our reserves” and used for new product development, marketing and to continue building out its API connectivity.

That last development is important: it taps into the big wave of “embedded finance” plays we are seeing today, where third parties offer, on their own platforms, loans to customers — with the loan product powered by MarketFinance, similar to what Barclays does currently. The range of companies tapping into this is potentially as vast as the internet itself. The promise of embedded finance is that any online brand that already does business with SMEs could potentially offer those SMEs loans to… do more business together.

MarketFinance began life several years ago as MarketInvoice, with its basic business model focused on providing short-term loans to a given SMB against the value of its unpaid invoices — a practice typically described as invoice finance. The idea at the time was to solve the most immediate cashflow issue faced by SMBs by leveraging the thing (unpaid invoices, which typically would eventually get paid, just not immediately) that caused the cashflow issue in the first place.

A lot of the financing that SMBs get against invoices, though, is mainly in the realm of working capital, helping companies make payroll and pay their own monthly bills. But Stocker said that over time, the startup could see a larger opportunity in providing financing that was of bigger sums and covered more ambitious business expansion goals. That was two years ago, and MarketInvoice rebranded accordingly to MarketFinance. (It still very much offers the invoice-based product.)

The timing turned out to be fortuitous, even if the reason definitely has not been lucky: Covid-19 came along and completely overturned how much of the world works. SMEs have been at the thin edge of that wedge not least because of those cashflow issues and the fact that they simply are less geared to diversification and pivoting due to shifting market forces because of their size.

This presented a big opportunity for MarketInvoice, it turned out.

Stocker said that the early part of the Covid-19 pandemic saw the bulk of loans being taken out to manage business interruptions due to Covid-19. Interruptions could mean business closures, or they could mean simply customers no longer coming as they did before, and so on. “The big theme was frictionless access to funding,” he said, using technology to better and more quickly assess applications digitally with “no meetings with bank managers” and reducing the response time to days from the typical 4-6 weeks that SMBs would have traditionally expected.

If last year was more about “panicking, shoring up or pivoting,” in Stocker’s words, “now what we’re seeing are a bunch of them struggling with supply chain issues, Brexit exacerbations and labor shortages. It’s really hard for them to manage all that.”

He said that the number of loan applications has been through the roof, so no shortage of demand. He estimates that monthly loan requests have been as high as $500 million, a huge sum for one small startup in the UK. It’s selective in what it lends: “We choose to support those we thought will return the money,” he said.

#api, #bank, #barclays, #ceo, #corporate-finance, #coursera, #digital-ocean, #economy, #embedded-finance, #europe, #finance, #funding, #invoice, #loans, #marketfinance, #marketinvoice, #marqeta, #money, #partner, #short-term-loans, #startup-company, #uk-government, #united-kingdom

TrueLayer nabs $130M at a $1B+ valuation as open banking rises as a viable option to card networks

Open banking — a disruptive technology that seeks to bypass the dominance of card networks and other traditional financial rails by letting banks open their systems directly to developers (and new services) by way of APIs — continues to gain ground in the world of financial services. As a mark of that traction, a startup playing a central role in open banking applications is announcing a big round of funding with a milestone valuation.

TrueLayer, which provides technology for developers to enable a range of open-banking-based services has raised $130 million in a funding round that values the London-based startup at over $1 billion.

Tiger Global Management is leading the round, and notably, payments juggernaut Stripe is also participating.

Open Banking is a relatively new area in the world of fintech — the UK was an early adopter in 2018, Europe then signed on, and it looks like we are now seeing more movements that the U.S. may soon also join the party — and TrueLayer is considered a pioneer in the space.

The vast majority of transactions in the world today are still made using card rails or more antiquated banking infrastructure, but the opportunity with open banking is to build a completely new infrastructure that works more efficiently, and might come with less (or no) fees for those using it, with the perennial API promise: all by way of few lines of code.

“We had a vision that finance should be opened up, and we are actively woking to remove the frictions that exist between intermediaries,” said CEO Francesco Simoneschi, who co-founded the company with Luca Martinetti (who is now the CTO), in an interview. “We want a financial system that works for everyone, but that hasn’t been the case up to now. The opportunity emerged five years ago, when open banking came into law in the UK and then elsewhere, to go after the most impressive oligopoly: the card networks and everything that revolves around them. Now, we can easily say that open banking is becoming a viable alternative to that.”

It seems that the world of finance and commerce is slowly catching on, and so the funding is coming on the heels of some strong growth for the company.

Services that TrueLayer currently include payments, payouts, user account information and user verification; while end users range from neobanks, crypto startups, and wealth management apps through to e-commerce companies, marketplaces and gaming platforms.

And the startup says it now has “millions” of consumers making open banking transactions enabled by TrueLayer’s technology, and some 10,000 developers are building services based on open banking standards. TrueLayer so far this year has doubled its customer base, picking up some key customers like Cazoo to enable open-banking based payments for cars; and it has processed “billions” of dollars in payments, with payment volume growing 400%, and payment up 800%.

The plan is to use the funding to invest in building out that business further — specifically to extend its payments network to more regions (and more banks getting integrated into that network), as well as to bring on more customers using open banking services for more regular, recurring transactions.

“The shift to alternative payment methods is accelerating with the global growth of online commerce, and we believe TrueLayer will play a central role in making these payment methods more accessible,” said Alex Cook, partner, Tiger Global, in a statement. “We’re excited to partner with Francesco, Luca and the TrueLayer team as they help customers increase conversion and continue to grow the network.”

Notably, Stripe is not a strategic investor in TrueLayer at the moment, just a financial one. That is to say, it has yet to integrate open banking into its own payments infrastructure.

But you can imagine how it would be interested in it as part of the bigger mix of options for its customers, and potentially also to build its own standalone financial rails that well and truly compete with those provided by the card networks (which are such a close part of what Stripe does that its earliest web design was based on the physical card, and even its name is a reference to the stripe on the back of them.

There are other providers of open banking connectivity in the market today — Plaid out of the U.S. is one notable name — but Simoneschi believes that Stripe and TrueLayer on the same page as companies.

“We share a profound belief that progress comes through the eyes of developers so it’s about delivering the tools they need to use,” he he said. “We are in a very complementary space.”

#api, #bank, #banking, #ceo, #cto, #europe, #finance, #financial-services, #funding, #london, #mobile-payments, #money, #online-banking, #online-commerce, #online-payments, #open-banking, #partner, #payment, #payments-infrastructure, #payments-network, #stripe, #tiger-global-management, #truelayer, #united-kingdom, #united-states, #web-applications

F5 acquires cloud security startup Threat Stack for $68 million

Applications networking company F5 has announced it’s acquiring Threat Stack, a Boston-based cloud security and compliance startup, for $68 million.

The deal, which comes months after F5 bought multi-cloud management startup Volterra for $500 million, sees the 25-year-old company looking to bolster its cloud security portfolio as applications become a growing focus for cybercriminals. Businesses lose more than $100 billion a year to attacks targeting digital experiences, F5 says and these experiences are increasingly powered by applications distributed across multiple environments and interconnected through APIs.

Threat Stack, which was founded in November 2012 and has since amassed more than $70 million across six funding rounds including a $45 million Series C round led by F-Prime Capital Partners and Eight Roads Ventures, specializes in cloud security for applications and provides customers with real-time threat detection for cloud infrastructure and workloads. Unlike many cloud security tools that kick in after an intrusion, Threat Stack takes a more proactive approach, alerting organizations to all known vulnerabilities and providing a report on the holes that need to be plugged.

The startup’s intrusion detection platform, the Threat Stack Cloud Security Platform, works across cloud, hybrid cloud, multi-cloud, and containerized environments, and is perhaps best known for its Slack integration that alerts DevOps teams to security concerns in real-time. Threat Stack has a number of big-name customers, according to its website, including Glassdoor, Ping Identity and Proofpoint.

F5 says that integrating its application and API protection solutions with Threat Stack’s cloud security capabilities and expertise will enhance visibility across application infrastructure and workloads, making it easier for customers to adopt consistent security in any cloud.

“Applications are the backbone of today’s modern businesses, and protecting them is mission-critical for our customers,” said Haiyan Song, EVP of Security at F5. “Threat Stack brings technology and talent that will strengthen F5’s security capabilities and further our adaptive applications vision with broader cloud observability and actionable security insights for customers.”

The acquisition, which is expected to close in F5’s first-quarter fiscal year 2022, is subject to closing conditions.

#api, #boston, #cloud-computing, #cloud-infrastructure, #cloud-management, #computing, #eight-roads-ventures, #f5, #glassdoor, #palo-alto-networks, #ping-identity, #security, #splunk, #system-administration, #threat-stack, #volterra

Ketch raises another $20M as demand grows for its privacy data control platform

Six months after securing a $23 million Series A round, Ketch, a startup providing online privacy regulation and data compliance, brought in an additional $20 million in A1 funding, this time led by Acrew Capital.

Returning with Acrew for the second round are CRV, super{set} (the startup studio founded by Ketch’s co-founders CEO Tom Chavez and CTO Vivek Vaidya), Ridge Ventures and Silicon Valley Bank. The new investment gives Ketch a total of $43 million raised since the company came out of stealth earlier this year.

In 2020, Ketch introduced its data control platform for programmatic privacy, governance and security. The platform automates data control and consent management so that consumers’ privacy preferences are honored and implemented.

Enterprises are looking for a way to meet consumer needs and accommodate their rights and consents. At the same time, companies want data to fuel their growth and gain the trust of consumers, Chavez told TechCrunch.

There is also a matter of security, with much effort going into ransomware and malware, but Chavez feels a big opportunity is to bring security to the data wherever it lies. Once the infrastructure is in place for data control it needs to be at the level of individual cells and rows, he said.

“If someone wants to be deleted, there is a challenge in finding your specific row of data,” he added. “That is an exercise in data control.”

Ketch’s customer base grew by more than 300% since its March Series A announcement, and the new funding will go toward expanding its sales and go-to-market teams, Chavez said.

Ketch app. Image Credits: Ketch

This year, the company launched Ketch OTC, a free-to-use privacy tool that streamlines all aspects of privacy so that enterprise compliance programs build trust and reduce friction. Customer growth through OTC increased five times in six months. More recently, Qonsent, which developing a consent user experience, is using Ketch’s APIs and infrastructure, Chavez said.

When looking for strategic partners, Chavez and Vaidya wanted to have people around the table who have a deep context on what they were doing and could provide advice as they built out their products. They found that in Acrew founding partner Theresia Gouw, whom Chavez referred to as “the OG of privacy and security.”

Gouw has been investing in security and privacy for over 20 years and says Ketch is flipping the data privacy and security model on its head by putting it in the hands of developers. When she saw more people working from home and more data breaches, she saw an opportunity to increase and double down on Acrew’s initial investment.

She explained that Ketch is differentiating itself from competitors by taking data privacy and security and tying it to the data itself to empower software developers. With the OTC tool, similar to putting locks and cameras on a home, developers can download the API and attach rules to all of a user’s data.

“The magic of Ketch is that you can take the security and governance rules and embed them with the software and the piece of data,” Gouw added.

#acrew-capital, #advertising-tech, #api, #cloud-computing, #crv, #data-protection, #data-security, #enterprise, #funding, #ketch, #privacy, #recent-funding, #ridge-ventures, #silicon-valley-bank, #software-developers, #startups, #superset, #tc, #theresia-gouw, #tom-chavez

Tyk raises $35M for its open-source, open-ended approach to enterprise API management

APIs are the grease turning the gears and wheels for many organizations’ IT systems today, but as APIs grow in number and use, tracking how they work (or don’t work) together can become complex and potentially critical if something goes awry. Now, a startup that has built an innovative way to help with this is announcing some funding after getting traction with big enterprises adopting its approach.

Tyk, which has built a way for users to access and manage multiple internal enterprise APIs through a universal interface by way of GraphQL, has picked up $35 million, an investment that it will be using both for hiring and to continue enhancing and expanding the tools that it provides to users. Tyk has coined a term describing its approach to managing APIs and the data they produce — “universal data graph” — and today its tools are being used to manage APIs by some 10,000 businesses, including large enterprises like Starbucks, Societe Generale, and Domino’s.

Scottish Equity Partners led the round, with participation also from MMC Ventures — its sole previous investor from a round in 2019 after boostrapping for its first five years. The startup is based out of London but works in a very distributed way — one of the co-founders is living in New Zealand currently — and it will be hiring and growing based on that principle, too. It has raised just over $40 million to date.

Tyk (pronounced like “tyke”, meaning small/lively child) got its start as an open source side project first for co-founder Martin Buhr, who is now the company’s CEO, while he was working elsewhere, as a “load testing thing,” in his words.

The shifts in IT towards service-oriented architectures, and building and using APIs to connect internal apps, led him to rethink the code and consider how it could be used to control APIs. Added to that was the fact that as far as Buhr could see, the API management platforms that were in the market at the time — some of the big names today include Kong, Apigee (now a part of Google), 3scale (now a part of RedHat and thus IBM), MuleSoft (now a part of Salesforce) — were not as flexible as his needs were. “So I built my own,” he said.

It was built as an open source tool, and some engineers at other companies started to use it. As it got more attention, some of the bigger companies interested in using it started to ask why he wasn’t charging for anything — a sure sign as any that there was probably a business to be built here, and more credibility to come if he charged for the it.

“So we made the gateway open source, and the management part went into a licensing model,” he said. And Tyk was born as a startup co-founded with James Hirst, who is now the COO, who worked with Buhr at a digital agency some years before.

The key motivation behind building Tyk has stayed as its unique selling point for customers working in increasingly complex environments.

“What sparked interest in Tyk was that companies were unhappy with API management as it exists today,” Buhr noted, citing architectures using multiple clouds and multiple containers, creating more complexity that needed better management. “It was just the right time when containerization, Kubernetes and microservices were on the rise… The way we approach the multi-data and multi-vendor cloud model is super flexible and resilient to partitions, in a way that others have not been able to do.”

“You engage developers and deliver real value and it’s up to them to make the choice,” added Hirst. “We are responding to a clear shift in the market.”

One of the next frontiers that Tyk will tackle will be what happens within the management layer, specifically when there are potential conflicts with APIs.

“When a team using a microservice makes a breaking change, we want to bring that up and report that to the system,” Buhr said. “The plan is to flag the issue and test against it, and be able to say that a schema won’t work, and to identify why.”

Even before that is rolled out, though, Tyk’s customer list and its grow speak to a business on the cusp of a lot more.

“Martin and James have built a world-class team and the addition of this new capital will enable Tyk to accelerate the growth of its API management platform, particularly around the GraphQL focused Universal Data Graph product that launched earlier this year,” said Martin Brennan, a director at SEP, in a statement. “We are pleased to be supporting the team to achieve their global ambitions.”

Keith Davidson, a partner at SEP, is joining the Tyk board as a non-executive director with this round.

#api, #api-gateway, #api-management, #apigee, #apis, #ceo, #cloud-computing, #co-founder, #computing, #coo, #developer, #enterprise, #europe, #funding, #google, #graphql, #ibm, #london, #microservices, #mmc-ventures, #mulesoft, #new-zealand, #salesforce, #scottish-equity-partners, #societe-generale, #starbucks, #technology, #tyk

Liveblocks is an API that lets you add real-time collaboration to your product

Meet Liveblocks, a startup that has been working on a set of APIs so that it’s easier to build a collaborative product. Essentially, it lets you create multiplayer experiences on the web or in your app.

The company started with a live presence state API. If you integrate this API in your product, it means that you can show when somebody joins a page, a project or a document by displaying an avatar in a corner. You can also share the position of everyone’s cursor, text selection or content selection in real time.

Liveblocks is currently testing in private beta a live storage API. This is going to be a key feature as it is going to let multiple people view and edit the same data in real-time. For example, you can use it to develop a Google Docs competitor or if you want to add a whiteboard tool to your service.

The service works across multiple browsers and devices. Behind the scenes, the company uses a WebSocket connection for real-time communication. Pricing depends on the number of simultaneous connections that you expect around the same room, document, experience.

“Guillaume Salles and I decided to work together on a browser-based collaborative presentation/video tool. After months of iteration, we realized that we were spending a majority of our time figuring out how to handle the real‑time collaboration aspect of things, instead of focusing on the core mechanics of the tool,” co-founder and CEO Steven Fabre told me.

“We tried existing solutions, but none really stacked up for what we were trying to do so we decided to build our own. That's when it clicked and we decided to drop the presentation/video tool to ‘productify’ the APIs we had built for ourselves so any team could use them to build performant real-time collaborative products,” he added.

The company raised a $1.4 million pre-seed round during the summer. Investors include Boldstart, Seedcamp, Meta fund, Logic & Rhythm, Ian Storm Taylor, Max Stoiber, Moritz Plassnig, Badrul Farooqi and Anthony DiMare.

Right now, the Liveblocks team is just the two founders. With this funding round, the company plans to hire some engineers and launch its live storage API.

Liveblocks’ main advantage is that it’s a high-level API. Ably, a startup I’ve covered recently, focuses more on the low-level aspect of the problem. A React front-end developer can read the documentation and integrate Liveblocks in its product. You don’t have to understand how the infrastructure layer actually works to get started.

#api, #developer, #europe, #fundings-exits, #real-time, #realtime, #startups

Trade promotion management startup Cresicor raises $5.6M to keep tabs on customer spend

Cresicor, a consumer packaged goods trade management platform startup, raised $5.6 million in seed funding to further develop its tools for more accurate data and analytics.

The company, based remotely, focuses on small to midsize CPG companies, providing them with an automated way to manage their trade promotion, a process co-founder and CEO Alexander Whatley said is done primarily manually using spreadsheets.

Here’s what happens in a trade promotion: When a company wants to run a discount on one of their slower-selling items, the company has to spend money to do this — to have displays set up in a store or have that item on a certain shelf. If it works, more people will buy the item at the lower price point. Essentially, a trade promotion is the process of spending money to get more money in the future, Whatley told TechCrunch.

Figuring out all of the trade promotions is a complicated process, Whatley explained. Companies receive data feeds on the promotions from several different places, revenue data from retailers, accounting source data to show how many units were shipped and then maybe data directly from retailers. All of that has to be matched against the promotion.

“No API is bringing this data back to brands, so our software helps to automate and track these manual processes so companies can do analytics to see how the promotions are doing,” he added. “It also helps the finance team understand expenses, including which are valid and those that are not.”

What certain companies spend on trade promotions can represent their second-largest cost behind manufacturing, and companies often end up reinvesting between 20% and 30% of their revenue into trade promotions, Whatley said. This is a big market, representing untapped growth, especially with U.S. CPG sales topping $720 billion in 2020.

“You can see how messy the whole industry is, which is why we have a bright future and huge TAM,” he added. “With this new funding, we can target other parts of the P&L like supply chain and salaries. We also provide analytics for their strategy and where they should be spending it — which store, on which supply. By allocating resources the right way, companies typically see a 10% boost in sales as a result.”

Whatley started the company in 2017 with his brother, Daniel, Stuart Kennedy and Nikki McNeil while a Harvard undergrad. Since raising the funding back in February, the company has grown 2.5x in revenue, while employee headcount grew 4x over the past 12 months to 20.

Costanoa Ventures led the investment and was joined by Torch Capital and a group of angel investors including Fivestars CTO Matt Doka and Hu’s Kitchen CEO Mark Ramadan.

John Cowgill, partner at Costanoa, said though Cresicor raised a seed round, the company was already acquiring brands and capital before releasing a product and grew to almost a Series A company without any outside capital, saying it “blew me away.”

Cresicor is the “perfect example” of a company that Costanoa would get excited about — a vertical software company using data or machine learning to augment a pain point, Cowgill added.

“The CPG industry is in the middle of a rapid change where we see all of these emerging, digital native and mission-driven brands rapidly eating share from incumbents,” he added. “For the next generation of brands to compete, they have to win in trade promotion management. Cresicor’s opportunity to go beyond trade is significant. It is just a starting point to build a company that is the core enabler of great brands.”

The new funding will be used mainly to hire more talent in the areas of engineering and customer success so the company can hit its next benchmarks, Alexander Whatley said. He also intends to use the funding to acquire new brands and on software development. Cresicor boasts a list of customers including Perfect Snacks, Oatly and Hint Water.

The retail industry is valued at $5.5 trillion, and one-fifth of it is CPG, Whatley said. As a result, he has his eye on going after other verticals within CPG, like electronics and pet food, and then expanding into other areas.

“We are also going to work with enterprise companies — we see an opportunity to work with companies like P&G and General Mills, and we also want to build an ecosystem around trade promotion and launch into other profit and loss areas,” Whatley said.

#advertising-tech, #alexander-whatley, #api, #artificial-intelligence, #brand, #business-intelligence, #costanoa-ventures, #cresicor, #enterprise, #food, #funding, #john-cowgill, #machine-learning, #marketing, #recent-funding, #software, #software-development, #startups, #tc, #torch-capital

Commercetools raises $140M at a $1.9B valuation as ‘headless’ commerce continues to boom

E-commerce these days is now a major part of every retailer’s strategy, so technology builders and platforms that are helping them compete better on digital screens are seeing a huge boost in business. In the latest turn, Commercetools — a provider of e-commerce APIs that larger retailers can use to build customized payment, check-out, social commerce, marketplace and other services — has closed $140 million in funding, a Series C that CEO Dirk Hoerig has confirmed to me values the company at $1.9 billion. 

The funding is being led by Accel, with previous investors Insight Partners and REWE Group also participating. Munich, Germany-based Commercetools spun out of REWE — a giant German retailer, and also a customer — and announced $145 million in investment led by Insight in October 2019.

This latest round represents a huge hike on its valuation since then, when Commercetools was valued at around $300 million.

Part of the reason for the big bump, of course, has been the wave of interest in digital transactions from shopping online. E-commerce was already growing at a steady pace before 2020, by some estimates representing more than half of all commerce transactions. The Covid-19 pandemic turbo-charged that proportion, with many retailers switching exclusively to internet sales, and consumers stuck at home happy to shop with a click.

While companies like Shopify have addressed the needs of smaller retailers, providing them with an alternative or complement to listing on third-party marketplaces like Amazon’s, Commercetools has built its business around catering to larger retailers and the many specific, large-scale needs and investment budgets that they may have for building their digital commerce solutions.

It provides some 300 APIs today around some nine “buckets” of services, and a wide network of integration partners, Hoerig said, and powers some $10 billion of sales annually for its customers, which include the likes of Audi, AT&T, Danone, Tiffany & Co., John Lewis and many others.

“Our main focus is the retailer with more than $100 million in gross merchandise value,” Hoerig said. “This is when it becomes interesting.” But he added that the force of market growth is such that Commercetools is also seeing a lot of business from smaller companies that are simply needing more functionality to address their fast growth. “So we also sometimes have customers that start at $5 million in GMV and quickly go to $50 million. With that scale, they also have specific requirements, so the lines get a bit blurry.” (And that also explains why investors are so interested: there is a lot of evidence of the market growing and growing; and by capturing smaller retailers on big trajectories, that represents a lot more scale for Commercetools.)

Hoerig is sometimes credited with being the person who first coined the term “headless commerce”, which basically means APIs that can be used by a company, or its team of strategists, developers and designers, to build their own customized check-out and other purchasing experiences, rather than fitting these into templates provided by the tech company powering the checkout.

But as the API economy has continued to grow, and the world of non-tech companies that use tech continues to mature, that has taking on a mass-market appeal, and so Commercetools is far from being the only one in this area. In addition to Shopify (which has its own version targeting larger businesses, Shopify Plus), others include SprykerSwellFabricChord and Shogun.

Commercetools will be using the funding both to continue organically expanding its business, but also to make some acquisitions to bolt on new customers, and new technology, tapping into some of the scaling and consolidation that is taking place across e-commerce as a whole. What will be interesting to see is where consolidation will happen, and which startups will be raising money to scale on their own: right now there is a lot of enthusiasm around the space because it is so buoyant, and that will spell more money being funneled to more startups.

Case in point: when I first got wind of this funding round, Commercetools told me it was in the middle of a deal to acquire a company. In the end, that company decided to stay independent and take some more investment to try to grow on its own. Hoerig said it’s now pursuing another target.

Indeed, that is also the bigger force that has brought Commercetools to where it is today.

“The chance to invest in a fast-growing, innovative commerce platform was one we could not pass up,” said Ping Li, the partner at Accel who led on this deal, said in a statement. “Commercetools provides e-commerce enterprises the technology necessary to capture revenue in the rapidly growing global e-commerce market.”

#accel, #api, #articles, #att, #audi, #business, #ceo, #commercetools, #content-management-systems, #danone, #e-commerce, #ecommerce, #economy, #europe, #germany, #headless-commerce, #insight-partners, #munich, #ping-li, #shopify, #social-commerce

Web building platform Duda snaps up e-commerce cart tool Snipcart

Duda announced Wednesday that it acquired Canada-based Snipcart, a startup that enables businesses to add a shopping cart to their websites.

The acquisition is Palo Alto-based Duda’s first deal, and follows the website development platform’s $50 million Series D round in June that brings its total funding to $100 million to date. Duda co-founder and CEO Itai Sadan declined to comment on the acquisition amount.

Duda, which works with digital agencies and SaaS companies, has approximately 1 million published paying sites, and the acquisition was driven by the company seeing a boost in e-commerce websites as a result of the global pandemic, he told TechCrunch.

This was not just about a technology acquisition for Duda, but also a talented team, Sadan said. The entire Snipcart team of 12 is staying on, including CEO Francois Lanthier Nadeau; the companies will be fully integrated by 2022 and the first collaborative versions will come out.

When he met the Snipcart team, Sadan thought they were “super experienced and held the same values.”

“We share many of the same types of customers, many of which are API-first,” he added. “If our customers need more headless commerce, they can build their own front end using Snipcart. Their customers will benefit from us growing the team — we plan to double it in the next year and roll out more features at a faster pace.”

The global retail e-commerce market is estimated to grow by 50% to $6.3 trillion by 2024, according to Statista. Duda itself has experienced a year over year increase of 265% in e-commerce sites being built on its platform, which Sadan said was what made Snipcart an attractive acquisition to further accelerate and manage its growth that includes over 17,000 customers.

Together, the companies will offer new capabilities, like payment and membership tools inside of the Duda platform. Many of Duda’s customers come with inventory and don’t want to manage it on another e-commerce platform, so Snipcart will be that component for taking their inventory and making it shoppable on the web.

“Everyone is thinking about how to introduce transactions into their websites and web experiences, and that is what we were looking for in an e-commerce platform,” Sadan said.

 

#api, #apps, #duda, #ecommerce, #enterprise, #francois-lanthier-nadeau, #funding, #itai-sadan, #ma, #recent-funding, #saas, #snipcart, #startups, #supply-chain-management, #tc

PayEm comes out of stealth with $27M and its answer to the expense report

Itamar Jobani was a software developer working for a medical company and “hated that time of the month” when he had to use the company’s chosen reimbursement tool.

“It was full of friction and as part of the company’s wellness team, I felt an urge to take care of the employee experience and find a better tool,” Jobani told TechCrunch. “I looked for something, but didn’t find it, so I tried to build it myself.”

What resulted was PayEm, an Israeli company he founded with Omer Rimoch in 2019 to be a spend and procurement platform for high-growth and multinational organizations. Today, it announced $27 million in funding that includes $7 million in seed funding, led by Pitango First and NFX, with participation by LocalGlobe and Fresh Fund, as well as $20 million in Series A funding led by Glilot+.

The company’s technology automates the reimbursement, procurement, accounts payable and credit card workflows to manage all of the requests and invoices, while also creating bills and sending payments to over 200 territories in 130 currencies.

It gives company finance teams a real-time look at what items employees are asking for funds to buy, and what is actually being spent. For example, teams can submit a request and go through an approval flow that can be customized with purchasing codes tied to a description of the transaction. At the same time, all transactions are continuously reconciled versus having to spend hours at the end of the month going through paperwork.

“Organizations are running in a more democratized way with teams buying things on behalf of the organization,” Jobani said. “We built a platform to cater to those needs, so it’s like a disbursement platform instead of a finance team always being in charge.”

The global B2B payments market is valued at $120 trillion annually and is expected to reach $200 trillion by 2028, according to payment industry newsletter Nilson Report. PayEm is among many B2B payments startups attracting venture capital — for example, last month, Nium announced a $200 million in Series D funding at a $1 billion valuation. Paystand raised $50 million in Series C funding to make B2B payments cashless, while Dwolla raised $21 million for its API that allows companies to build and facilitate fast payments.

Meanwhile, PayEm itself saw accelerated growth in the second quarter of 2021, including increasing its transaction volume by four times over the previous quarter and generating millions of dollars in revenue. It now boasts a list of hundreds of customers like Fiverr, JFrog and Next Insurance. It also launched new features like the ability to create corporate cards.

The company, which also has an office in New York, has 40 employees currently, and the new funds will enable the company to triple its headcount, focusing on hiring in the United States, and to bring additional features and payment capabilities to market.

“Each person can have a budget and a time frame for making the purchase, while accounting still feels in control,” Jobani added. “Everyone now has the full context and the right budget line item.”

#api, #artificial-intelligence, #b2b-payments, #enterprise, #financial-services, #funding, #glilot, #itamar-jobani, #nfx, #omer-rimoch, #payem, #payments, #pitango-first, #recent-funding, #saas, #startups, #tc

A popular smart home security system can be remotely disarmed, researchers say

A cybersecurity company says a popular smart home security system has a pair of vulnerabilities that can be exploited to disarm the system altogether.

Rapid7 found the vulnerabilities in the Fortress S03, a home security system that relies on Wi-Fi to connect cameras, motion sensors, and sirens to the internet, allowing owners to remotely monitor their home anywhere with a mobile app. The security system also uses a radio-controlled key fob to let homeowners arm or disarm their house from outside their front door.

But the cybersecurity company said the vulnerabilities include an unauthenticated API and an unencrypted radio signal that can be easily intercepted.

Rapid7 revealed details of the two vulnerabilities on Tuesday after not hearing from Fortress in three months, the standard window of time that security researchers give to companies to fix bugs before details are made public. Rapid7 said its only acknowledgment of its email was when Fortress closed its support ticket a week later without commenting.

Fortress owner Michael Hofeditz opened but did not respond to several emails sent by TechCrunch with an email open tracker. An email from Bottone Riling, a Massachusetts law firm representing Fortress, called the claims “false, purposely misleading and defamatory,” but did not provide specifics that it claims are false, or if Fortress has mitigated the vulnerabilities.

Rapid7 said that Fortress’ unauthenticated API can be remotely queried over the internet without the server checking if the request is legitimate. The researchers said by knowing a homeowner’s email address, the server would return the device’s unique IMEI, which in turn could be used to remotely disarm the system.

The other flaw takes advantage of the unencrypted radio signals sent between the security system and the homeowner’s key fob. That allowed Rapid7 to capture and replay the signals for “arm” and “disarm” because the radio waves weren’t scrambled properly.

Vishwakarma said homeowners could add a plus-tagged email address with a long, unique string of letters and numbers in place of a password as a stand-in for a password. But there was little for homeowners to do for the radio signal bug until Fortress addresses it.

Fortress has not said if it has fixed or plans to fix the vulnerabilities. It’s not clear if Fortress is able to fix the vulnerabilities without replacing the hardware. It’s not known if Fortress builds the device itself or buys the hardware from another manufacturer.

Read more:

#api, #computer-security, #cryptography, #cyberwarfare, #hacking, #law, #massachusetts, #password, #rapid7, #security, #software-testing, #vulnerability

TikTok’s new Creator Marketplace API lets influencer marketing companies tap into first-party data

TikTok is making it easier for brands and agencies to work with the influencers using its service. The company is rolling out a new “TikTok Creator Marketplace API,” which allows marketing companies to integrate more directly with TikTok’s Creator Marketplace, the video app’s in-house influencer marketing platform.

On the Creator Marketplace website, launched in late 2019, marketers have been able to discover top TikTok personalities for their brand campaigns, then create and manage those campaigns and track their performance.

The new API, meanwhile, allows partnered marketing companies to access TikTok’s first-party data about audience demographics, growth trends, best-performing videos, and real-time campaign reporting (e.g. views, likes, shares, comments, engagement, etc.) for the first time.

They can then bring this data back into their own platforms, to augment the insights they’re already providing to their own customer base.

TikTok is not officially announcing the API until later in September, but it is allowing its alpha partners to discuss their early work.

One such partner is Capitv8, which tested the API with a NRF top 50 retailer on one of their first TikTok campaigns. The retailer wanted to discover a diverse and inclusive group of TikTok creators to partner with on a new collaboration and wanted help with launching its own TikTok channel. Captiv8 says the branded content received nearly 10 million views, and the campaign resulted in a “significant increase” in several key metrics, which performed about the Nielsen average. This included familiarity (+4% above average), affinity (+6%), purchase intent (+7%) and recommendation intent (+9%).

Image Credits: TikTok Creator Marketplace website

Capitv8 is now working with TikTok’s API to pull in audience demographics, to centralize influencer offers and activations, and to provide tools to boost branded content and monitor campaign performance. On that last front, the API allows the company to pull in real-time metrics from the TikTok Creator Marketplace API — which means Capitv8 is now one of only a handful of third-party companies with access to TikTok first-party data.

Another early alpha partner is Influential, who shared it’s also leveraging the API to access first-party insights on audience demographics, growth trends, best-performing videos, and more, to help its customer base of Fortune 1000 brands to identify the right creators for both native and paid advertising campaigns.

One partner it worked with was DoorDash, who launched multiple campaigns on TikTok with Influential’s help. It’s also planning to work with McDonald’s USA on several new campaigns that will run this year, including those focused on the chain’s new Crispy Chicken Sandwich and the return of Spicy McNuggets.

Other early alpha partners include Whalar and INCA. The latter is currently only available in the U.K. and its integration stems from the larger TikTok global partnership with WPP, announced in February. That deal provided WPP agencies with early access to new advertising products marketing API integrations, and new AR offerings, among other things.

Creator marketplaces are now common to social media platforms with large influencer communities as this has become a standard way to advertise to online consumers, particular the younger generation. Facebook today offers its Brands Collabs Manager, for both Facebook and Instagram; YouTube has BrandConnect; while Snapchat recently announced a marketplace to connect brands with Lens creators. These type of in-house platforms make it easier for marketers to work with the wider influencer community by offering trusted data on metrics that matter to brands’ own ROI, rather than relying on self-reported data from influencers or on data they have to manually collect themselves. And as campaigns run, marketers can compare how well their partnered creators are able to drive results to inform their future collaborations.

TikTok isn’t making a formal announcement about its new API at this time, telling TechCrunch the technology is still in pilot testing phases for the time being.

“Creators are the lifeblood of our platform, and we’re constantly thinking of new ways to make it easy for them to connect and collaborate with brands. We’re thrilled to be integrating with an elite group of trusted partners to help brands discover and work with diverse creators who can share their message in an authentic way,” said Melissa Yang, TikTok’s Head of Ecosystem Partnerships, in a statement provided to select marketing company partners.

 

#advertising-tech, #alpha, #api, #apps, #articles, #bytedance, #developer, #doordash, #elite, #head, #partner, #software, #tiktok, #united-kingdom, #wpp

Clubhouse is adding spatial audio effects to make users feel like they’re really in the room

It’s been a busy summer for Clubhouse. The hit social audio app rolled out new messaging features and an Android app over the last few months and now the company is turning its attention to enhancing its core audio experience. Clubhouse announced Sunday that its rooms will now be infused with spatial audio to give the app’s listeners a richer sense of hanging out live with a group of other people.

TechCrunch spoke with Clubhouse’s Justin Uberti about the decision to add spatial audio, which has the effect of making different speakers sound like they’re coming from different physical locations instead of just one spot.

Uberti joined Clubhouse in May as its head of streaming technology after more than a decade at Google where he created Google Duo, led the Hangouts team and most recently worked on Google’s cloud gaming platform Stadia. Uberti also created the WebRTC standard that Clubhouse was built on top of.

“One of the things you realize in these group audio settings is that you don’t get quite the same experience as being in a physical space,” Uberti said.

While Clubhouse and other voice chat apps bring people together in virtual social settings, the audio generally sounds relatively flat, like it’s emanating from a single central location. But at the in-person gatherings Clubhouse is meant to simulate, you’d be hearing audio from all around the room, from the left and right of a stage to the various locations in the audience where speakers might ask their questions.

To pull off the new audio tricks, Clubhouse is integrating an API from Second Life creator Philip Rosedale’s spatial audio company High Fidelity and blending it with the company’s own custom audio processing, tuned for the chat app.

High Fidelity’s HRTF technology, which stands for “Head Related Transfer Function,” maps speech to different virtual locations by subtly adding a time delay between stereo channels and replicating the way that high and low frequencies would sound entering the ear depending on a sound’s origin.

The result, long used in social VR, gives virtual social experiences a sense of physical presence that good records have been pulling off for ages. Think listening to Pink Floyd’s Dark Side of the Moon in stereo with good headphones but instead of sound effects and instruments playing around your head, you’re hearing the people you’re hanging out with arrayed in virtual space.

 

According to Uberti, Clubhouse’s implementation will be subtle, but noticeable. While the audio processing will “gently steer conversation” to put most speakers in front of the listener, Clubhouse users should have a new sense that people are speaking from different physical locations.

The new audio features will roll out Sunday to the majority of iOS users, reaching the rest of Clubhouse’s iOS and Android users within the next few weeks. The experience will be available to everyone in time, but users will also have the ability to toggle spatial audio off.

Clubhouse will use the same virtual soundstage techniques to give large rooms a sense of sounding large while making more intimate rooms sound like they’re actually happening in a smaller physical space. And because most people use headphones to participate on Clubhouse, most of the app’s users can benefit from the effects possible through two-channel stereo sound.

“You have this notion of people [being] in a space, in a room… We try to mimic the feel of how it would be in a circle with people standing around talking.”

Uberti also notes that spatial audio could give regular Clubhouse users a less obvious benefit. It’s possible that regular, non-spatialized audio in social apps contributes to the pandemic-era phenomenon of Zoom fatigue. As the human brain processes virtual audio like a phone call or group audio room, it differentiates between speakers in a different way than it would in a natural in-person setting.

“Your mind has to figure out who’s talking. Without spatial cues you have to use timbre… that requires more cognitive effort,” Uberti said. “This could actually make for a more enjoyable experience aside from more immersion.”

It’s too early to know how Clubhouse’s many subcommunities will take to the spatial audio effects, but it could enhance experiences like comedy, music and even ASMR on the app quite a bit.

“Someone tells a joke and it often feels really flat,” Uberti said. “But on Clubhouse, when you feel the laughter come from all around you, it feels a lot like a comedy club experience.”

#api, #clubhouse, #headphones, #high-fidelity, #mobile-applications, #philip-rosedale, #social, #social-audio, #stadia, #tc, #technology

Stipop offers developers and creators instant access to a huge global sticker library

With more than 270,000 stickers, Stipop’s library of colorful, character-driven expressions has a little something for everyone.

The company offers keyboard and social app stickers through ad-supported mobile apps on iOS and Android, but it’s recently focused more on providing stickers to developers, creators and other online businesses.

“We were able to gather so many artists because we actually began as our own app that provided stickers,” Stipop co-founder Tony Park told TechCrunch. The team took what they learned from running their own consumer-facing app — namely that collecting and licensing hundreds of thousands of stickers from artists around the world is hard work — and adapted their business to help solve that problem for others.

Stipop was the first Korean company to go through Yellow, Snapchat’s exclusive accelerator. The company is also part of Y Combinator’s Summer 2021 cohort.

Stipop’s sticker library is accessible through an SDK and an API, letting developers slot the searchable sticker library into their existing software. The company already has more than 200 companies that tap into its huge sticker trove, which offers a “single-day solution” for a process that would otherwise necessitate a lot more legwork. Stipop launched a website recently that helps developers integrate its SDK and API through quick installs.

“They can just add a single line of code inside their product and will have a fully customized sticker feature [so] users will be able to spice up their chats,” Park said.

Park points out that stickers encourage engagement — and for social software, engagement means growth. Stickers are a playful way to send characters back and forth in chat, but they also pop up in a number of other less obvious spots, from dating apps to ecommerce and ridesharing apps. Stipop even drives the sticker search in work collaboration software Microsoft Teams.

The company has already partnered with Google, which uses Stipop’s sticker library in Gboard, Android Messages and Tenor, a GIF keyboard platform that Google bought in 2018. That partnership drove 600 million sticker views within the first month. A new partnership between Stipop and Coca-Cola on the near horizon will add Coke-branded stickers to its sticker library and the company is opening its doors to more brands that understand the unique appeal of stickers in messaging apps.

Park says that people tend to compare stickers and gifs, two ways of wordlessly expressing emotion and social nuance, but stickers are a world unto themselves. Stickers exist in their own creative universe, with star artists, regional themes and original casts of characters that take on a life of their own among fans. “Sticker creators have their own profession,” Park said.

Visual artists can also find a lot of traction releasing stickers, even without sophisticated illustrations. And since they’re all about meaning rather than refinement, non-designers and less skilled artists can craft hit stickers too.

“Stickers are great for them because it [is] so easy to go viral,” Park said. The company has partnered with 8,000 sticker creators across 25 languages, helping those artists monetize their creations and generate income based on how many times a sticker is shared.

Stickers command their own visual language around the world, and Park has observed interesting cultural differences in how people use them to communicate. In the West, stickers are often used in place of text, but in Asia, where they’re used much more frequently, people usually send stickers to enhance rather than replace the meaning of text.

In East Asia, users tend to prefer simple black and white stickers, but in India and Saudi Arabia, bright, golden stickers top the trends. In South America, popular stickers take on a more pixelated, unique quality that resonates culturally there.

“With stickers, you fall in love with [the] characters you send… that becomes you,” Park said.

#android, #api, #asia, #coca-cola, #e-commerce, #gif, #google, #instant-messaging, #microsoft, #social, #software, #south-america, #sticker, #tc, #y-combinator

Zeal banks $13M to offer employers a ‘build your own’ payroll product infrastructure

Embedded fintech company Zeal secured $13 million in Series A funding to continue developing its platform for building individualized payroll products.

Spark Capital led the Series A, with participation from Commerce Ventures and a group of individual investors, including Marqeta CEO Jason Gardner and CRO Omri Dahan, Robinhood founder Vlad Tenev, UltimateSoftware executives Mitch Dauerman and Bob Manne and Namely founder Matt Straz. The latest round now gives the company $14.6 million in total funding, which includes a $1.6 million seed round in 2020, CEO Kirti Shenoy told TechCrunch.

The Bay Area company’s origin was as Puzzl, a payment processing startup for the gig economy, founded in 2018 by Shenoy and CTO Pranab Krishnan. It was part of Y Combinator’s 2019 cohort. The pair had to pivot the company after needing to move some of its thousands of 1099 contractors to W2 employee status.

They went looking for payroll processors that could handle high volumes of payroll automatically, like ADP or Paycor, but found they didn’t match some of the capabilities Shenoy and Krishnan wanted, including to pay workers daily and customize earning components.

To ensure other companies didn’t run into the same problem, they decided to build a payroll API that enables their customers to build their own payroll products, even being able to pay their workers everyday. Traditionally, companies would layer together antiquated third-party payroll tools and spend millions of dollars on consulting fees. Zeal’s API tool modernizes the payroll process and takes on the payroll liability while managing the back-end payment logistics, Shenoy said.

Currently, enterprises use Zeal to pay large volumes of workers and keep payment data on their own native systems, while software platforms that sell business-to-business services use Zeal to build their own payroll product to sell to their customers.

“Our mission is to touch every American paycheck with our tax and payment technology, ensuring that American employees are paid correctly and efficiently,” Krishnan said.

And that is a complex goal: there are 200 million American employees, over $8.8 trillion of payroll is processed annually in the U.S. and the country’s 11,000 tax jurisdictions produce over 25,000 income tax code changes a year.

Meanwhile, Shenoy cited IRS data that showed more than 40% of small and medium businesses pay at least one payroll penalty per year. That was one of the drivers for Zeal’s latest product, the Abacus gross-to-net calculator, which payroll companies can use to ensure they are compliant in paying their income taxes.

The co-founders intend to use the new funding to build out their team and strengthen compliance measures to ensure its track record with enterprises.

“We are starting to win more enterprise deals and moving millions of dollars each day,” Shenoy said. “This has been a legacy space for so long, so companies want to work with a provider to move fast.”

Shenoy predicts that more companies will shift to hyper-customized experiences in the next five to 10 years. Whereas the default was a company like ADP, companies will want to control their own data and build products so their customers can do everything payroll-related from one platform.

As part of the investment, Spark Capital’s partner Natalie Sandman has joined Zeal’s board of directors. She previously invested in other embedded fintech companies like Affirm and Marqeta and thinks there are new experiences in the sector that APIs can unlock.

Sandman felt the payroll-building pain points herself when she worked at Zenefits. At the time, the company was trying to do the same thing, but there were no APIs to connect with. There were all of these spreadsheets to transfer data, but one wrong deduction would trickle down and cause a tax penalty.

Shenoy and Krishnan are both “customer-obsessed,” she said, and are balancing speed with thoughtfulness when it comes to understanding how their customers want to build payroll products.

She is seeing a macro shift to audience-driven human resources where bringing new employees online will mean embedding them into products that will be more valuable versus the traditional spreadsheet.

“To me, it is a no-brainer that APIs provide flexibility in the way wages and deductions need to be made,” Sandman said. “You can lose trust in your employer. Payroll is at the deepest trust point and where you want transparency and a robust solution to solve that need.”

#api, #commerce-ventures, #developer, #enterprise, #funding, #internal-revenue-service, #kirti-shenoy, #natalie-sandman, #payments, #pranab-krishnan, #recent-funding, #saas, #spark-capital, #startups, #tc, #y-combinator, #zeal

Solo.io integrates a cloud native API gateway and service mesh into its enterprise platform

Connecting to all the services and microservices that a modern cloud native enterprise application requires can be a complicated task. It’s an area that startup Solo.io is trying to disrupt with the new release of its Gloo Mesh Enterprise platform.

Based in Cambridge, Massachusetts, Solo has had focus since its founding on a concept known as a service mesh. A service mesh provides an optimized approach to connect different components together in an automated approach, often inside of a Kubernetes cloud native environment. 

Idit Levine, founder and CEO at Solo, explained to TechCrunch that she knew from the outset when she started the company in 2017 that it might take a few years till the market understood the concept of the service mesh and why it is needed. That’s why her company also built out an API gateway technology that helps developers connect APIs, which can be different data sources or services.  

Until this week, the API and service mesh components of Solo’s Gloo Mesh Enterprise offering were separate technologies, with different configurations and control planes. That is now changing with the integration of both API and service mesh capabilities into a unified service. The integrated capabilities should make it easier to set up and configure all manner of services in the cloud that are running on Kubernetes.

Solo’s service mesh, known as Gloo Mesh, is based on the open source Istio project, which was created by Google. The API product is called Gloo Edge, which uses the open source Envoy project, originally created by ride sharing company Lyft. Levine explained that her team has now used Istio’s plugin architecture to connect with Envoy in an optimized approach.

Levine noted that many users start off with an API gateway and then extend to using the service mesh. With the new Gloo Mesh Enterprise update, she expects customer adoption to accelerate further as Solo will be able to differentiate against rivals in both the service mesh and API management markets.

While the service mesh space is still emerging including rivals such as Tetrate, API gateways are a more mature technology. There are a number of established vendors in the API management space including Kong which has raised $71 million in funding. Back in 2016, Google acquired API vendor Apigee for $625 million and has been expanding the technology in the years since, including the Apigee X platform announced in February of this year.

With the integration of Gloo Edge for API management into Gloo Mesh Enterprise, Solo isn’t quite covering all the bases for API technology, yet. Gloo Edge supports REST based APIs, which are by far the most common today, though it doesn’t support the emerging GraphQL API standard, which is becoming increasingly popular. Levine told us to ‘stay tuned’ for a future GraphQL announcement for Solo and its platform.

Solo has raised a total of $36.5 million across two rounds, with an $11 million Series A in 2018 and a $23 million Series B announced in October 2020. The company’s investors include Redpoint and True Ventures.

#api, #cloud, #cloud-computing, #developer, #envoy, #kubernetes, #microservices, #service-mesh, #true-ventures

Balance raises $25M in a Ribbit Capital-led Series A to grow its ‘consumer-like B2B checkout platform’

Balance, a payments platform aimed at B2B merchants and marketplaces, has raised $25 million in a Series A funding round led by Ribbit Capital.

Avid Ventures participated in the financing, in addition to existing backers Lightspeed Ventures, Stripe, Y Combinator Continuity Fund, SciFi VC and UpWest. Other individual investors that put money in the round include early employees and executives from Plaid, Coinbase, Square, Stripe and PayPal, such as Jaqueline Reses, formerly head of Square Capital. The financing comes just over six months after Balance announced a $5.5 million seed round.

The motivation for starting the company was simple, said CEO and co-founder Bar Geron: “We wanted to create an online B2B experience that doesn’t suck.” He and Yoni Shuster, both former PayPal employees, started the company in early 2020.

B2B payments, he said, have historically differed from B2C primarily in that they have not taken place at the moment of purchase (or at the point of sale) but rather within 30 days and with an invoice. This is not an efficient process for merchants or vendors alike, the company maintains.

Meanwhile, most businesses have avoided paying for their supply with credit cards, because cards can quickly max out, Geron said.

“The only element that keeps many merchants offline is payments,” he told TechCrunch. “It’s a process that is stuck in the flow of those marketplaces and keeping them from scaling. We got fascinated with the problem.”

After starting out at Y Combinator, Balance has developed what it describes as a “consumer-like B2B checkout platform for merchants and marketplaces,” or a “self-serve digital checkout experience company for B2B businesses.”

What that means is that Balance has built a B2B payments platform that allows merchants to offer a variety of payment methods, including ACH, cards, checks and bank wires, as well as a variety of terms, including payment on delivery, net payment terms and payment by milestone. Behind the scenes, Balance underwrites the terms of those transactions requiring financing by evaluating the risk of the customer, the merchant and the specific payment terms selected. Balance is built on top of Stripe and offers all of Stripe’s credit card payment options, but then extends far beyond them.

Balance, according to Geron, invested “a lot” in APIs for marketplaces.

“We have a very robust API platform so that these businesses can manage the entire payment flow without being exposed to the risk and regulation of payments,” he told TechCrunch. “And this is all happening without them even touching the funds.”

The plus for merchants is the ability to get immediate payout that is always reconciled like credits. Marketplaces are equipped with automated vendor disbursement, a full compliance umbrella and reconciliation management, Balance says.

“We want to make the online payments experience for businesses as seamless as it is for consumer payments, and we want to do it globally,” Geron told TechCrunch.

The startup has already partnered with e-commerce giants such as BigCommerce and Magento and will soon also work with Salesforce, according to Geron. Its customers range from startups to publicly traded marketplaces to e-commerce enterprises across a variety of industries such as steel, freight, hardware, food ordering, medical supply and apparel. They include Bryzos, Choco, Zilingo and Bay Supply, among others.

It’s early days yet, but Balance has seen growth of about 500% to 600% since the time of its last raise in February, Geron said. The company, which has offices in Tel Aviv and New York, has about 30 employees.

Jordan Angelos, a general partner at Ribbit and former head of M&A and investment at Stripe, believes the fact that Balance has built its platform specifically for “rapidly scaling” B2B marketplaces and merchants is reflective of a “well-placed” focus.

“B2B marketplaces, for example, have a very particular set of payments and capital markets-related needs that can be much more holistically and elegantly solved with Balance’s flexible toolkit than alternatives,” he wrote via email. “Payments and checkout are two sides of the same coin, and Balance’s products allow users to address them together to better serve their customers as well as their own margins.”

#api, #avid-ventures, #balance, #e-commerce, #ecommerce, #finance, #funding, #fundings-exits, #lightspeed-ventures, #new-york, #online-payments, #payments, #recent-funding, #ribbit-capital, #startups, #stripe, #tel-aviv, #venture-capital, #y-combinator

Ramp and Brex draw diverging market plans with M&A strategies

Earlier today, spend management startup Ramp said it has raised a $300 million Series C that valued it $3.9 billion. It also said it was acquiring Buyer, a “negotiation-as-a-service” platform that it believes will help customers save money on purchases and SaaS products.

The round and deal were announced just a week after competitor Brex shared news of its own acquisition — the $50 million purchase of Israeli fintech startup Weav. That deal was made after Brex’s founders invested in Weav, which offers a “universal API for commerce platforms”.

From a high level, all of the recent deal-making in corporate cards and spend management shows that it’s not enough to just help companies track what employees are expensing these days. As the market matures and feature sets begin to converge, the players are seeking to differentiate themselves from the competition.

But the point of interest here is these deals can tell us where both companies think they can provide and extract the most value from the market.

These differences come atop another layer of divergence between the two companies: While Brex has instituted a paid software tier of its service, Ramp has not.

Earning more by spending less

Let’s start with Ramp. Launched in 2019, the company is a relative newcomer in the spend management category. But by all accounts, it’s producing some impressive growth numbers. As our colleague Mary Ann Azevedo wrote this morning:

Since the beginning of 2021, the company says it has seen its number of cardholders on its platform increase by 5x, with more than 2,000 businesses currently using Ramp as their “primary spend management solution.” The transaction volume on its corporate cards has tripled since April, when its last raise was announced. And, impressively, Ramp has seen its transaction volume increase year over year by 1,000%, according to CEO and co-founder Eric Glyman.

Ramp’s focus has always been on helping its customers save money: It touts a 1.5% cashback reward for all purchases made through its cards, and says its dashboard helps businesses identify duplicitous subscriptions and license redundancies. Ramp also alerts customers when they can save money on annual vs. monthly subscriptions, which it says has led many customers to do away with established T&E platforms like Concur or Expensify.

All told, the company claims that the average customer saves 3.3% per year on expenses after switching to its platform — and all that is before it brings Buyer into the fold.

#airbase, #api, #brex, #concur, #corporate-spend, #e-commerce, #ec-fintech, #ec-news-analysis, #enterprise, #finance, #financial-services, #fintech-startup, #fundings-exits, #ma, #mergers-and-acquisitions, #paypal, #ramp, #startups, #stripe, #weav

Givz raises $3M in seed funding to make donations a marketing tool for businesses

Givz, which has developed an API-powered platform that gives brands a way to convert discounts into donations, has raised $3 million in seed funding.

Eniac and Accomplice co-led the financing for the New York-based startup. Additional investors include Supernode Ventures, Claude Wasserstein of Fine Day, Phoenix Club and Dylan Whitman.

Givz was founded in 2017 to make charitable giving more accessible and convenient for the masses. In March 2020, right before the COVID-19 pandemic hit, the company pivoted from B2C to B2B and used the technology rails it had built to create the e-commerce marketing platform that Givz is today.

The company aims to drive “full-price purchasing behavior” by giving consumers the ability to convert the money they would be saving if getting a discount, and donating it to their favorite charities. 

Prior to the funding, Givz had been working with more than 80 enterprise, mid-market and SMB retail and e-commerce clients such as H&M, Tom Brady’s TB12, Seedlip and Terez, and accumulated more than 40,000 individual users. Since the shift last year, the company has helped drive more than $1 million to 1,100 charities, according to CEO and founder Andrew Forman.

It just launched on Shopify, which Forman says will give the startup access to the 1.7 million retailers that use Shopify as their e-commerce platform.

Givz operates under the premise that “donation-driven marketing” consistently outperforms discounts and costs less, “making it an attractive addition” to corporate marketing.

“We are creating a new marketing category and generating the largest sustainable charitable giving platform in the process,” he told TechCrunch. 

An example of a company using Givz can be found in Tervis, which offered customers “For every $50 you spend, you’ll receive $15 to give to the charity of your choice.” 

“They used Givz technology to allow consumers to choose the charity of their choice and make a turnkey disbursement to hundreds of charities,” Forman explained. “They saw a 20% lift in website conversion and a 17% increase in average order value as a result of this offer.”

Image Credits: Givz

Currently, Givz has eight employees with plans to more than double that number over the next year.

The company plans to use the new capital toward that hiring, and to do some marketing of its own.

“We also want to explore the full potential around the consumer behavior data we collect,” Forman said.

In the short term, Givz is focused on “Shopify growth” with direct to consumer brands.

“But we have successful use cases and huge potential with enterprise retailers and financial institutions,” Forman told TechCrunch. “In the future, we have our sights set on restaurants, the gaming industry and global expansion. I believe that using personalized donations to incentivize consumer behavior has endless application across industries, verticals and continents.”

Eniac partner Vic Singh said that there’s been a trend of brands experimenting with different ways to target the socially conscious consumer. 

“We believe Givz’s donation-driven marketing platform offers brands the best way to attract the socially conscious consumer while elevating their brand, moving more inventory and driving increased order value rather than simplistic traditional discounting,” he added.

Accomplice’s TJ Mahony said that both he and Singh believed SMS would emerge as a new marketing category, which led to early investments in Attentive and Postscript, respectively.

“We both saw a similar opportunity with Givz,” he wrote via e-mail. “Discounting is a well worn marketing muscle, but it’s detrimental to the brand, margins and customer expectations. We believe continuous impact marketing becomes the alternative to discounting and marketers will begin to build teams and budget around thoughtful and persistent giving strategies.”

#accomplice, #api, #e-commerce, #ecommerce, #eniac-ventures, #funding, #fundings-exits, #givz, #marketing, #new-york, #payments, #recent-funding, #retail, #saas, #startup, #startups, #tc, #venture-capital, #vic-singh

Moesif secures $12M to provide user behavior insights on API usage

As more companies provide more API-first services, Moesif has developed a way for those companies to learn how their customers are utilizing them.

The San Francisco-based startup is adding to its capital raise Monday with the announcement of a $12 million Series A round led by David Sacks and Arra Malekzadeh of Craft Ventures. Existing investor Merus Capital, which led Moesif’s $3.5 million seed round in 2019, also participated in the round, bringing the company’s total raise to $15.5 million, Moesif co-founder and CEO Derric Gilling told TechCrunch.

Gilling and Xing Wang founded Moesif in 2017 and went through the Alchemist Accelerator in 2018.

Companies seeking data around API usage and workflow traditionally had to build that capability in-house on top of a tech like Snowflake, Gilling said. One of the problems with that was if someone wanted a report, the process was ad hoc, meaning they would file a ticket and wait until a team had time to run the report. In addition, companies find it difficult to accurately bill customers on usage or manage when someone exceeds the rate limits.

“We started to see people build on top of our platform and pull data on APIs, and they started asking us how to directly serve customers, like making them aware if they are hitting a rate limit,” Gilling added. “We started to build new functionality and a way to customize the look and feel of the platform.”

Moesif provides self-service analytics that can be accessed daily and features to scale analytics in a more cost-effective manner. Customers use it to monitor features to better understand when there are issues with the API, and there are additional capabilities to understand who is using the API, how often and who may be likely to stop using a product based on how they are using it.

The company is also now seeing its revenue grow over 20% month over month this year and adoption by more diverse use cases and larger companies. At the time of the seed round, the company was just getting started with analytics and user trials, Gilling said. Today, it boasts a customer list that includes UPS, Tomorrow.io, Symbl.ai and Deloitte.

The company has also gone from a team of two to nine employees, and Gilling expects to use the new funding to bolster that roster across engineering, sales, developer relations and customer success.

He is also focusing on being a thought leader in the space and is pushing go-to-market and building out a new set of features to monetize APIs and improve its dashboard to better differentiate Moesif from competitors, which he said focus more on server health versus customer usage.

As part of the investment, Craft Ventures’ Malekzadeh is joining Moesif’s board. She was introduced to Gilling by another portfolio company and felt Moesif fit into Crafts’ thesis on SaaS companies.

Malekzadeh’s particular interest is in developer tools, and while in her previous position working at a startup developing APIs, she felt firsthand the pain point of not being able to know how those APIs were being used, how much customers should be billed and “was always bugging the product and engineering teams for reports.”

Moesif didn’t exist at the time she worked at the startup, and instead, her company had to build it own tools that turned out to be clunky, while at the same time recruiting top engineers that didn’t want to take up their time with building something that wasn’t the company’s core product.

“The two founders are highly technical, but they provided great content on their website that helped me learn about them,” Malekzadeh added. “One of the interesting things about them is that even though they are technical, they speak the same language as a business user, which makes them special as a developer-first company. Just the growth in their revenue was super impressive, and their customer references were glowing.”

#api, #apps, #arra-malekzadeh, #craft-ventures, #david-sacks, #derric-gilling, #enterprise, #funding, #merus-capital, #moesif, #recent-funding, #startups, #tc, #xing-wang

Rutter comes out of stealth with $1.5M in funding for its e-commerce API

Rutter, a remote-first company, is developing a unified e-commerce API that enables companies to connect with data across any platform.

On Friday the company announced it was emerging from stealth with $1.5 million in funding from a group of investors including Haystack, Liquid 2 and Basis Set Ventures.

Founders Eric Yu and Peter Zhou met in school and started working on Rutter, which Zhou called “Plaid for commerce,” in 2017 before going through the summer 2019 Y Combinator cohort.

They stumbled upon the e-commerce API idea while working in education technology last year. The pair were creating subscription kits and learning materials for parents concerned about how their children would be learning during the global pandemic. Then their vendor customers had problems listing their storefronts on Amazon, so they wrote scripts to help them, but found that they had to write separate scripts for each platform.

With Rutter, customers only need one script to connect anywhere. Its APIs connect to e-commerce platforms like Shopify, Walmart and Amazon so that tech customers can build functions like customer support and chatbots, Yu told TechCrunch.

Lan Xuezhao, founding and managing partner of Basis Set Ventures, said via email that she was “super excited” about Rutter first because of the founders’ passion, grit and speed of iteration to a product. She added it reminded her of another team that successfully built a business from zero to over $7 billion.

“After watching them (Rutter) for a few years, it’s clear what they built is powerful: it’s the central nervous system of online commerce,” Xuezhao added.

As the founders see it, there are two big explosions going on in e-commerce: the platform side with the adoption of headless commerce — the separating of front end and back end functions of an e-commerce site, and new companies coming in to support merchants.

The new funding will enable Yu and Zhou to build up their team, including hiring more engineers.

Due to the company officially launching at the beginning of the year, Yu did not disclose revenue metrics, but did say that Rutter’s API volume was doubling and tripling in the last few months. It is also supporting merchants that connect with over 5,000 stores.

Some of Rutter’s competitors are building one aspect of commerce, like returns, warranties and checkouts, but Yu said that since Shopify represents just 10% of e-commerce, the company’s goal is to take merchants beyond the marketplace by being “that unified app store for merchants to find products.”

“We think that in the future, the e-commerce stack of a merchant will look like the SaaS stack of a software company,” Zhou added. “We want to be the glue that holds that stack together for merchants.”

 

#api, #apps, #basis-set-ventures, #developer, #ecommerce, #enterprise, #eric-yu, #funding, #haystack, #headless-commerce, #lan-xuezhao, #liquid-2, #online-commerce, #peter-zhou, #recent-funding, #rutter, #startups, #tc, #y-combinator

Tiger Global backs Nacelle with $50M for its e-commerce infrastructure

Consumer shift to buying online during the global pandemic — and keeping that habit — continues to boost revenue for makers of developer tools that help e-commerce sites provide better shopping experiences.

LA-based Nacelle is one of the e-commerce infrastructure companies continuing to attract investor attention, and at a speedy clip, too. It closed on a $50 million Series B round from Tiger Global. This is just six months after its $18 million Series A round, led by Inovia, and follows a $4.8 million seed round in 2020.

The company is working in “headless” commerce, which means it is disconnecting the front end of a website, a.k.a. the storefront, from the back end, where all of the data lives, to create a better shopping experience, CEO Brian Anderson told TechCrunch. By doing this, the back end of the store, essentially where all the magic happens, can be updated and maintained without changing the front end.

“Online shopping is not new, but how the customer relates to it keeps changing,” he said. “The technology for online shopping is not up to snuff — when you click on something, everything has to reload compared to an app like Instagram.”

More people shopping on their mobile devices creates friction due to downloading an app for each brand. That is “sucking the fun out of shopping online,” because no one wants that many apps on their phone, Anderson added.

Steven Kramer, board member and former EVP of Hybris, said via email that over the past two decades, the e-commerce industry went through several waves of innovation. Now, maturing consumer behaviors and expectations are accelerating the current phase.

“Retailers and brands are struggling with adopting the latest technologies to meet today’s requirements of agility, speed and user experience,” Kramer added. “Nacelle gives organizations a future-proof way to accelerate their innovation, leverage existing investments and do so with material ROI.”

Data already shows that COVID-era trends accelerated e-commerce by roughly five years, and Gartner predicts that 50% of new commerce capabilities will be incorporated as API-centric SaaS services by 2023.

Those kinds of trends are bringing in competitors that are also attracting investor attention — for example, Shopistry, Swell, Fabric, Commerce Layer and Vue Storefront are just a few of the companies that raised funding this year alone.

Anderson notes that the market continues to be hot and one that can’t be ignored, especially as the share of online retail sales grows. He explained that some of his competitors force customers to migrate off of their current tech stack and onto their respective platforms so that their users can get a good customer experience. In contrast, Nacelle enables customers to keep their tech stack and put components together as they see fit.

“That is painful in any vertical, but especially for e-commerce,” he said. “That is your direct line to revenue.”

Meanwhile, Nacelle itself grew 690% in the past year in terms of revenue, and customers are signing multiyear contracts, Anderson said.

Anderson, who is an engineer by trade, wants to sink his teeth into new products as adoption of headless commerce grows. These include providing a dynamic layer of functionality on top of the tech stack for storefronts that are traditionally static, and even introducing some livestream capabilities later this year.

As such, Nacelle will invest the new round into its go-to-market strategy and expand its customer success, partner relations and product development. He said Nacelle is already “the de facto standard” for Shopify Plus merchants going headless.

“We want to put everything in a tailor-made API for e-commerce that lets front-end developers do their thing with ease,” Anderson added. “We also offer starter kits for merchants as a starting point to get up-and-running.”

#api, #apps, #brian-anderson, #ecommerce, #enterprise, #funding, #headless-commerce, #hybris, #merchandising, #mobile-device, #nacelle, #online-shopping, #recent-funding, #retail, #startups, #steven-kramer, #tc, #tiger-global

Twitter adds support for Twitter Spaces to its rebuilt API

Twitter is rolling out changes its newly rebuilt API that will allow third-party developers to build tools and other solutions specifically for its audio chatroom product, Twitter Spaces. The company today announced it’s shipping new endpoints to support Spaces on the Twitter API v2, with the initial focus on enabling discovery of live or scheduled Spaces. This may later be followed by an API update that will make it possible for developers to build out more tools for Spaces’ hosts.

The company first introduced its fully rebuilt API last year, with the goal of modernizing its developer platform while also making it easier to add support for Twitter’s newer features at a faster pace. The new support for Twitter Spaces in the API is one example of that plan now being put into action.

With the current API update, Twitter hopes developers will build new products that enable users — both on and off Twitter — to find Twitter Spaces more easily, the company says. This could potentially broaden the reach of Spaces and introduce its audio chats to more people, which could give Twitter a leg up in the increasingly competitive landscape for audio-based social networking. Today, Twitter Spaces isn’t only taking on Clubhouse, but also the audio chat experiences being offered by Facebook, Discord, Reddit, Public.com, Spotify, and smaller social apps.

According to Twitter, developers will gain access to two new endpoints, Spaces lookup and Spaces search, which allow them to lookup live and scheduled Spaces using specific criteria — like the Spaces ID, user ID, or keywords. The Spaces lookup endpoint also offers a way to begin to understand the public metadata and metrics associated with a Space, like the participant count, speaker count, host profile information, detected language being used, start time, scheduled start time, creation time, status, and whether the Space is ticketed or not, Twitter tells us.

To chose what Spaces functionality to build into its API first, Twitter says it spoke to developers who told the company they wanted functionality that could help people discover Spaces they may find interesting and set reminders for attending. Developers said they also want to build tools that would allow Spaces hosts to better understand how well their audio chats are performing. But most of these options are yet available with today’s API update. Twitter only said it’s “exploring” other functionality — like tools that would allow developers to integrate reminders into their products, as well as those that would be able to surface certain metrics fields available in the API or allow developers to build analytics dashboards.

These ideas for other endpoints haven’t yet gained a spot on Twitter’s Developer Platform Roadmap, either.

Twitter also told us it’s not working on any API endpoints that would allow developers to build standalone client apps for Twitter Spaces, as that’s not something it heard interest in from its developer community.

Several developers have been participating in a weekly Spaces hosted by Daniele Bernardi from Twitter’s Spaces team, and were already clued in to coming updates. Developers with access to the v2 API will be able to begin building with the new endpoints starting today, but none have new experiences ready to launch at this time. Twitter notes Bernardi will also host another Spaces event today at 12 PM PT to talk in more detail about the API update and what’s still to come.

#api, #apps, #facebook, #operating-systems, #real-time-web, #social, #software, #speaker, #spotify, #technology, #text-messaging, #twitter, #twitter-spaces, #unity

Evervault’s ‘encryption as a service’ is now open access

Dublin-based Evervault, a developer-focused security startup which sells encryption vis API and is backed by a raft of big name investors including the likes of Sequoia, Kleiner Perkins and Index Ventures, is coming out of closed beta today — announcing open access to its encryption engine.

The startup says some 3,000 developers are on its waitlist to kick the tyres of its encryption engine, which it calls E3.

Among “dozens” of companies in its closed preview are drone delivery firm Manna, fintech startup Okra, and healthtech company Vital. Evervault says it’s targeting its tools at developers at companies with a core business need to collect and process four types of data: Identity & contact data; Financial & transaction data; Health & medical data; and Intellectual property.

The first suite of products it offers on E3 are called Relay and Cages; the former providing a new way for developers to encrypt and decrypt data as it passes in and out of apps; the latter offering a secure method — using trusted execution environments running on AWS — to process encrypted data by isolating the code that processes plaintext data from the rest of the developer stack.

Evervault is the first company to get a product deployed on Amazon Web Services’ Nitro Enclaves, per founder Shane Curran.

“Nitro Enclaves are basically environments where you can run code and prove that the code that’s running in the data itself is the code that you’re meant to be running,” he tells TechCrunch. “We were the first production deployment of a product on AWS Nitro Enclaves — so in terms of the people actually taking that approach we’re the only ones.”

It shouldn’t be news to anyone to say that data breaches continue to be a serious problem online. And unfortunately it’s sloppy security practices by app makers — or even a total lack of attention to securing user data — that’s frequently to blame when plaintext data leaks or is improperly accessed.

Evervault’s fix for this unfortunate ‘feature’ of the app ecosystem is to make it super simple for developers to bake in encryption via an API — taking the strain of tasks like managing encryption keys. (“Integrate Evervault in 5 minutes by changing a DNS record and including our SDK,” is the developer-enticing pitch on its website.)

“At the high level what we’re doing… is we’re really focusing on getting companies from [a position of] not approaching security and privacy from any perspective at all — up and running with encryption so that they can actually, at the very least, start to implement the controls,” says Curran.

“One of the biggest problems that companies have these days is they basically collect data and the data sort of gets sprawled across both their implementation and their test sets as well. The benefit of encryption is that  you know exactly when data was accessed and how it was accessed. So it just gives people a platform to see what’s happening with the data and start implementing those controls themselves.”

With C-Suite executives paying increasing mind to the need to properly secure data — thanks to years of horrific data breach scandals (and breach déjà vu), and also because of updated data protection laws like Europe’s General Data Protection Regulation (GDPR) which has beefed up penalties for lax security and data misuse — a growing number of startups are now pitching services that promise to deliver ‘data privacy’, touting tools they claim will protect data while still enabling developers to extract useful intel.

Evervault’s website also deploys the term “data privacy” — which it tells us it defines to mean that “no unauthorized party has access to plaintext user/customer data; users/customers and authorized developers have full control over who has access to data (including when and for what purpose); and, plaintext data breaches are ended”. (So encrypted data could, in theory, still leak — but the point is the information would remain protected as a result of still being robustly encrypted.)

Among a number of techniques being commercialized by startups in this space is homomorphic encryption — a process that allows for analysis of encrypted data without the need to decrypt the data.

Evervault’s first offering doesn’t go that far — although its ‘encryption manifesto‘ notes that it’s keeping a close eye on the technique. And Curran confirms it is likely to incorporate the approach in time. But he says its first focus has been to get E3 up and running with an offering that can help a broad swathe of developers.

“Fully homomorphic [encryption] is great. The biggest challenge if you’re targeting software developers who are building normal services it’s very hard to build general purpose applications on top of it. So we take another approach — which is basically using trusted execution environments. And we worked with the Amazon Web Services team on being their first production deployment of their new product called Nitro Enclaves,” he tells TechCrunch.

“The bigger focus for us is less about the underlying technology itself and it’s more about taking what the best security practices are for companies that are already investing heavily in this and just making them accessible to average developers who don’t even know how encryption works,” Curran continues. “That’s where we get the biggest nuance of Evervault vs some of these others privacy and security companies — we build for developers who don’t normally think about security when they’re building things and try to build a great experience around that… so it’s really just about bridging the gap between ‘the start of art’ and bringing it to average developers.”

“Over time fully homomorphic encryption is probably a no-brainer for us but both in terms of performance and flexibility for your average developer to get up and running it didn’t really make sense for us to build on it in its current form. But it’s something we’re looking into. We’re really looking at what’s coming out of academia — and if we can fit it in there. But in the meantime it’s all this trusted execution environment,” he adds.

Curran suggests Evervault’s main competitor at this point is open source encryption libraries — so basically developers opting to ‘do’ the encryption piece themselves. Hence it’s zeroing in on the service aspect of its offering; taking on encryption management tasks so developers don’t have to, while also reducing their security risk by ensuring they don’t have to touch data in the clear.

“When we’re looking at those sort of developers — who’re already starting to think about doing it themselves — the biggest differentiator with Evervault is, firstly the speed of integration, but more importantly it’s the management of encrypted data itself,” Curran suggests. “With Evervault we manage the keys but we don’t store any data and our customers store encrypted data but they don’t store keys. So it means that even if they want to encrypt something with Evervault they never have all the data themselves in plaintext — whereas with open source encryption they’ll have to have it at some point before they do the encryption. So that’s really the base competitor that we see.”

“Obviously there are some other projects out there — like Tim Berners-Lee’s Solid project and so on. But it’s not clear that there’s anybody else taking the developer-experience focused approach to encryption specifically. Obviously there’s a bunch of API security companies… but encryption through an API is something we haven’t really come across in the past with customers,” he adds.

While Evervault’s current approach sees app makers’ data hosted in dedicated trusted execution environments running on AWS, the information still exists there as plaintext — for now. But as encryption continues to evolves it’s possible to envisage a future where apps aren’t just encrypted by default (Evervault’s stated mission is to “encrypt the web”) but where user data, once ingested and encrypted, never needs to be decrypted — as all processing can be carried out on ciphertext.

Homomorphic encryption has unsurprisingly been called the ‘holy grail’ of security and privacy — and startups like Duality are busy chasing it. But the reality on the ground, online and in app stores, remains a whole lot more rudimentary. So Evervault sees plenty of value in getting on with trying to raise the encryption bar more generally.

Curran also points out that plenty of developers aren’t actually doing much processing of the data they gather — arguing therefore that caging plaintext data inside a trusted execution environment can thus abstract away a large part of the risk related to these sort of data flows anyway. “The reality is most developers who are building software these days aren’t necessarily processing data themselves,” he suggests. “They’re actually just sort of collecting it from their users and then sharing it with third party APIs.

“If you look at a startup building something with Stripe — the credit card flows through their systems but it always ends up being passed on somewhere else. I think that’s generally the direction that most startups are going these days. So you can trust the execution — depending on the security of the silicon in an Amazon data center kind of makes the most sense.”

On the regulatory side, the data protection story is a little more nuanced than the typical security startup spin.

While Europe’s GDPR certainly bakes security requirements into law, the flagship data protection regime also provides citizens with a suite of access rights attached to their personal data — a key element that’s often overlooked in developer-first discussions of ‘data privacy’.

Evervault concedes that data access rights haven’t been front of mind yet, with the team’s initial focus being squarely on encryption. But Curran tells us it plans — “over time” — to roll out products that will “simplify access rights as well”.

“In the future, Evervault will provide the following functionality: Encrypted data tagging (to, for example, time-lock data usage); programmatic role-based access (to, for example, prevent an employee seeing data in plaintext in a UI); and, programmatic compliance (e.g. data localization),” he further notes on that.

 

#api, #aws, #cryptography, #developer, #dublin, #encryption, #europe, #evervault, #general-data-protection-regulation, #homomorphic-encryption, #nitro-enclaves, #okra, #privacy, #security, #sequoia, #shane-curran, #tim-berners-lee

Roblox acquires Discord competitor Guilded

Roblox is using M&A to bulk up its social infrastructure, announcing Monday morning that they had acquired the team at Guilded which has been building a chat platform for competitive gamers.

The service competes with gaming chat giant Discord, with the team’s founders telling TechCrunch in the past that as Discord’s ambitions had grown beyond the gaming world, its core product was meeting fewer competitive gaming needs. Like Discord, users can have text and voice conversations on the Gulded platform, but Guilded also allowed users to organize communities around events and calendars, with plenty of specific functionality designed around ensuring that tournaments happened seamlessly.

The startup’s product supported hundreds of games, with specific functionality for a handful of titles including League of Legends, Fortnite, CS: GO and, yes, Roblox. Earlier this year, the company launched a bot API designed to help non-technical users build bots that could enrich their gaming communities.

Guilded had raised $10.2 million in venture capital funding to date according to Crunchbase, including a $7 million Series A led by Matrix Partners early last year. The company launched out of Y Combinator in mid-2017.

Terms of the Roblox deal weren’t disclosed. In an announcement post, Roblox detailed that the Guilded team will operate as an independent product group going forward. In a separate blog post, Guilded CEO Eli Brown wrote that existing stakeholders will be able to continue using the product as they have previously.

“Everyone – including communities, partners, and bot developers – will be able to keep using Guilded the same way you are now,” Brown wrote. “Roblox believes in our team and in our mission, and we’re going to continue to operate as an independent product in order to achieve it.”

Roblox has seen profound success and heightened investor attention in recent years as the pandemic has pushed more gamers online and brought more users into the fold, but that success has drawn the attention of competitors. In June, Facebook acquired a small Roblox competitor called Crayta, with CEO Mark Zuckerberg announcing just weeks ago that he planned to transform Facebook into a “metaverse” company, using a term many have come to associate closely with what Roblox has been building. Guilded represents an opportunity for Roblox to bring its user base deeper inside its own suite of products, creating a social infrastructure that keeps users bought in.

#api, #ceo, #core, #discord, #facebook, #freeware, #gaming, #guilded, #league-of-legends, #mark-zuckerberg, #matrix-partners, #metaverse, #online-games, #product, #roblox, #social-infrastructure, #software, #tc, #video-gaming, #y-combinator