OpenSea admits incident as top exec is accused of trading NFTs on insider information

The “eBay of NFTs” is running into a scandal as it admits one of its employees traded the crypto digital assets using insider information from the platform.

Yesterday, a top executive at NFT platform OpenSea was accused of front-running sales on the platform, purchasing pieces from NFT collections before they were featured on the homepage of the platform. According to Twitter user @ZuwuTV, the startup’s Head of Product was using secret crypto wallets to buy drops before they listed on the main page of OpenSea, selling them shortly after they were highlighted publicly by OpenSea, and funneling the profits back to his main account. Users linked to a handful of transactions from accounts linked back to the executive on the public blockchain including an NFT drop that was, at the time, actively listed on the front page of the platform.

Today, OpenSea seemed to acknowledge the incident, saying in a blog post that it had “learned that one of our employees purchased items that they knew were set to display on our front page before they appeared there publicly.” The company did not identify the employee but said that they were conducting an “immediate” review of the incident. The startup, which was recently valued at $1.5 billion after raising a $100 million Series B from Andreessen Horowitz, added in the unsigned blog post that this incident was “incredibly disappointing.”

“We’re conducting a thorough review of yesterday’s incident and are committed to doing the right thing for OpenSea users,” OpenSea CEO Devin Finzer said in a tweet.

OpenSea, which did a record $3.4 billion in transaction volume last month, appears not to have had any rules in places preventing employees from using confidential information to buy or sell NFTs on its own platform to its own users. The company detailed that it was now implementing a policy that team members could not buy or sell “from collections or creators while we are featuring or promoting them,” and that they are “prohibited from using confidential information to purchase or sell any NFTs, whether available on the OpenSea platform or not.”

Most NFTs are not generally assumed to be securities, despite little official guidance from the SEC on the crypto asset class. Some in the space have questioned whether different mechanics around buying and selling, alongside ongoing rewards structures may be pushing some NFT sales further into securities territory.

“Many have been enticed by dramatic jumps in the value of new digital assets,” Senate Banking Committee Chairman Sherrod Brown said in a hearing yesterday — as transcribed by The Block — where the relationship between crypto markets and SEC enforcement was discussed. “Some professional investors and celebrities make earning millions look easy. But, as we are reminded time and again, it’s never that simple – and too often, someone’s quick profit comes at the expense of workers and entire communities.”

We’ve reached out to OpenSea for further comment.

#andreessen-horowitz, #blockchains, #ceo, #chairman, #cryptocurrencies, #cryptocurrency, #cryptography, #distributed-computing, #ebay, #ethereum, #executive, #head, #opensea, #tc, #u-s-securities-and-exchange-commission

Nuula raises $120M to build out a financial services ‘superapp’ aimed at SMBs

A Canadian startup called Nuula that is aiming to build a superapp to provide a range of financial services to small and medium businesses has closed $120 million of funding, money that it will use to fuel the launch of its app and first product, a line of credit for its users.

The money is coming in the form of $20 million in equity from Edison Partners, and a $100 million credit facility from funds managed by the Credit Group of Ares Management Corporation.

The Nuula app has been in a limited beta since June of this year. The plan is to open it up to general availability soon, while also gradually bringing in more services, some built directly by Nuula itself and but many others following an embedded finance strategy: business banking, for example, will be a service provided by a third party and integrated closely into the Nuula app to be launched early in 2022; and alongside that, the startup will also be making liberal use of APIs to bring in other white-label services such as B2B and customer-focused payment services, starting first in the U.S. and then expanding to Canada and the U.K. before further countries across Europe.

Current products include cash flow forecasting, personal and business credit score monitoring, and customer sentiment tracking; and monitoring of other critical metrics including financial, payments and eCommerce data are all on the roadmap.

“We’re building tools to work in a complementary fashion in the app,” CEO Mark Ruddock said in an interview. “Today, businesses can project if they are likely to run out of money, and monitor their credit scores. We keep an eye on customers and what they are saying in real time. We think it’s necessary to surface for SMBs the metrics that they might have needed to get from multiple apps, all in one place.”

Nuula was originally a side-project at BFS, a company that focused on small business lending, where the company started to look at the idea of how to better leverage data to build out a wider set of services addressing the same segment of the market. BFS grew to be a substantial business in its own right (and it had raised its own money to that end, to the tune of $184 million from Edison and Honeywell).  Over time, it became apparent to management that the data aspect, and this concept of a super app, would be key to how to grow the business, and so it pivoted and rebranded earlier this year, launching the beta of the app after that.

Nuula’s ambitions fall within a bigger trend in the market. Small and medium enterprises have shaped up to be a huge business opportunity in the world of fintech in the last several years. Long ignored in favor of building solutions either for the giant consumer market, or the lucrative large enterprise sector, SMBs have proven that they want and are willing to invest in better and newer technology to run their businesses, and that’s leading to a rush of startups and bigger tech companies bringing services to the market to cater to that.

Super apps are also a big area of interest in the world of fintech, although up to now a lot of what we’ve heard about in that area has been aimed at consumers — just the kind of innovation rut that Nuula is trying to get moving.

“Despite the growth in services addressing the SMB sector, overall it still lacks innovation compared to consumer or enterprise services,” Ruddock said. “We thought there was some opportunity to bring new thinking to the space. We see this as the app that SMBs will want to use everyday, because we’ll provide useful tools, insights and capital to power their businesses.”

Nuula’s priority to build the data services that connect all of this together is very much in keeping with how a lot of neobanks are also developing services and investing in what they see as their unique selling point. The theory goes like this: banking services are, at the end of the day, the same everywhere you go, and therefore commoditized, and so the more unique value-added for companies will come from innovating with more interesting algorithms and other data-based insights and analytics to give more power to their users to make the best use of what they have at their disposal.

It will not be alone in addressing that market. Others building fintech for SMBs include Selina, ANNA, Amex’s Kabbage (an early mover in using big data to help loan money to SMBs and build other financial services for them), Novo, Atom Bank, Xepelin, and Liberis, biggies like Stripe, Square and PayPal, and many others.

The credit product that Nuula has built so far is a taster of how it hopes to be a useful tool for SMBs, not just another place to get money or manage it. It’s not a direct loaning service, but rather something that is closely linked to monitoring a customers’ incomings and outgoings and only prompts a credit line (which directly links into the users’ account, wherever it is) when it appears that it might be needed.

“Innovations in financial technology have largely democratized who can become the next big player in small business finance,” added Gary Golding, General Partner, Edison Partners. “By combining critical financial performance tools and insights into a single interface, Nuula represents a new class of financial services technology for small business, and we are excited by the potential of the firm.”

“We are excited to be working with Nuula as they build a unique financial services resource for small businesses and entrepreneurs,” said Jeffrey Kramer, Partner and Head of ABS in the Alternative Credit strategy of the Ares Credit Group, in a statement. “The evolution of financial technology continues to open opportunities for innovation and the emergence of new industry participants. We look forward to seeing Nuula’s experienced team of technologists, data scientists and financial service veterans bring a new generation of small business financial services solutions to market.”

#articles, #atom-bank, #banking, #business, #canada, #ceo, #economy, #edison-partners, #enterprise, #entrepreneurship, #europe, #financial-services, #financial-technology, #fintech, #funding, #general-partner, #head, #honeywell, #innovation, #kabbage, #nuula, #paypal, #smb, #sme, #stripe, #united-kingdom, #united-states

Driven by live streams, consumer spending in social apps to hit $17.2B in 2025

The live streaming boom is driving a significant uptick in the creator economy, as a new forecast estimates consumers will spend $6.78 billion in social apps in 2021. That figure will grow to $17.2 billion annually by 2025, according to data from mobile data firm App Annie, which notes the upward trend represents a five-year compound annual growth rate (CAGR) of 29%. By that point, the lifetime total spend in social apps will reach $78 billion, the firm reports.

Image Credits: App Annie

Initially, much of the livestream economy was based on one-off purchases like sticker packs, but today, consumers are gifting content creators directly during their live streams. Some of these donations can be incredibly high, at times. Twitch streamer ExoticChaotic was gifted $75,000 during a live session on Fortnite, which was one of the largest ever donations on the game streaming social network. Meanwhile, App Annie notes another platform, Bigo Live, is enabling broadcasters to earn up to $24,000 per month through their live streams.

Apps that offer live streaming as a prominent feature are also those that are driving the majority of today’s social app spending, the report says. In the first half of this year, $3 out every $4 spend in the top 25 social apps came from apps that offered live streams, for example.

Image Credits: App Annie

During the first half of 2021, the U.S. become the top market for consumer spending inside social apps with 1.7x the spend of the next largest market, Japan, and representing 30% of the market by spend. China, Saudi Arabia, and South Korea followed to round out the top 5.

Image Credits: App Annie

While both creators and the platforms are financially benefitting from the live streaming economy, the platforms are benefitting in other ways beyond their commissions on in-app purchases. Live streams are helping to drive demand for these social apps and they help to boost other key engagement metrics, like time spent in app.

One top app that’s significantly gaining here is TikTok.

Last year, TikTok surpassed YouTube in the U.S. and the U.K. in terms of the average monthly time spent per user. It often continues to lead in the former market, and more decisively leads in the latter.

Image Credits: App Annie

Image Credits: App Annie

In other markets, like South Korea and Japan, TikTok is making strides, but YouTube still leads by a wide margin. (In South Korea, YouTube leads by 2.5x, in fact.)

Image Credits: App Annie

Beyond just TikTok, consumers spent 740 billion hours in social apps in the first half of the year, which is equal to 44% of the time spent on mobile globally. Time spent in these apps has continued to trend upwards over the years, with growth that’s up 30% in the first half of 2021 compared to the same period in 2018.

Today, the apps that enable live streaming are outpacing those that focus on chat, photo or video. This is why companies like Instagram are now announcing dramatic shifts in focus, like how they’re “no longer a photo sharing app.” They know they need to more fully shift to video or they will be left behind.

The total time spent in the top five social apps that have an emphasis on live streaming are now set to surpass half a trillion hours on Android phones alone this year, not including China. That’s a three-year CAGR of 25% versus just 15% for apps in the Chat and Photo & Video categories, App Annie noted.

Image Credits: App Annie

Thanks to growth in India, the Asia-Pacific region now accounts for 60% of the time spent in social apps. As India’s growth in this area increased over the past 3.5 years, it shrunk the gap between itself and China from 115% in 2018 to just 7% in the first half of this year.

Social app downloads are also continuing to grow, due to the growth in live streaming.

To date, consumers have downloaded social apps 74 billion times and that demand remains strong, with 4.7 billion downloads in the first half of 2021 alone — up 50% year-over-year. In the first half of the year, Asia was the largest region region for social app downloads, accounting for 60% of the market.

This is largely due to India, the top market by a factor of 5x, which surpassed the U.S. back in 2018. India is followed by the U.S., Indonesia, Brazil and China, in terms of downloads.

Image Credits: App Annie

The shift towards live streaming and video has also impacted what sort of apps consumers are interested in downloading, not just the number of downloads.

A chart that show the top global apps from 2012 to the present highlights Facebook’s slipping grip. While its apps (Facebook, Messenger, Instagram and Facebook) have dominated the top spots over the years in various positions, TikTok popped into the number one position last year, and continues to maintain that ranking in 2021.

Further down the chart, other apps that aid in video editing have also overtaken others that had been more focused on photos or chat.

Image Credits: App Annie

Video apps like YouTube (#1), TikTok (#2) Tencent Video (#4), Bigo Live (#5), Twitch (#6), and others also now rank at the top of the global charts by consumer spending in the first half of 2021.

But YouTube (#1) still dominates in time spent compared with TikTok (#5), and others from Facebook — the company holds the next three spots for Facebook, WhatsApp and Instagram, respectively.

This could explain why TikTok is now exploring the idea of allowing users to upload even longer videos, by increasing the limit from 3 minutes to 5, for instance.

In addition, because of live streaming’s ability to drive growth in terms of time spent, it’s also likely the reason why TikTok has been heavily investing in new features for its TikTok LIVE platform, including things like events, support for co-hosts, Q&As and more, and why it made the “LIVE” button a more prominent feature in its app and user experience.

App Annie’s report also digs into the impact live streaming has had on specific platforms, like Twitch and Bigo Live, the former which doubled its monthly active user base from the pre-pandemic era, and the latter which saw $314.2 million in consumer spend during H1 2021.

“The ability of social media users to communicate with each other using live video – or watch others’ live broadcasts – has not only maintained the growth of a social media app market, but contributed to its exponential growth in engagement metrics like time spent, that might otherwise have saturated some time ago,” wrote App Annie’s Head of Insights, Lexi Sydow, when announcing the new report.

The full report is available here.

#android, #app-annie, #apps, #asia, #asia-pacific, #bigo-live, #brazil, #china, #computing, #facebook, #head, #india, #indonesia, #instagram, #japan, #media, #messenger, #mobile, #mobile-applications, #mobile-software, #operating-systems, #saudi-arabia, #social, #social-media, #software, #south-korea, #tiktok, #twitch, #united-kingdom, #united-states, #video, #video-hosting, #youtube

TikTok’s new Creator Marketplace API lets influencer marketing companies tap into first-party data

TikTok is making it easier for brands and agencies to work with the influencers using its service. The company is rolling out a new “TikTok Creator Marketplace API,” which allows marketing companies to integrate more directly with TikTok’s Creator Marketplace, the video app’s in-house influencer marketing platform.

On the Creator Marketplace website, launched in late 2019, marketers have been able to discover top TikTok personalities for their brand campaigns, then create and manage those campaigns and track their performance.

The new API, meanwhile, allows partnered marketing companies to access TikTok’s first-party data about audience demographics, growth trends, best-performing videos, and real-time campaign reporting (e.g. views, likes, shares, comments, engagement, etc.) for the first time.

They can then bring this data back into their own platforms, to augment the insights they’re already providing to their own customer base.

TikTok is not officially announcing the API until later in September, but it is allowing its alpha partners to discuss their early work.

One such partner is Capitv8, which tested the API with a NRF top 50 retailer on one of their first TikTok campaigns. The retailer wanted to discover a diverse and inclusive group of TikTok creators to partner with on a new collaboration and wanted help with launching its own TikTok channel. Captiv8 says the branded content received nearly 10 million views, and the campaign resulted in a “significant increase” in several key metrics, which performed about the Nielsen average. This included familiarity (+4% above average), affinity (+6%), purchase intent (+7%) and recommendation intent (+9%).

Image Credits: TikTok Creator Marketplace website

Capitv8 is now working with TikTok’s API to pull in audience demographics, to centralize influencer offers and activations, and to provide tools to boost branded content and monitor campaign performance. On that last front, the API allows the company to pull in real-time metrics from the TikTok Creator Marketplace API — which means Capitv8 is now one of only a handful of third-party companies with access to TikTok first-party data.

Another early alpha partner is Influential, who shared it’s also leveraging the API to access first-party insights on audience demographics, growth trends, best-performing videos, and more, to help its customer base of Fortune 1000 brands to identify the right creators for both native and paid advertising campaigns.

One partner it worked with was DoorDash, who launched multiple campaigns on TikTok with Influential’s help. It’s also planning to work with McDonald’s USA on several new campaigns that will run this year, including those focused on the chain’s new Crispy Chicken Sandwich and the return of Spicy McNuggets.

Other early alpha partners include Whalar and INCA. The latter is currently only available in the U.K. and its integration stems from the larger TikTok global partnership with WPP, announced in February. That deal provided WPP agencies with early access to new advertising products marketing API integrations, and new AR offerings, among other things.

Creator marketplaces are now common to social media platforms with large influencer communities as this has become a standard way to advertise to online consumers, particular the younger generation. Facebook today offers its Brands Collabs Manager, for both Facebook and Instagram; YouTube has BrandConnect; while Snapchat recently announced a marketplace to connect brands with Lens creators. These type of in-house platforms make it easier for marketers to work with the wider influencer community by offering trusted data on metrics that matter to brands’ own ROI, rather than relying on self-reported data from influencers or on data they have to manually collect themselves. And as campaigns run, marketers can compare how well their partnered creators are able to drive results to inform their future collaborations.

TikTok isn’t making a formal announcement about its new API at this time, telling TechCrunch the technology is still in pilot testing phases for the time being.

“Creators are the lifeblood of our platform, and we’re constantly thinking of new ways to make it easy for them to connect and collaborate with brands. We’re thrilled to be integrating with an elite group of trusted partners to help brands discover and work with diverse creators who can share their message in an authentic way,” said Melissa Yang, TikTok’s Head of Ecosystem Partnerships, in a statement provided to select marketing company partners.

 

#advertising-tech, #alpha, #api, #apps, #articles, #bytedance, #developer, #doordash, #elite, #head, #partner, #software, #tiktok, #united-kingdom, #wpp

Affordable student passes available for TC Sessions: SaaS 2021

If you’re a current student or a recent grad with a burning passion for data, software and artificial intelligence, we want you to join us on October 27 for TC Sessions: SaaS 2021. The software-as-a-service sector keeps growing rapidly — both in size and sophistication, and it’s going to require a deep bench of thinkers, makers and technologists to create and wrangle a data-driven future.

We want to foster the next generation, and we’ve set aside discounted, budget-friendly passes especially for students. Register for your $35 student pass and get ready to meet, network with and learn from the global SaaS community’s most influential founders, makers and investors.

Your student pass provides full access to all the day’s events — main stage presentations, panel discussions, breakout sessions and networking with CrunchMatch. Video-on-demand takes care of any schedule conflicts — you don’t have to miss a single presentation.

A quick word about networking at TC Sessions: SaaS. Whether you’re hunting for internships, employment, mentorship, a co-founder or investors, you won’t find a better place or opportunity to meet the people who can help you launch your dreams.

Deal Sweetener: Your pass includes a free, one-month subscription to Extra Crunch, our members-only program featuring exclusive daily articles for founders and startup teams.

While we’re not quite ready to reveal the full agenda, we can share some of the speakers we have lined up. And (not-so-humble-brag) what a group it is so far.

We’re talking folks like investors Casey Aylward (Costanoa Ventures) and Sarah Guo (Greylock), Databricks’ Ali Ghodsi, Javier Soltero, Google’s head of Workspace, UiPath’s Daniel Dines, Puppet’s Abby Kearns and Monte Carlo co-founder, CEO and data junkie extraordinaire, Barr Moses.

Who would you love to hear from at TC Sessions: SaaS? The TechCrunch editorial team is accepting recommendations for speakers. Submit your recommendations here no later than 11:59 pm (PT) on September 29.

Register here for updates and keep your fingers on the pulse of this event as we announce new speakers, events and ticket discounts.

TC Sessions: SaaS 2021 takes place on October 27. Jump on this student discount, join the global SaaS community and take advantage of every opportunity.

Is your company interested in sponsoring or exhibiting at TC Sessions: SaaS 2021? Contact our sponsorship sales team by filling out this form.

#abby-kearns, #ali-ghodsi, #business-models, #casey-aylward, #co-founder, #computing, #costanoa-ventures, #daniel-dines, #databricks, #head, #javier-soltero, #monte-carlo, #olo, #saas, #sarah-guo, #software, #software-as-a-service, #tc, #tc-sessions-saas-2021, #uipath

Interview: Apple’s Head of Privacy details child abuse detection and Messages safety features

Last week, Apple announced a series of new features targeted at child safety on its devices. Though not live yet, the features will arrive later this year for users. Though the goals of these features are universally accepted to be good ones — the protection of minors and the limit of the spread of Child Sexual Abuse Material (CSAM), there have been some questions about the methods Apple is using.

I spoke to Erik Neuenschwander, Head of Privacy at Apple, about the new features launching for its devices. He shared detailed answers to many of the concerns that people have about the features and talked at length to some of the tactical and strategic issues that could come up once this system rolls out. 

I also asked about the rollout of the features, which come closely intertwined but are really completely separate systems that have similar goals. To be specific, Apple is announcing three different things here, some of which are being confused with one another in coverage and in the minds of the public. 

CSAM detection in iCloud Photos – A detection system called NeuralHash creates identifiers it can compare with IDs from the National Center for Missing and Exploited Children and other entities to detect known CSAM content in iCloud Photo libraries. Most cloud providers already scan user libraries for this information — Apple’s system is different in that it does the matching on device rather than in the cloud.

Communication Safety in Messages – A feature that a parent opts to turn on for a minor on their iCloud Family account. It will alert children when an image they are going to view has been detected to be explicit and it tells them that it will also alert the parent.

Interventions in Siri and search – A feature that will intervene when a user tries to search for CSAM-related terms through Siri and search and will inform the user of the intervention and offer resources.

For more on all of these features you can read our articles linked above or Apple’s new FAQ that it posted this weekend.

From personal experience, I know that there are people who don’t understand the difference between those first two systems, or assume that there will be some possibility that they may come under scrutiny for innocent pictures of their own children that may trigger some filter. It’s led to confusion in what is already a complex rollout of announcements. These two systems are completely separate, of course, with CSAM detection looking for precise matches with content that is already known to organizations to be abuse imagery. Communication Safety in Messages takes place entirely on the device and reports nothing externally — it’s just there to flag to a child that they are or could be about to be viewing explicit images. This feature is opt-in by the parent and transparent to both parent and child that it is enabled.

Apple’s Communication Safety in Messages feature. Image Credits: Apple

There have also been questions about the on-device hashing of photos to create identifiers that can be compared with the database. Though NeuralHash is a technology that can be used for other kinds of features like faster search in photos, it’s not currently used for anything else on iPhone aside from CSAM detection. When iCloud Photos is disabled, the feature stops working completely. This offers an opt-out for people but at an admittedly steep cost given the convenience and integration of iCloud Photos with Apple’s operating systems.

Though this interview won’t answer every possible question related to these new features, this is the most extensive on-the-record discussion by Apple’s senior privacy member. It seems clear from Apple’s willingness to provide access and its ongoing FAQ’s and press briefings (there have been at least 3 so far and likely many more to come) that it feels that it has a good solution here. 

Despite the concerns and resistance, it seems as if it is willing to take as much time as is necessary to convince everyone of that. 

This interview has been lightly edited for clarity.

TC: Most other cloud providers have been scanning for CSAM for some time now. Apple has not. Obviously there are no current regulations that say that you must seek it out on your servers, but there is some roiling regulation in the EU and other countries. Is that the impetus for this? Basically, why now?

Erik Neuenschwander: Why now comes down to the fact that we’ve now got the technology that can balance strong child safety and user privacy. This is an area we’ve been looking at for some time, including current state of the art techniques which mostly involves scanning through entire contents of users libraries on cloud services that — as you point out — isn’t something that we’ve ever done; to look through user’s iCloud Photos. This system doesn’t change that either, it neither looks through data on the device, nor does it look through all photos in iCloud Photos. Instead what it does is gives us a new ability to identify accounts which are starting collections of known CSAM.

So the development of this new CSAM detection technology is the watershed that makes now the time to launch this. And Apple feels that it can do it in a way that it feels comfortable with and that is ‘good’ for your users?

That’s exactly right. We have two co-equal goals here. One is to improve child safety on the platform and the second is to preserve user privacy, And what we’ve been able to do across all three of the features, is bring together technologies that let us deliver on both of those goals.

Announcing the Communications safety in Messages features and the CSAM detection in iCloud Photos system at the same time seems to have created confusion about their capabilities and goals. Was it a good idea to announce them concurrently? And why were they announced concurrently, if they are separate systems?

Well, while they are [two] systems they are also of a piece along with our increased interventions that will be coming in Siri and search. As important as it is to identify collections of known CSAM where they are stored in Apple’s iCloud Photos service, It’s also important to try to get upstream of that already horrible situation. So CSAM detection means that there’s already known CSAM that has been through the reporting process, and is being shared widely re-victimizing children on top of the abuse that had to happen to create that material in the first place. for the creator of that material in the first place. And so to do that, I think is an important step, but it is also important to do things to intervene earlier on when people are beginning to enter into this problematic and harmful area, or if there are already abusers trying to groom or to bring children into situations where abuse can take place, and Communication Safety in Messages and our interventions in Siri and search actually strike at those parts of the process. So we’re really trying to disrupt the cycles that lead to CSAM that then ultimately might get detected by our system.

The process of Apple’s CSAM detection in iCloud Photos system. Image Credits: Apple

Governments and agencies worldwide are constantly pressuring all large organizations that have any sort of end-to-end or even partial encryption enabled for their users. They often lean on CSAM and possible terrorism activities as rationale to argue for backdoors or encryption defeat measures. Is launching the feature and this capability with on-device hash matching an effort to stave off those requests and say, look, we can provide you with the information that you require to track down and prevent CSAM activity — but without compromising a user’s privacy?

So, first, you talked about the device matching so I just want to underscore that the system as designed doesn’t reveal — in the way that people might traditionally think of a match — the result of the match to the device or, even if you consider the vouchers that the device creates, to Apple. Apple is unable to process individual vouchers; instead, all the properties of our system mean that it’s only once an account has accumulated a collection of vouchers associated with illegal, known CSAM images that we are able to learn anything about the user’s account. 

Now, why to do it is because, as you said, this is something that will provide that detection capability while preserving user privacy. We’re motivated by the need to do more for child safety across the digital ecosystem, and all three of our features, I think, take very positive steps in that direction. At the same time we’re going to leave privacy undisturbed for everyone not engaged in the illegal activity.

Does this, creating a framework to allow scanning and matching of on-device content, create a framework for outside law enforcement to counter with, ‘we can give you a list, we don’t want to look at all of the user’s data but we can give you a list of content that we’d like you to match’. And if you can match it with this content you can match it with other content we want to search for. How does it not undermine Apple’s current position of ‘hey, we can’t decrypt the user’s device, it’s encrypted, we don’t hold the key?’

It doesn’t change that one iota. The device is still encrypted, we still don’t hold the key, and the system is designed to function on on-device data. What we’ve designed has a device side component — and it has the device side component by the way, for privacy improvements. The alternative of just processing by going through and trying to evaluate users data on a server is actually more amenable to changes [without user knowledge], and less protective of user privacy.

Our system involves both an on-device component where the voucher is created, but nothing is learned, and a server-side component, which is where that voucher is sent along with data coming to Apple service and processed across the account to learn if there are collections of illegal CSAM. That means that it is a service feature. I understand that it’s a complex attribute that a feature of the service has a portion where the voucher is generated on the device, but again, nothing’s learned about the content on the device. The voucher generation is actually exactly what enables us not to have to begin processing all users’ content on our servers which we’ve never done for iCloud Photos. It’s those sorts of systems that I think are more troubling when it comes to the privacy properties — or how they could be changed without any user insight or knowledge to do things other than what they were designed to do.

One of the bigger queries about this system is that Apple has said that it will just refuse action if it is asked by a government or other agency to compromise by adding things that are not CSAM to the database to check for them on-device. There are some examples where Apple has had to comply with local law at the highest levels if it wants to operate there, China being an example. So how do we trust that Apple is going to hew to this rejection of interference If pressured or asked by a government to compromise the system?

Well first, that is launching only for US, iCloud accounts, and so the hypotheticals seem to bring up generic countries or other countries that aren’t the US when they speak in that way, and the therefore it seems to be the case that people agree US law doesn’t offer these kinds of capabilities to our government. 

But even in the case where we’re talking about some attempt to change the system, it has a number of protections built in that make it not very useful for trying to identify individuals holding specifically objectionable images. The hash list is built into the operating system, we have one global operating system and don’t have the ability to target updates to individual users and so hash lists will be shared by all users when the system is enabled. And secondly, the system requires the threshold of images to be exceeded so trying to seek out even a single image from a person’s device or set of people’s devices won’t work because the system simply does not provide any knowledge to Apple for single photos stored in our service. And then, thirdly, the system has built into it a stage of manual review where, if an account is flagged with a collection of illegal CSAM material, an Apple team will review that to make sure that it is a correct match of illegal CSAM material prior to making any referral to any external entity. And so the hypothetical requires jumping over a lot of hoops, including having Apple change its internal process to refer material that is not illegal, like known CSAM and that we don’t believe that there’s a basis on which people will be able to make that request in the US. And the last point that I would just add is that it does still preserve user choice, if a user does not like this kind of functionality, they can choose not to use iCloud Photos and if iCloud Photos is not enabled no part of the system is functional.

So if iCloud Photos is disabled, the system does not work, which is the public language in the FAQ. I just wanted to ask specifically, when you disable iCloud Photos, does this system continue to create hashes of your photos on device, or is it completely inactive at that point?

If users are not using iCloud Photos, NeuralHash will not run and will not generate any vouchers. CSAM detection is a neural hash being compared against a database of the known CSAM hashes that are part of the operating system image. None of that piece, nor any of the additional parts including the creation of the safety vouchers or the uploading of vouchers to iCloud Photos is functioning if you’re not using iCloud Photos. 

In recent years, Apple has often leaned into the fact that on-device processing preserves user privacy. And in nearly every previous case and I can think of that’s true. Scanning photos to identify their content and allow me to search them, for instance. I’d rather that be done locally and never sent to a server. However, in this case, it seems like there may actually be a sort of anti-effect in that you’re scanning locally, but for external use cases, rather than scanning for personal use — creating a ‘less trust’ scenario in the minds of some users. Add to this that every other cloud provider scans it on their servers and the question becomes why should this implementation being different from most others engender more trust in the user rather than less?

I think we’re raising the bar, compared to the industry standard way to do this. Any sort of server side algorithm that’s processing all users photos is putting that data at more risk of disclosure and is, by definition, less transparent in terms of what it’s doing on top of the user’s library. So, by building this into our operating system, we gain the same properties that the integrity of the operating system provides already across so many other features, the one global operating system that’s the same for all users who download it and install it, and so it in one property is much more challenging, even how it would be targeted to an individual user. On the server side that’s actually quite easy — trivial. To be able to have some of the properties and building it into the device and ensuring it’s the same for all users with the features enable give a strong privacy property. 

Secondly, you point out how use of on device technology is privacy preserving, and in this case, that’s a representation that I would make to you, again. That it’s really the alternative to where users’ libraries have to be processed on a server that is less private.

The things that we can say with this system is that it leaves privacy completely undisturbed for every other user who’s not into this illegal behavior, Apple gain no additional knowledge about any users cloud library. No user’s iCloud Library has to be processed as a result of this feature. Instead what we’re able to do is to create these cryptographic safety vouchers. They have mathematical properties that say, Apple will only be able to decrypt the contents or learn anything about the images and users specifically that collect photos that match illegal, known CSAM hashes, and that’s just not something anyone can say about a cloud processing scanning service, where every single image has to be processed in a clear decrypted form and run by routine to determine who knows what? At that point it’s very easy to determine anything you want [about a user’s images] versus our system only what is determined to be those images that match a set of known CSAM hashes that came directly from NCMEC and and other child safety organizations. 

Can this CSAM detection feature stay holistic when the device is physically compromised? Sometimes cryptography gets bypassed locally, somebody has the device in hand — are there any additional layers there?

I think it’s important to underscore how very challenging and expensive and rare this is. It’s not a practical concern for most users though it’s one we take very seriously, because the protection of data on the device is paramount for us. And so if we engage in the hypothetical where we say that there has been an attack on someone’s device: that is such a powerful attack that there are many things that that attacker could attempt to do to that user. There’s a lot of a user’s data that they could potentially get access to. And the idea that the most valuable thing that an attacker — who’s undergone such an extremely difficult action as breaching someone’s device — was that they would want to trigger a manual review of an account doesn’t make much sense. 

Because, let’s remember, even if the threshold is met, and we have some vouchers that are decrypted by Apple. The next stage is a manual review to determine if that account should be referred to NCMEC or not, and that is something that we want to only occur in cases where it’s a legitimate high value report. We’ve designed the system in that way, but if we consider the attack scenario you brought up, I think that’s not a very compelling outcome to an attacker.

Why is there a threshold of images for reporting, isn’t one piece of CSAM content too many?

We want to ensure that the reports that we make to NCMEC are high value and actionable, and one of the notions of all systems is that there’s some uncertainty built in to whether or not that image matched, And so the threshold allows us to reach that point where we expect a false reporting rate for review of one in 1 trillion accounts per year. So, working against the idea that we do not have any interest in looking through users’ photo libraries outside those that are holding collections of known CSAM the threshold allows us to have high confidence that those accounts that we review are ones that when we refer to NCMEC, law enforcement will be able to take up and effectively investigate, prosecute and convict.

#apple, #apple-inc, #apple-photos, #china, #cloud-applications, #cloud-computing, #cloud-services, #computing, #cryptography, #encryption, #european-union, #head, #icloud, #ios, #iphone, #law-enforcement, #operating-system, #operating-systems, #privacy, #private, #siri, #software, #united-states, #webmail

Privacy-oriented search app Xayn raises $12M from Japanese backers to go into devices

Back in December 2020 we covered the launch of a new kind of smartphone app-based search engine, Xayn.

“A search engine?!” I hear you say? Well, yes, because despite the convenience of modern search engines’ ability to tailor their search results to the individual, this user-tracking comes at the expense of privacy. This mass surveillance might be what improves Google’s search engine and Facebook’s ad targeting, to name just two examples, but it’s not very good for our privacy.

Internet users are admittedly able to switch to the US-based DuckDuckGo, or perhaps France’s Qwant, but what they gain in privacy, they often lose in user experience and the relevance of search results, through this lack of tailoring.

What Berlin-based Xayn has come up with is personalized, but a privacy-safe web search on smartphones, which replaces the cloud-based AI employed by Google et al with the innate AI in-built into modern smartphones. The result is that no data about you is uploaded to Xayn’s servers.

And this approach is not just for ‘privacy freaks’. Businesses that need search but don’t need Google’s dominant market position are increasingly attracted by this model.

And the evidence comes today with the new that Xayn has now raised almost $12 million in Series A funding led by the Japanese investors Global Brain and KDDI (a Japanese telecommunications operator), with participation from previous backers, including the Earlybird VC in Berlin. Xayn’s total financing now comes to more than $23 million to date.

It would appear that Xayn’s fusion of a search engine, a discovery feed, and a mobile browser has appealed to these Asian market players, particularly because Xayn can be built into OEM devices.

The result of the investment is that Xayn will now also focus on the Asian market, starting with Japan, as well as Europe.

Leif-Nissen Lundbæk, Co-Founder and CEO of Xayn said: “We proved with Xayn that you can have it all: great results through personalization, privacy by design through advanced technology, and a convenient user experience through clean design.”

He added: “In an industry in which selling data and delivering ads en masse are the norm, we choose to lead with privacy instead and put user satisfaction front and center.”

The funding comes as legislation such as the EU’s GDPR or California’s CCPA have both raised public awareness about personal data online.

Since its launch, Xayn says its app has been downloaded around 215,000 times worldwide, and a web version of its app is expected soon.

Over a call, Lundbæk expanded on the KDDI aspect of the fund-raising: “The partnership with KDDI means we will give users access to Xayn for free, while the corporate – such as KDDI – is the actual customer but gives our search engine away for free.”

The core features of Xayn include personalized search results; a personalized feed of the entire Internet which learns from their Tinder-like swipes, without collecting or sharing personal data;
an ad-free experience.  

Naoki Kamimeada, Partner at Global Brain Corporation said: “The market for private online search is growing, but Xayn is head and shoulders above everyone else because of the way they’re re-thinking how finding information online should be.”

Kazuhiko Chuman, Head of KDDI Open Innovation Fund, said: “This European discovery engine uniquely combines efficient AI with a privacy-protecting focus and a smooth user experience. At KDDI, we’re constantly on the lookout for companies that can shape the future with their expertise and technology. That’s why it was a perfect match for us.”

In addition to the three co-founders Leif-Nissen Lundbæk (Chief Executive Officer), Professor Michael Huth (Chief Research Officer), and Felix Hahmann (Chief Operations Officer), Dr Daniel von Heyl will come on board as Chief Financial Officer, Frank Pepermans will take on the role of Chief Technology Officer, and Michael Briggs will join as Chief Growth Officer.

#artificial-intelligence, #berlin, #california, #chief-executive-officer, #chief-financial-officer, #chief-technology-officer, #computing, #duckduckgo, #europe, #european-union, #facebook, #france, #global-brain-corporation, #google, #head, #japan, #kddi, #online-search, #partner, #privacy, #qwant, #search-engine, #search-engines, #search-results, #smartphone, #smartphones, #tc, #terms-of-service, #websites, #world-wide-web, #xayn

Hyper is a new fund that offers $300k checks and promise of a media slingshot for founders 

Hyper is a $60M early-stage fund co-founded by Josh Buckley, Product Hunt’s CEO along with writer, founder and designer Dustin Curtis. Two ex-Sequoia operators are part of the team at launch as well. Malika Cantor as Partner and GM and Ashton Brown as Head of Program. The fund launches today and is self-described as ‘inspired by the Product Hunt community’. 

The team will be writing $300k checks for 5% of very early companies in any arena that seems promising to the partnership in a fixed deal structure that mirrors Y-Combinator. 

The fund will exist as a ‘sister company’ to Product Hunt (though it’s going to technically own it). Product Hunt, however, is the first of what the team says will be many companies it will own, create and operate in order to provide ‘direct value’ to its portfolio companies. 

I had a chat with Buckley, Curtis and Cantor about the new fund and company and the way that they hoped to differentiate Hyper in a world of aggressively service-oriented venture firms. 

The short version is: distribution. It’s hard to argue with the overall assumption that the Hyper team is working under — capital is majorly commoditized. Frankly, sometimes that’s all you want from an investor whose value add is more of a thorn in your side than anything. But, especially at the early stage there are a few funds and firms that offer a strong value outside of writing checks in the form of, say, hiring, sales introductions or board members that have relevant operational experience. 

Where Hyper differs, says Buckley, is that they see distribution as the biggest value add for a nascent startup at the stages where the firm hopes to invest. Product Hunt is one opportunity that he points to as an example. It’s an established launch pad to an audience of extreme early adopters that can provide a seed of a real user base — Hyper itself is launching via a post on the platform. 

I’ll let the Hyper team’s words spell out what they say is its thesis:

Hyper believes that every company (B2B or B2C) needs access to distribution channels to find customers, users, and talented employees to join their teams. Hyper works with early-stage companies at three key junctures in a startup’s journey:

  • Initial customer acquisition and validation (often at the pre-Seed stage)
  • First product/company launch and hiring (often at the Seed stage)
  • Scaling customer acquisition and fundraising (before the Series A)

Founders who go through the program will remain a part of the tight-knit Hyper founder community long past their Series A.

Over the past few months, Buckley says that Product Hunt has grown headcount by around 50% in part to boost its ability to act as an enhanced distribution channel. 

A short list of some of the people involved as advisors, mentors or investors themselves includes Alexis & Serena Williams, Alfred Lin of Sequoia, Garry Tan of Initialized, Harry Stebbings, Jeffrey Katzenberg, Naval Ravikant, Owen van Natta, Ryan Hoover, Ryan Tedder of OneRepublic and Sriram Krishnan of a16z. 

It’s a pretty eclectic group, but if you squint you can see the shape of the ambitions that Hyper has reflected in the parties involved. A mix of media, venture and product figures is probably the right way to go if you want to back yourself into a media empire funded by venture capital returns. 

They’ll be building additional media products as well, especially ones that focus on areas of hyper growth and high interest in order to both generate deal flow and to feature companies in the portfolio. Interestingly, unlike many marketing-operations-disguised-as-journalistic-enterprises, Curtis says that they want these to be real, functioning media companies and that startups funded by Hyper will be presented on those sites and platforms in clearly defined sections that make it clear that they are part of the program. 

As an example, the team is careful to state that Product Hunt will remain a ‘neutral platform’ for launching products and that Hyper companies will get clearly marked slots on the site. 

Surrounding those placements will be content that is produced by editorial media arms independent of the fund (though, in the end, funded by the profits of the fund). They’re not quite up to giving specifics about how they’re going to power these media properties initially but the funds management fees as well as most of its profits from carry will go towards cultivating the distro side. The other part of the ‘most’ will, one assumes, go to the individual investors. Curtis says that there could be other ways to obtain capital to speed up this process that is allowed by the unique structure of Hyper like debt or equity financing. 

Hyper itself is trying to establish two lines of business. A portfolio of wholly owned companies like Product Hunt (which still counts AngelList as a majority investor and Ravikant on its board) and other new media brands. And the other component which includes the portfolio of Hyper funds (plural theirs) and a founder program that includes mentorship, twice-a-year-events, and other future efforts — eventually. 

The mentorship component that Hyper hopes to add for founders in the fund is an 8-week founder program that includes individuals from “partners” like Andreeessen Horowitz, AngelList, Sequoia Capital, the Twenty Minute VC Podcast and Product Hunt helping founders to solve ‘key challenges’. Some of the participants are investors in Hyper, though none of the funds participated themselves The group includes some close to home figures as well, in Product Hunt GM Ashley Higgins and founder Ryan Hoover.

The program will also offer office hours with experts, an exclusive Product Hunt launch event and a Public Hyper Demo Day and Investor Demo Day to participate in within a year of being in the program.

The Hyper concept sounds fresh in combination, if not in components. An enormous amount of ink has been spilled, for instance, on the spinning up of the VC media apparatus as a bullhorn for a tech-optimism POV. But most of that content is understood to be talking the firm’s book and not intended to be seen as journalism. Though the media publications that Hyper is planning on forming have yet to be realized, there is enough of a differentiating spark here that could make it a unique play that attempts to straddle the worlds of editorial and venture. 

I have thoughts about the way that venture and media interact, as you might imagine given what I do and waves hands at the masthead where we are having this little chat. Combining a media and investing apparatus is not a new concept — as TechCrunch readers will know. But it’s not without its complexities. Enthusiast media that works does so for a couple of major reasons, in my opinion:

  • Genuine obsession with the subject matter. The writers, editors and even business people involved must have a crazy thirst to understand and contextualize the subjects that they write about. There can be no in-between here, as they are speaking every day to an audience that is just as obsessed with it as they are and can detect any level of commitment to it that is less than 100%. 
  • A patina of either trust or candor built over time. You can go into it with some bona-fides that you buy with a big name hire or series of them, and the reputations that they’ve built elsewhere. But if you’re full of shit, you’re going to lose — no matter how well positioned and funded you are. You may ‘win’ long term by turning what you’re doing into something else, a broad interest publication in niche clothing, for instance. But you won’t win at the enthusiast level.
  • An intense, punishing commitment to momentum. The further you delve into any niche, the more knowledgeable your audience will be. This means that you must produce uniquely insightful, crisp, well-researched content every day and you must do it with a level of granularity that surpasses anyone else in your niche. Your audience lives and breathes this stuff so if you’re telling them things they’ve already read on 3 message boards, in private texts or in their work slack then you’ve lost. You’ve got to get subcutaneous and not just superficially so. 

And when you add in a layer of complexity that is proudly announcing your vested interests in the success of particular companies, it just ups the level of difficulty massively. I don’t think that it’s at all impossible to run a fund that feeds a media arm, but it’s definitely a ‘doing a really hard thing while also on fire’ kind of operation.

Which doesn’t mean that Hyper can’t pull it off. Product Hunt is the model for what they’re trying to do, creating close-to-the-ground media that attracts as many operators and investors as it does early adopters. Duplicating that in a variety of publications and events, however, is not easy at all. 

I will say that a bet on distribution as value add is still one of the better stabs that I’ve seen lately. The capital is, as Buckley told me, readily and generically available. And having your calling card be “we can help the first 10, 20 or 30 thousand people know that you even exist” isn’t a bad situation at all. It works.

This is, after all, what we do at TechCrunch, we just don’t take a cut. 

The announcement today is the Hyper the fund, and the fact that they’re opening applications to a small cohort of 25 companies. The applications are planned to open for roughly 4 weeks every quarter and the deadline for this tranche is August 10th, 2021 at midnight PT. The second cohort will open in November 2021. 

The fund is taking applicants worldwide though notes that some countries present legal complexities for investment. 

#advisors, #alfred-lin, #angellist, #ceo, #corporate-finance, #dustin-curtis, #entrepreneurship, #finance, #garry-tan, #harry-stebbings, #head, #horowitz, #hyper, #jeffrey-katzenberg, #josh-buckley, #media, #money, #naval-ravikant, #owen-van-natta, #product-hunt, #ryan-hoover, #sequoia-capital, #sriram-krishnan, #tc, #venture-capital

GSA blocks senator from reviewing documents used to approve Zoom for government use

The General Services Administration has denied a senator’s request to review documents Zoom submitted to have its software approved for use in the federal government.

The denial was in response to a letter sent by Democratic senator Ron Wyden to the GSA in May, expressing concern that the agency cleared Zoom for use by federal agencies just weeks before a major security vulnerability was discovered in the app.

Wyden said the discovery of the bug raises “serious questions about the quality of FedRAMP’s audits.”

Zoom was approved to operate in government in April 2019 after receiving its FedRAMP authorization, a program operated by the GSA that ensures cloud services comply with a standardized set of security requirements designed to toughen the service from some of the most common threats. Without this authorization, federal agencies cannot use cloud products or technologies that are not cleared.

Months later, Zoom was forced to patch its Mac app after a security researcher found a flaw that could be abused to remotely switch on a user’s webcam without their permission. Apple was forced to intervene since users were still affected by the vulnerabilities even after uninstalling Zoom. As the pandemic spread and lockdowns were enforced, Zoom’s popularity skyrocketed — as did the scrutiny — including a technical analysis by reporters that found Zoom was not truly end-to-end encrypted as the company long claimed.

Wyden wrote to the GSA to say he found it “extremely concerning” that the security bugs were discovered after Zoom’s clearance. In the letter, the senator requested the documents known as the “security package,” which Zoom submitted as part of the FedRAMP authorization process, to understand how and why the app was cleared by GSA.

The GSA declined Wyden’s first request in July 2020 on the grounds that he was not a committee chair. In the new Biden administration, Wyden was named chair of the Senate Finance Committee and requested Zoom’s security package again.

But in a new letter sent to Wyden’s office late last month, GSA declined the request for the second time, citing security concerns.

“GSA’s refusal to share the Zoom audit with Congress calls into question the security of the other software products that GSA has approved for federal use.” Sen. Ron Wyden (D-OR)

“The security package you have requested contains highly sensitive proprietary and other confidential information relating to the security associated with the Zoom for Government product. Safeguarding this information is critical to maintaining the integrity of the offering and any government data it hosts,” said the GSA letter. “Based on our review, GSA believes that disclosure of the Zoom security package would create significant security risks.”

In response to the GSA’s letter, Wyden told TechCrunch that he was concerned that other flawed software may have been approved for use across the government.

“The intent of GSA’s FedRAMP program is good — to eliminate red tape so that multiple federal agencies don’t have to review the security of the same software. But it’s vitally important that whichever agency conducts the review do so thoroughly,” said Wyden. “I’m concerned that the government’s audit of Zoom missed serious cybersecurity flaws that were subsequently uncovered and exposed by security researchers. GSA’s refusal to share the Zoom audit with Congress calls into question the security of the other software products that GSA has approved for federal use.”

Of the people we spoke with who have first-hand knowledge of the FedRAMP process, either as a government employee or as a company going through the certification, FedRAMP was described as a comprehensive but by no means an exhaustive list of checks that companies have to meet in order to meet the security requirements of the federal government.

Others said that the process had its limits and would benefit from reform. One person with knowledge of how FedRAMP works said the process was not a complete audit of a product’s source code but akin to a checklist of best practices and meeting compliance requirements. Much of it relies on trusting the vendor, said the person, describing it like ” an honor system.” Another person said the FedRAMP process cannot catch every bug, as evidenced by executive action taken by President Biden this week aimed at modernizing and improving the FedRAMP process.

Most of the people we spoke to weren’t surprised that Wyden’s office was denied the request, citing the sensitivity of a company’s FedRAMP security package.

The people said that companies going through the certification process have to provide highly technical details about the security of their product, which if exposed would almost certainly be damaging to the company. Knowing where security weaknesses might be could tip off cyber-criminals, one of the people said. Companies often spend millions on improving their security ahead of a FedRAMP audit but companies wouldn’t risk going through the certification if they thought their trade secrets would get leaked, they added.

When asked by GSA why it objected to Wyden’s request, Zoom’s head of U.S. government relations Lauren Belive argued that handing over the security package “would set a dangerous precedent that would undermine the special trust and confidence” that companies place in the FedRAMP process.

GSA puts strict controls on who can access a FedRAMP security package. You need a federal government or military email address, which the senator’s office has. But the reason for GSA denying Wyden’s request still isn’t clear, and when reached a GSA spokesperson would not explain how a member of Congress would obtain a company’s FedRAMP security package

“GSA values its relationship with Congress and will continue to work with Senator Wyden and our committees of jurisdiction to provide appropriate information regarding our programs and operations,” said GSA spokesperson Christina Wilkes, adding:

“GSA works closely with private sector partners to provide a standardized approach to security authorizations for cloud services through the [FedRAMP]. Zoom’s FedRAMP security package and related documents provide detailed information regarding the security measures associated with the Zoom for Government product. GSA’s consistent practice with regard to sensitive security and trade secret information is to withhold the material absent an official written request of a congressional committee with jurisdiction, and pursuant to controls on further dissemination or publication of the information.”

GSA wouldn’t say which congressional committee had jurisdiction or whether Wyden’s role as chair of the Senate Finance Committee suffices, nor would the agency answer questions about the efficacy of the FedRAMP process raised by Wyden.

Zoom spokesperson Kelsey Knight said that cloud companies like Zoom “provide proprietary and confidential information to GSA as part of the FedRAMP authorization process with the understanding that it will be used only for their use in making authorization decisions. While we do not believe Zoom’s FedRAMP security package should be disclosed outside of this narrow purpose, we welcome conversations with lawmakers and other stakeholders about the security of Zoom for Government.”

Zoom said it has “engaged in security enhancements to continually improve its products,” and received FedRAMP reauthorization in 2020 and 2021 as part of its annual renewal. The company declined to say to what extent the Zoom app was audited as part of the FedRAMP process.

Over two dozen federal agencies use Zoom, including the Defense Department, Homeland Security, U.S. Customs and Border Protection, and the Executive Office of the President.

#apps, #biden, #biden-administration, #chair, #cloud-computing, #cloud-services, #computing, #congress, #department-of-defense, #executive, #federal-government, #fedramp, #government, #head, #internet, #internet-security, #official, #president, #ron-wyden, #security, #senator, #software, #spokesperson, #technology, #u-s-government, #united-states, #web-conferencing, #zoom

Clop ransomware gang doxes two new victims days after police raids

The notorious Clop ransomware operation appears to be back in business, just days after Ukrainian police arrested six alleged members of the gang.

Last week, a law enforcement operation conducted by the National Police of Ukraine along with officials from South Korea and the U.S. saw the arrest of multiple suspects believed to be linked to the Clop ransomware gang. It’s believed to be the first time a national law enforcement group carried out mass arrests involving a ransomware group.

The Ukrainian police also claimed at the time to have successfully shut down the server infrastructure used by the gang. But it doesn’t seem the operation was completely successful.

While the Clop operation fell silent following the arrests, the gang has this week published a fresh batch of confidential data which it claims to have stolen from two new victims — a farm equipment retailer and an architects office — on its dark web site, seen by TechCrunch.

If true — and neither of the alleged victims responded to TechCrunch’s request for comment — this would suggest that the ransomware gang remains active, despite last week’s first-of-its-kind law enforcement sting. This is likely because the suspects cuffed included only those who played a lesser role in the Clop operation. Cybersecurity firm Intel 471 said it believes that last week’s arrests targeted the money laundering portion of the operation, with core members of the gang not apprehended.

“We do not believe that any core actors behind Clop were apprehended,” the security company said. “The overall impact to Clop is expected to be minor although this law enforcement attention may result in the Clop brand getting abandoned as we’ve recently seen with other ransomware groups like DarkSide and Babuk.”

Clop appears to still be in business, but it remains to be seen how long the group will remain operational. Not only have law enforcement operations dealt numerous blows to ransomware groups this year, such as U.S. investigators’ recent recovery of millions in cryptocurrency they claim was paid in ransom to the Colonial Pipeline hackers, but Russia has this week confirmed it will begin to work with the U.S. to locate cybercriminals.

Russia has until now taken a hands-off approach when it comes to dealing with hackers. Reuters reported Wednesday that the head of the country’s Federal Security Service (FSB) Alexander Bortnikov was quoted as saying it will co-operate with U.S. authorities on future cybersecurity operations.

Intel 471 previously said that it does not believe the key members of Clop were arrested in last week’s operation because “they are probably living in Russia,” which has long provided safe harbor to cybercriminals by refusing to take action.

The Clop ransomware gang was first spotted in early 2019, and the group has since been linked to a number of high-profile attacks. These include the breach of U.S. pharmaceutical giant ExecuPharm in April 2020 and the recent data breach at Accellion, which saw hackers exploit flaws in the IT provider’s software to steal data from dozens of its customers including the University of Colorado and cloud security vendor Qualys.

#accellion, #chief, #colorado, #computer-security, #crime, #cyberattack, #cybercrime, #head, #intel, #law-enforcement, #moscow, #qualys, #ransomware, #russia, #security, #security-breaches, #south-korea, #united-states

TikTok launches Jump, a third-party integration tool

TikTok announced today the launch of its Jump program, which expands the app’s potential for third-party integrations. TikTok began beta-testing this feature in February with Whisk, a recipe-sharing app, though only select creators could use the feature. Now, Jump will start rolling out to all users with an expanded slate of partners.

Jumps can only be built by third-party providers after being approved through an application process. Platforms like BreathwrkWikipediaQuizletStatMuse, and Tabelog participated in the beta test, and now, TikTok says providers like BuzzFeedJumpropeIRL, and WATCHA will begin implementing their own Jumps in the coming weeks. So, an educational creator could link to Quizlet flashcards to review a concept they explained in a TikTok, or a yoga instructor could share breathing exercises on Breathwrk. For a platform that doesn’t even let all users include a link in their bio yet, this expands the existing tools creators have to engage their audience.

Image Credits: TikTok

TikTok is positioning Jump as a feature that propels discovery. Sean Kim, Head of Product, TikTok US writes, “TikTok has become a destination both to be entertained and to learn; through TikTok Jump, we’re creating that ‘last mile’ of our community’s discovery journey and helping to spark action and deeper interaction both on and off the platform.”

Jump seems similar to competitor Snapchat’s Minis feature, which are lightweight, simplified versions of apps that live in the Chat section of the app. Both Minis and Jump integrations can be built using HTML5. WeChat facilitates over $250 billion dollars in annual transactions through its own mini apps – there were over a million mini apps on WeChat as of 2018.

While Instagram has been ramping up its e-commerce features on Reels, its TikTok competitor, it’s possible that Jump could later be used to sell items featured in a video. In December, Walmart piloted video shopping on TikTok, which performed well enough that they did it again in March. But for now, it seems like Jump is being used to improve user experience and deepen the platform’s relationships with third-party partners.

#apps, #buzzfeed, #bytedance, #computing, #head, #jumprope, #quizlet, #reels, #software, #tiktok, #video-hosting, #walmart

RSA spins off fraud and risk intelligence unit as Outseer

RSA Security has spun out its fraud and risk intelligence business into a standalone company called Outseer that will double down on payment security tools amid an “unprecedented” rise in fraudulent transactions.

Led by CEO Reed Taussig, who was appointed head of RSA’s Anti-Fraud Business Unit last year after previously serving as CEO of ThreatMetrix, the new company will focus solely on fraud detection and management and payments authentication services.

Outseer will continue to operate under the RSA umbrella and will inherit three core services, which are already used by more than 6,000 financial institutions, from the company: Outseer Fraud Manager (formerly RSA Adaptive Authentication), a risk-based account monitoring service; 3-D Secure (formerly Adaptive Authentication for eCommerce), a card-not-present and digital payment authentication mapping service; and FraudAction, which detects and takes down phishing sites, dodgy apps and fraudulent social media pages.

Outseer says its product portfolio is supported by deep investments in data and science, including a global network of verified fraud and transaction data, and a risk engine that the company claims delivers 95% fraud detection rates.

Commenting on the spinout, Taussig said: “Outseer is the culmination of decades of science-driven innovation in anti-fraud and payments authentication solutions. As the digital economy continues to deepen, the Outseer mission to liberate the world from transactional fraud is essential. Our role as a revenue enabler for the global economy will only strengthen as every digital business continues to scale.”

RSA, meanwhile, will continue to focus on integrated risk management and security products, including Archer for risk management, NetWitness for threat detection and response, and SecureID for identity and access management (IAM) capabilities.

The spinout comes less than a year after private equity firm Symphony Technology Group (STG), which recently bought FireEye’s product business for $1.2 billion, acquired RSA Security from Dell Technologies for more than $2 billion. Dell had previously acquired RSA as part of its purchase of EMC in 2016.

It also comes amid a huge rise in online fraud fueled by the COVID-19 pandemic. The Federal Trade Commission said in March that more than 217,000 Americans had filed a coronavirus-related fraud report since January 2020, with losses to COVID-linked fraud totaling $382 million. Similarly, the Consumer Financial Protection Bureau fielded 542,300 fraud complaints in 2020, a 54% increase over 2019.

RSA said that with the COVID-19 pandemic having fueled “unprecedented” growth in fraudulent transactions, Outseer will focus its innovation on payments authentication, mapping to the EMV 3-D Secure 2.x payment standard, and incorporating new technology integrations across the payments and commerce ecosystem. 

“Outseer’s reason for being isn’t just focused on eliminating payments and account fraud,” Taussig added. “These fraudulent transactions are often the pretext for more sinister drug and human trafficking, terrorism, and other nefarious behavior. Outseer has the ability to help make the world a safer place.”

Valuation information for Outseer was not disclosed, nor were headcount figures mentioned in the spinout announcement. Outseer didn’t immediately respond to TechCrunch’s request for more information. 

#3-d, #access-management, #articles, #ceo, #consumer-financial-protection-bureau, #crime, #deception, #e-commerce, #emc, #emv, #federal-trade-commission, #fireeye, #fraud, #head, #identity-theft, #online-fraud, #payments, #phishing, #risk-management, #rsa-security, #security, #symphony-technology-group, #threatmetrix

5 Reasons you need to attend TC Sessions: Mobility 2021

Get ready to spend a full day rubbing virtual elbows with the global mobility community’s best and brightest minds and makers. TC Sessions: Mobility 2021 takes place June 9, and we’ve packed the agenda with experts, interviews, demos, panel discussions, breakout sessions and a metric ton of opportunity.

Pro tip: It’s not too late to book a ticket. Grab yours here and save with groups of 4+.

If you’re still on the fence, here are five excellent reasons you should attend TC Sessions: Mobility 2020.

Leading Voices
TC Sessions: Mobility represents a broad range of companies and topics within the mobility space.

Want to know what’s happening in self-driving delivery? We’ve got Ahti Heinla (CTO @ Starship), Apeksha Kumavat (Co-Founder @ Gatik), & Amy Jones Satrom (Head of Ops. @ Nuro).

Want to get the low-down on Commuter Cars? We’re talking with Jesse Levinson (Co-Founder & CTO @ Zoox).

Want to see what’s in the future for passenger aircraft? Then you’ll definitely want to watch the session with JoeBen Bevirt (Founder @ Joby Aviation) and Reid Hoffman (Co-Director @ Reinvent Technology Partners)

Check out the full agenda here.

Trendspotting

Mobility is a fast-moving target, and success depends on a company’s or individual’s ability to spot possibilities before they become mainstream. At TC Sessions: Mobility you’ll meet with exhibitors, founders, and leaders to figure out what’s coming next.  Here’s what our attendees are saying:

“Attending TC Sessions: Mobility helps us keep an eye on what’s coming around the corner. It uncovers crucial trends so we can identify what we should be thinking about before anyone else.”
— Jeff Johnson, vice president of enterprise sales and solutions at FlashParking.

1 on 1 Global Networking

At TC Sessions: Mobility you can take advantage of CrunchMatch, our free, AI-powered networking platform (think speed dating for techies) makes connecting with like-minded attendees quick and painless — no matter where they’re located. A virtual conference means global participation, and you might just find your next customer, partner, investor or engineer living on a different continent. It takes only one connection to move your business forward.

Early Stage Expo & Pitch

30 early-stage startups will showcase their mobility tech in our virtual expo. Peruse the exhibitors, peek at their pitch decks, schedule a demo, start a conversation and see where it leads. During the show, you can also check out the pitch sessions where startups will present their company to a panel of TechCrunch editors.

TC Sessions: Mobility on June 9 is sure to be a blast and a great opportunity for you to expand your knowledge and network within the mobility industry. Book your tickets today as prices go up at the door. 

#artificial-intelligence, #co-founder, #cto, #engineer, #forward, #head, #jeff-johnson, #jesse-levinson, #nuro, #reid-hoffman, #reinvent-technology-partners, #self-driving-car, #tc, #zoox

Synctera raises $33M Series A to pair fintechs with banks

Synctera, which aims to serve as a matchmaker for community banks and fintechs, has raised $33 million in a Series A round of funding led by Fin VC.

The raise comes just under six months after the fintech raised $12.4 million in a seed round of funding.

New investors Mastercard and Gaingels also participated in the latest round, which included follow-on investments from Lightspeed Venture Partners, Diagram Ventures, SciFi Ventures and Scribble Ventures. Several angel investors put money in the Series A including Omri Dahan, Marqeta’s Chief Revenue Officer, Feedzai Chairman and CEO Nuno Sebastiao and Greenlight co-founder and CEO Tim Sheehan. 

Alongside the Series A, Synctera is also announcing its commitment to the new Cap Table Coalition – which includes funding from Gaingels, Neythri Futures Fund, Plexo Capital and over 20 angels – alongside other startups by allocating 10% of all funding rounds to “traditionally marginalized,” or underrepresented, investors via an SPV. (Fellow fintech Finix led the initiative earlier this year before forming this coalition but more on that later).

“This has exposed us to find great folks who we otherwise might not have known,” said Synctera’s co-founder and CEO Peter Hazlehurst. “That’s why we pledge to reserve 10% of this round and all future rounds to diverse investors.”

In a nutshell, San Francisco-based Synctera has developed a platform designed to help facilitate partnership banking. It was founded on the premise that some community banks and credit unions are actually turning down deals with young fintechs because the relationships can be too complicated or time-consuming to manage. Synctera’s goal is to connect community banks and fintechs to streamline the process with its “Banking-as-a-Service” (BaaS) platform.

TechCrunch recently caught up with Hazlehurst, who most recently served as former head of Uber Money and previously also led development of Google Wallet and products related to its payments system.

Put simply, Synctera wants to make it easier for community banks and fintechs to partner with each other. It examines banks’ needs and then sets them up with a fintech that is best suited to meet those needs. It claims to “do the work for both parties,” managing the partnership from its back-end platform, while dealing with issues like regulatory compliance, which can be a deterrent for some companies. The process of managing, reconciling and billing banks can result in “a lot of operational overhead and complexity,” according to the company.

The company says it’s built a “diverse” marketplace of banks and fintech companies so that it can apply a “personalized touch to each match” and make sure that the parties “align on geography, brand ethos, and desired business goals.”

So far, Synctera has signed three banks with plans to sign on three more this month. The startup has already paired Coastal Community Bank – a local bank serving the greater Puget Sound community – with One, a new digital banking platform, and Ellevest, a new fintech. 

By using Synctera’s platform, the company claims, banks can more freely allow their fintech counterparts to offer FDIC-insured mobile checking, debit cards, savings accounts or innovations in payments to their prospective customers, the company claims. They can also make more money doing so, Hazlehurst said, by bringing in more revenue beyond interchange fees.

“Like most small businesses, community banks have been hit hard by COVID-19,” he added. “We hope to further diversify community banks’ revenue streams.”

Banks can also more easily manage multiple relationships with various fintechs as the companies agree to adopt Synctera’s tech stack, the company claims.

“We build a single dashboard for a bank, so there’s a consolidated position across all fintechs,” Hazlehurst told me at the time of the company’s last raise. “It’s all about visibility for the bank.”

Currently Synctera has about 50 employees, including about two dozen engineers, most of whom are located in Canada, Hazlehurst said. The company plans to ramp up to 160 employees by year’s end with a focus on engineering, sales, marketing and customer success staff.

Looking ahead, Hazlehurst predicts that the fourth quarter will be “all about support for small business fintechs.”

“We want to create a neobank for gig economy workers, and want to add lending as a service,” he said. “But our next big phase is to onboard a lot of fintechs, and learn from them.”

Logan Allin, managing general partner and founder at Fin VC, believes that Banking-as-a-Service in general will transform legacy national and regional banks, credit unions, fintecs, corporate tech and retailers alike “as these players either seek to vertically integrate financial services or accelerate their digitization process.”

Synctera, he adds, has taken an approach with its tech stack that allows for integration with legacy community banks and their respective cores. This, Allin believes, will help ensure a “cloud native and scalable model” and made it an attractive investment. (Fin VC has also backed the likes of other fintechs such as Pipe and SoFi).

“Synctera’s peers are simply abstracting bank cores and serving as ‘API wrappers’ in a kludgy short-term approach and having come from the legacy bank and modern fintech worlds, we recognized that these players had not built sufficiently strong bridges across the ecosystem,” Allin told TechCrunch.

For his part, Finix Founder Richie Serna is thrilled that other startups are following his lead in the pledge to make their cap tables more diverse.

“After Finix announced our special purpose vehicle for Black and Latinx investors, the response was overwhelmingly positive,” he told TechCrunch. “Startups in every sector and at every stage have asked us how to recreate our SPV. In response, we started the Cap Table Coalition to make it as easy as possible for more high-growth startups, like Synctera, to take control over their cap tables,” said Richie Serna, CEO and co-founder of Finix. “We see this as an inflection point that will completely upend how the VC world functions.”

Meanwhile, Synctera is not the only player trying to help banks and fintechs forge partnerships. Last week, TechCrunch reported on Visa said it has expanded its Visa Fintech Partner Connect program, which is designed to help financial institutions quickly connect with a “vetted and curated” set of technology providers. 

#api, #articles, #bank, #banking-as-a-service, #canada, #diversity, #economy, #fdic, #finance, #financial-services, #financial-technology, #finix, #fintech, #founder, #funding, #fundings-exits, #google, #greenlight, #head, #lightspeed-venture-partners, #marqeta, #mastercard, #peter-hazlehurst, #player, #plexo-capital, #recent-funding, #richie-serna, #san-francisco, #startup, #startups, #uber, #venture-capital

Settle raises $15M from Kleiner Perkins to give e-commerce companies more working capital

Alek Koenig spent four years at Affirm, where he was head of credit.

There he saw firsthand just how powerful the alternative lending model could be. Koenig realized that it wasn’t just consumers who could benefit from the model, but businesses too.

So in November 2019, he founded Settle as a way to give e-commerce and consumer packaged goods (CPG) companies access to non-dilutive capital. (Not every company wants to raise venture money). By June 2020, the startup had launched its platform, which is designed to help these businesses manage their cash flow. Over time, he recruited a previous co-worker, Shane Morian, to serve as Settle’s CTO.

And today, the company is announcing that it has raised $15 million in a Series A funding round led by Kleiner Perkins. This follows a previously unannounced $6 million seed raise led by Founders Fund in November 2020. Other investors in the company include SciFi (Affirm founder Max Levchin’s VC firm), Caffeinated Capital, WorkLife Ventures, Background Capital and AngelList Venture CEO Avlok Kohli.

With the pandemic leading to a massive shift toward digital and online shopping, ecommerce and CPG businesses found themselves with the challenge of keeping up with demand while trying to manage their cash flow. The main problem was the lag between accounts receivables and accounts payables.

“These companies suffer from the problem where there are these huge cash flow gaps from buying inventory, waiting to receive it and then turning it into revenue,” Koenig explains. “It takes quite a bit of time for these customers to actually get revenue from all those inventory purchases they need to make. What we do is make it really easy for companies to pay their vendors with extended payment terms.”

Settle does this by automatically syncing to a business’ accounting software and combining that with working capital products it’s developed.

Put simply, Settle will pay a vendor, and then brands can pay Settle back when they turn that COGS (cost of goods sold) into revenue. The startup says it also saves brands money on expensive wire fees.

Image Credits: Settle

“Businesses really value getting cash sooner, so they can use it in their operations,” Koenig said. “We’ve worked to reimagine the CFO suite for brands, starting with integrated financing and bill pay solutions.”

The concept of non-dilutive capital is not a new one with other startups tackling the space in different ways. For example, Pipe aims to give SaaS companies a way to get their revenue upfront, by pairing them with investors on a marketplace that pays a discounted rate for the annual value of those contracts.

Settle is focused on the e-commerce vertical, and building a unique product for that category, Koenig says, rather than trying to build a product aimed for several different industries.

“We don’t want to be a mediocre product for everybody,” he told TechCrunch. “But rather a phenomenal product for this vertical.”

Since its launch last June, Settle has seen its business jump by 1000% although it’s important to note that’s from a small base. Settle is currently working with over 300 brands including baby stroller retailer Lalo, Spiceology and men’s skincare brand Disco. So far, all of its growth has been organic.

“Last year when the pandemic hit, offline retail shut down and ecommerce got a big boost. But that meant that a lot of these companies were running out of orders and were out of stock on many items, so they were just kind of leaving money on the table,” Koenig said. “Once they started using us, they were able to buy more inventory, so we actually help them make more profit, and not just create more sales.”

His reasoning for that last statement is that by giving these businesses the ability to purchase items in bulk, they could get cheaper price per unit costs as well as cheaper shipping costs.

The company is planning to use its new capital in part to grow its team of 20, as well as raise more debt so that it can continue lending money to businesses.

Kleiner Perkins’ Monica Desai Weiss said her firm believes that Koenig and CTO Morian’s expertise in underwriting, capital markets and e-commerce give the pair “a rare skill set that’s unique to their market.”

She’s also drawn to the company’s embedded approach.

“Whereas most lending businesses are fairly transactional and opportunistic, Settle becomes deeply embedded in the way their merchants forecast and grow,” she told TechCrunch. “That approach has demonstrated inherent virality and their timing is perfect — the past year has changed consumer behaviors permanently and also produced massive opportunities for global entrepreneurship via ecommerce. In that way, we see the umbrella of e-commerce expanding massively in the coming years, and we believe Settle will be key to enabling that shift.”

#avlok-kohli, #background-capital, #business, #caffeinated-capital, #ceo, #cfo, #corporate-finance, #cto, #e-commerce, #economy, #entrepreneurship, #finance, #fintech, #founders-fund, #funding, #fundings-exits, #head, #inventory, #kleiner-perkins, #online-lending, #payments, #private-equity, #recent-funding, #settle, #startup, #startup-company, #startups, #supply-chain-management, #venture-capital, #worklife-ventures

SOSV’s burgeoning climate portfolio is worth nearly $6 billion as planetary health bets pay off

The burgeoning climate focused portfolio from early stage investor SOSV Investments has managed to raise nearly $2 billion in follow on financing since the startup companies graduated from the investment firm’s various accelerator programs. Taken together those companies have a collective market capitalization of nearly $6 billion.

Ahead of Earth Day this year, the early stage investor responsible for a series of accelerators including HAX, IndieBio, Chinaccelerator, and Food Labs, tallied up the results of the $89 million the firm has committed to these companies and the results, were impressive — especially considering the average age fo a company in the portfolio is only four years old.

SOSV tallied the companies into the Climate Tech 100 and divided them into categories that included startups developing technologies and services that have a direct impact on the planet and those that are adjacent to carbon removal — a further bucket was a group of startups that developed marketplaces for low carbon goods and services.

This all starts from trying to do meaningful things and purposeful things. We are trying to invest in these unstoppable forces and unstoppable trends and there has never been a more unstoppable force than climate change,” said SOSV Investments founder Sean O’Sullivan. “What we discovered we were in the right place at the right time in the climate.”

In the six years since the firm launched IndieBio with Arvind Gupta (now at the Mayfield Fund), SOSV’s life sciences accelerator had a dual focus on human and planetary health. By pursuing both areas, the firm was able to see the wave of climate tech applications in life sciences begin to rise and crest — and that’s led to early investments in companies like Perfect Day, Memphis Meats, Geltor, and MycoWorks, which are all companies using biological materials to replace traditional animal products.

Planetary health is very much our thesis here. Arvind didn’t have to talk Sean into putting $100 million at the time,” said IndieBio’s new head Po Bronson (a longtime business writer who co-authored “Decoding the World” with Gupta and partnered with him at IndieBio).

SOSV Investments founder Sean O’Sullivan

The emphasis on food, Bronson said, was because it was an area where consumers were putting pressure on companies by changing their own habits and looking for alternatives. The decision to move to plant based products is one consumer choice that can make a significant difference in planetary health — as well as their own individual health. Other systems are much harder to change without legislation or industrial support, said Bronson.

Meanwhile, the hardware group in HAX Shenzhen run by Duncan Turner is beginning to see industrial companies embrace the demands for more sustainable manufacturing practices. Indeed, the 3D printing company Formlabs is another startup that’s brought in big dollars with a process that directly impacts the carbon footprint of manufacturing.

“How we make things used to be invisible before. Every publicly traded company has to do some sort of accounting in this space,” said Bronson. “The entire manufacturing sector is being interrogated on ths front. It’s coming through and it’s driving adoption.”

Looking ahead, Bronson sees opportunities in green chemistry to move the needle beyond life sciences applications in the food space. Those new technologies include services on offer from startups like Zymochem which is making a biorecyclable material for diapers that’s better for the planet, or Pili, which is making biologically based dyes and pigments. Bronson is also looking for biological solutions that can create massive, passive systems to sequester greenhouse gases in oceans or in soil.

Meanwhile, Turner is hoping to find companies like Socure, which removes the need for a chemical separation agent for oil separation; or DivyGas, which has a method for manufacturing green hydrogen.

“Not only are the opportunities available, but this is a way people can make money,” said O’Sullivan. “Our net IRR is in the 30% plus range. You can make money in climate tech. So don’t be afraid to invest in these companies.” 

#3d-printing, #arvind-gupta, #duncan-turner, #earth-day, #entrepreneurship, #food, #formlabs, #geltor, #hardware, #head, #indiebio, #manufacturing, #mayfield-fund, #memphis-meats, #mycoworks, #perfect-day, #po-bronson, #private-equity, #sean-osullivan, #sosv, #startup-company, #tc

Former head of the World Resources Institute has a new role leading Bezos’ $10 billion Earth Fund

The $10 billion Bezos Earth Fund has a new chief executive and it’s Andrew Steer, the former head of the World Resources Institute — an organization that Bezos described as “working to alleviate poverty while protecting the natural world.”

As the head of the fund, Steer will be responsible for spending that money down by the end of 2030, according to a tweet from none other than Steer himself.

“The Earth Fund will invest in scientists, NGOs, activists, and the private sector to help drive new technologies, investments, policy change and behavior. We will emphasize social justice, as climate change disproportionately hurts poor and marginalized communities,” Steer wrote.

With a $100 million award from the first rounds of grants the Bezos Fund issued in November, the World Resources Institute was one of the largest recipients of Bezos’ largesse. Other big recipients from the first block of grants included the Environmental defense Fund, The Natural Resources Defense Council, The Nature Conservancy and The World Wildlife Fund.

“I feel incredibly fortunate to join the Bezos Earth Fund as its CEO, where I will focus on driving systemic change to address the climate and nature crises, with a focus on people. Too many of the most creative initiatives suffer for a lack of finance, risk management or the right partnerships. This is where the Earth Fund will be helpful,” Steer said in a statement issued by the WRI.

While at the WRI, Steer oversaw its international expansion from an advocacy organization centered primarily in Washington to a global organization with offices in Indonesia, the UK and Colombia along with hubs in Ethiopia and the Netherlands. Steer also expanded the offices in Brazil, China, India, Indonesia and Mexico.

His tenure also involved creating coalitions and initiatives that changed the understanding around the economics of climate change, including the launch of a $10 million annual initiative to support the implementation of climate plans by 100 countries, according to a statement from the WRI.

“The $10 billion Bezos Earth Fund has the potential to be a transformative force for good at this decisive point in history. Andrew’s global reputation, deep technical knowledge and experience, and commitment to social justice make him a perfect leader for the fund,” said Christiana Figueres, co-founder of Global Optimism and former Executive Security of the UNFCCC.

#bezos, #brazil, #ceo, #china, #co-founder, #colombia, #ethiopia, #executive, #finance, #head, #india, #indonesia, #jeff-bezos, #leader, #mexico, #nature-conservancy, #netherlands, #risk-management, #tc, #united-kingdom, #washington, #world-wildlife-fund

Fintech startup ClearGlass Analytics closes $3.6M for pension funds transparency platform

Fintech startup ClearGlass Analytics has closed a £2.6 million ($3.6M) funding round for its platform, which aims to create greater transparency on fees in the long-term savings market, such as pensions and the wider asset management market. 

The £2.6m seed round includes European VC Lakestar and Outward VC, the venture arm of Investec, as well as several angels from both the asset management and pension fund worlds. These include Ruston Smith, a pension trustee; Richard Butcher, Chair of the PLSA (UK pension trade body); Chris Wilcox, former Global Head of JP Morgan Asset Management; and Rob O’Rahilly, Sikander Ilyas and Alex Large, also former JP Morgan employees.

ClearGlass is targeting the £1.5trillion mature ‘Defined Benefit’ pension schemes market and claims to now work with over 500 DB pension funds. It will use the funding to expand into the UK Defined Contribution pension market, and consolidate its early footprint in Europe and Africa.

How ClearGlass works is that it acts as a data interface between asset managers and their clients. Pension funds then use the platform to see all of their investment costs in one place, thus getting more data than usual from more asset managers and other suppliers. This helps the funds see the ‘true cost’ of what they are paying for the management of their investments. ClearGlass claims to be able to uncover the kinds of costs of asset management that, in some instances, can be more than double those expected.

The startup recently did an analysis of the cost and performance of over 400 asset managers. It found that while most UK asset managers were meeting minimum standards for data delivery, quality, and accuracy, 30 (including some powerful players) did not pass their tests.

The company was founded by Dr. Christopher Sier, a World Bank and FCA expert who previously developed the cost transparency standard at the request of the FCA, and co-founders Ritesh Singhania and Kunal Varma.

Sier, founder and CEO, said: “Finding your costs are so much larger is shocking, but also something to be celebrated. These incremental costs were always there, they just weren’t exposed, and now you can identify those and bring about change. You can’t manage what you don’t measure.”

In an interview with TechCrunch, Ritesh Singhaniam, COO, said getting the data about pension funds is normally “super challenging and complicated. And second of all, even when you got the data, you couldn’t make head nor tail of it because you can’t compare it across funds. What we have done is that we have been the line of communication between the manager and the pension fund. So we have built a piece of technology that helps with the communication between the asset managers, and the pension funds to be able to collect that data, check that data. And finally, give them something that doesn’t require them to spend 20 hours to understand it.”

ClearGlass was incubated by the Founders Factory accelerator.

#africa, #asset-management, #ceo, #coo, #europe, #fca, #head, #jp-morgan-asset-management, #tc, #united-kingdom, #valuation, #world-bank

Berlin’s MorphAIs hopes its AI algorithms will put its early-stage VC fund ahead of the pack

MorphAIs is a new VC out of Berlin, aiming to leverage AI algorithms to boost its investment decisions in early-stage startups. But there’s a catch: it hasn’t raised a fund yet.

The firm was founded by Eva-Valérie Gfrerer who was previously head of Growth Marketing at FinTech startup OptioPay and her background is in Behavioural Science and Advanced Information Systems.

Gfrerer says she started MorphAIs to be a tech company, using AI to assess venture investments and then selling that as a service. But after a while, she realized the platform could be applied an in-house fund, hence the drive to now raise a fund.

MorphAIs has already received financing from some serial entrepreneurs, including: Max Laemmle, CEO & Founder Fraugster, previously Better Payment and SumUp; Marc-Alexander Christ, Co-Founder SumUp, previously Groupon (CityDeal) and JP Morgan Chase; Charles Fraenkl, CEO SmartFrog, previously CEO at Gigaset and AOL; Andreas Winiarski, Chairman & Founder awesome capital Group.

She says: “It’s been decades since there has been any meaningful innovation in the processes by which venture capital is allocated. We have built technology to re-invent those processes and push the industry towards more accurate allocation of capital and a less-biased and more inclusive start-up ecosystem.”

She points out that over 80% of early-stage VC funds don’t deliver the minimum expected return rate to their investors. This is true, but admittedly, the VC industry is almost built to throw a lot of money away, in the hope that it will pick the winner that makes up for all the losses.

She now plans to aim for a pre-seed/seed fund, backed by a team consisting of machine learning scientists, mathematicians, and behavioral scientists, and claims that MorphAIs is modeling consistent 16x return rates, after running real-time predictions based on market data.

Her co-founder is Jan Saputra Müller, CTO and Co-Founder, who co-founded and served as CTO for several machine learning companies, including askby.ai.

There’s one problem: Gfrerer’s approach is not unique. For instance, London-based Inreach Ventures has made a big play of using data to hunt down startups. And every other VC in Europe does something similar, more or less.

Will Gfrerer manage to pull off something spectacular? We shall have to wait and find out.

#artificial-intelligence, #berlin, #ceo, #chairman, #chase, #citydeal, #co-founder, #cto, #economy, #europe, #finance, #head, #inreach-ventures, #jp-morgan-chase, #london, #machine-learning, #money, #sumup, #tc, #venture-capital

Volta Energy Technologies raises over $90M of a targeted $150M fund to back energy storage startups

Volta Energy Technologies, the energy investment and advisory services firm backed by some of the biggest names in energy and energy storage materials, has closed on nearly $90 million of a targeted $150 million investment fund, according to people familiar with the group’s plans.

The venture investment vehicle compliments an $180 million existing commitment from Volta’s four corporate backers — Equinor, Albermarle, Epsilon, and Hanon Systems — and comes at a time when interest in energy storage technologies couldn’t be stronger. 

As the transition away from internal combustion engines and hydrocarbon fuels begins in earnest companies are scrambling to drive down costs and improve performance of battery technologies that will be necessary to power millions of electric cars and store massive amounts of renewable energy that still needs to be developed.

“Capital markets have noticed the enormity of the opportunity in transitioning away from carbon,” said Jeff Chamberlain, Volta’s founder and chief executive.

Born of an idea that that began in 2012 when Chamberlain began talking with the head of the Department of Energy under the Obama Administration back in 2014. What began when Chamberlain was at Argonne National Lab leading the development of JCESR, the lead lab in the US government’s battery research consortium, evolved into Volta Energy as Chamberlain pitched a private sector investment partner that could leverage the best research from National Laboratories and the work being done by private industry to find the best technology.

Support for the Volta project remained strong through both public and private institutions, according to Chamberlain. Even under the Trump Administration, Volta’s initiative was able to thrive and wrangle some of the biggest names in the chemicals, utility, oil and gas and industrial thermal management to invest in a $180 million fund that could be evergreen, Chamberlain said.

According to people with knowledge of the organizations plans, the new investment fund which is targeting $150 million but has hard cap of $225 million would compliment the existing investment vehicle to give the firm more firepower as additional capital floods into the battery industry.

Chamberlain declined to comment specifically on the fund, given restrictions, but did say that his firm had a mandate to invest in technology that is battery and storage related and that “enables the ubiquitous adoption of electric vehicles and the ubiquitous adoption of solar and wind.”

Back during the first cleantech boom the brains behind Volta witnessed a lot of good money getting poured into bad ideas and vaporware that would never amount to commercial success, said Chamberlain. Volta was formed to educate investors on the real opportunities that scientists were tracking in energy storage and back those companies with dollars.

“We knew that investors were throwing money into a dumpster fire. We knew it could have a negative impact on this transition to carbon,” Chamberlain said. “Our whole objective was to help guide individuals deploying massive amounts of their personal wealth and move it from putting money into an ongoing dumpster fire.”

That mission has become even more important as more money floods into the battery market, Chamberlain said.

The SPAC craze set off by Nikola’s public offering in electric vehicles and continuing through QuantumScape’s battery SPAC through a slew of other electric vehicle offerings and into EV charging and battery companies has made the stakes higher for everyone, he said.

Chamberlain thinks of Volta’s mission as finding the best emerging technologies that are coming to market across the battery and power management supply chain and ensure that as manufacturing capacity comes online, the technology is ready to meet growing demand.

“Investors who do not truly understand the energy storage ecosystem and its underlying technology challenges are at a distinct disadvantage,” said Goldman Sachs veteran and early Volta investor Randy Rochman, in a statement. “It has become abundantly clear to me that nothing happens in the world of energy storage without Volta’s knowledge. I can think of no better team to identify energy storage investment opportunities and avoid pitfalls.”  

The new fund from Volta has already backed a number of new energy storage and enabling technologies including: Natron, which develops high-power, fire-safe Sodium-ion batteries using Prussian blue chemistry for applications that demand a quick discharge of power; Smart Wires, which develops hardware that acts as a router for electricity to travel across underutilized power lines to optimize the integration of renewable power and energy storage on the grid; and Ionic Materials, which makes solid lithium batteries for both transportation and grid applications. Ionic Materials’ platform technology also enables breakthrough advancements in other growing markets, such as 5G mobile, and rechargeable alkaline batteries. 

 

#chemicals, #department-of-energy, #electric-car, #electric-vehicle, #energy, #energy-storage, #head, #lithium-ion-battery, #nikola, #oil-and-gas, #renewable-energy, #tc, #transport, #trump-administration, #united-states, #us-government

Atlassian launches a whole new Trello

Trello, the Kanban board-centric project management tool acquired by Atlassian in 2017, today launched what is likely one of its most important updates in recent years. With significantly more than 50 million users, Trello is one of the most popular project management tools around ,and in many ways, it brought digital Kanban boards to the mainstream. That focus doesn’t change with today’s release, but the team is now adding a slew of new board views and new capabilities to the individual cards that make up those views, with a special focus on bringing more data from third-party tools right into those cards. That’s in addition to a number of changes to the overall look and feel of the service.

“Over the years, we’ve built this huge, passionate audience of people,” Michael Pryor, Trello’s co-founder and now Atlassian’s head of Trello, told me ahead of today’s announcement. “We have way over 50 million signups — and that 50 million numbers is from 2018 or something, they won’t let me yet give out the current number. […] Then last year, the pandemic hits. We talked about the future of work, right? And then, all of a sudden, it was like: nope, that’s just work. That’s how everyone works. Now, it’s all distributed. We just compressed it all at once. And we had this overnight shift. We would talk previously about this explosion of apps, we would talk about all the browser tabs, people getting lost in information sprawl. Now, it’s just turned up to eleven.”

The behind a lot of the new features was to make it easier for users to do more work inside of Trello and to get better macro views of what teams are working on themselves, but also what is happing across teams and inside an organization. In addition, the new Trello adds more ways to see data from other tools natively inside the service, without having to switch tools.

Image Credits: Atlassian

In practice, that means Trello is adding five new views to Trello (and making it easy to switch between them): team table view for tracking cross-company or cross-project work in a spreadsheet-like fashion; timeline view for managing roadblocks and making data adjustments; calendar view for tracking deadline and time-sensitive tasks; map view for users who have location-based projects; and finally dashboard view for better visualizing success metrics and building reports.

For the most part, the names here are self-explanatory. What’s maybe the most interesting feature here, though, is that the new team table view is Trello’s first view that brings in multiple boards.

“It raises your perspective up to the portfolio level — not just at a single board level,” Pryor said. “Eventually, all the views will do that same thing and so we will essentially have this ability that if you’re on a board, you can pivot your cards and look at them depending on what the project is and how you need them.” The idea here, he explained, was to use and extend Trello’s existing visual language to add these shared perspectives.

What’s also important here is that Trello plans to open this feature to third parties that may want to build their own views as well. The Trello team itself, for example, built a slide view that automatically creates slides for all of the cards in a project to make it easy for somebody to present them in a meeting, for example.

Image Credits: Atlassian

Pryor argues that what Trello is doing with its new cards, though, is maybe even more important. The team is adding over 30 new card types where, just by adding a URL that links to YouTube, Google Drive, Figma, JIRA  or even other Trello boards, you’ll be able to see previews of what you linked to right inside of Trello.

“What that does, I think, is that it elevates what that card represents from just being a thing that exists only within Trello to represent work that’s happening across all these other tools,” Pryor explained. “So now your JIRA tickets can exist alongside your Trello cards. And you’re categorizing that and moving and talking about it in a way that’s independent of what’s happening in JIRA — it could be connected to it, but it adds this ability to create a dashboard that brings all that work into one place.”

Image Credits: Atlassian

Pryor noted that the team wanted to leverage the simplicity and visual language that Trello’s users already love and then apply that to other tools. “We could get into a race and just build project management-type features. We’re really trying to build a project management app, instead of building an app that helps you manage all your projects. That’s distinct from going down this road where we’re just like: feature, feature, feature.” That approach, he argues, would just lead to bloat. Instead, the team wants to take its card metaphor, expand on that and allow its users to build new solutions inside of Trello, using a visual language they are already familiar with.

Another new feature that’s coming soon — and one that the Trello community has been expecting for a while — is mirror cards, which essentially allow you to share the same card between boards. All you have to do is link from a source card to a card on a card on another board and that new card will look just like the original card.