SecSign technologies was founded in 2012 and is the sister company of SecCommerce Informationssysteme GbmH – a cryptography solutions pioneer with more than 16 years’ experience in public key infrastructure, data encryption, electronic signatures and smart card technology. Working with IBM, Siemens, Johnson & Johnson, Fujitsu, T-Systems, BMW, and Audi, among others, the company has successfully safeguarded confidential data and user access with their systems maintained by their security experts and cryptography engineers. SecSign ID is available for the Android, iPhone and Apple Watch.
Q: Please tell us a little bit about your company – what is SecSign all about?
With data security and privacy concerns on the rise, our goal is to physically eliminate the security vulnerabilities that have enabled nearly all successful cyberattacks and data breaches against companies and individual users. This may sound remarkably ambitious, but it is not only feasible but it is something that we have been able to achieve with solutions for login security and for encrypted file sharing, storage, and messaging. We have developed advanced and patented cryptography that removes the mechanisms that attackers exploit to compromise user accounts, websites, and confidential data.
Both of our core data security solutions are available as secure cloud solutions or as on-premise solutions that you can license and install on your own architecture, behind your firewall, with centralized administration and reporting. This latter option is particularly important for companies and developers that want to operate their own solutions out of the cloud and on their own servers.
Q: Please tell us a little bit about your background and how you started your company?
Everyone at our company is deeply committed to data security and to protecting the privacy and confidential information of companies, organizations, developers, and individual users. About 16 years ago, we founded our parent company, SecCommerce, in Hamburg, Germany, with a goal of applying public key infrastructures to meet data security challenges for government institutions and the private sector. We helped pioneer the use of smart card technologies and electronic signatures to protect user access and sensitive data for government, financial institutions, and private companies in Europe. Our engineers and security experts developed and deployed systems that have successfully protected millions of user logins and transactions for many major corporations, including IBM, Siemens, Johnson & Johnson, Fujitsu, T-Systems, BWM, and Audi.
With our new U.S. subsidiary, SecSign Technologies, we decided to apply our expertise in public key infrastructure and advanced encryption to next-generation solutions for login and data security for websites, applications, and networks. We applied the same fundamental security principles we had been using for smart cards and electronic signatures to create a mobile solution for truly secure two-factor authentication and a secure portal for encrypted file sharing, file storage, and messaging. Importantly, we have eliminated the password from our authentication process and replaced it with a powerfully secure out-of-band procedure that guarantees that any login mechanism protected by our solution can never be hacked or compromised.
Q: What are some of the projects you are working on right now?
Recently we released a version of our SecSign ID mobile authentication app for the Apple Watch, and we are continuing to promote this and prepare for future improvements to Watch development from Apple. We expect that future improvements to Apple Watch will allow us to extend and improve our app‘s functionality as the platform expands its capabilities.
We are also working on a version of our SecSign ID authentication solution for Mac, and we are creating an API for SecSign ID so that other app developers can use our highly secure SecSign ID login procedure in their apps. We see this as extremely important in encouraging developers to move away from vulnerable login and authentication procedures and start using next-generation technology that will finally put an end to hacking, phishing, and malware that victimizes so many of their users.
A reference application, called TimeReport, will be published for this API. This is a simple app that we built to show the SecSign API in action. It demonstrates how users can conveniently use the SecSign ID login in a developer’s app and how they can secure their data in the SecSign Portal. It will also show them how they can provide users with other great features for sharing, messaging, etc. TimeReport enables users to write down the tasks they completed on one or more days and how long they took. The users can then share their reports with other users or just send a link to their bosses and allow them to download reports securely.
Apart from this, we are working on two other projects, but we cannot share any details just yet.
Q: What are your plans for the future, how do you plan to grow this company?
Right now we are heavily focused on business-to-business online marketing to reach the private sector and promote our on-premise solutions that can be operated on company servers. But we are also offering our data security solutions for free in the cloud. We hope this will help us attract smaller businesses and website and app developers that have an interest in achieving the strongest possible security but may not have the budget or IT resources to purchase and run our on-premise solutions on their own servers.
We have also had great success with our B2B marketing efforts and have met with many major companies across a variety of industries. Our innovative approach and the promise of next-generation security has attracted the attention of many companies that want to avoid being the next major news headline about a hack or data breach. Our goal is to convert these opportunities into on-premise installations and leverage early adopters to help us drive rapid growth. In the meantime, our free cloud-based solutions and our forthcoming API will hopefully drive adoption and usage by smaller businesses and developers, which we see as very important to growing our brand and improving data security for everyone.
We are deeply committed to data security and to protecting the privacy and confidential information of all organizations and users, so, for us, the long-term goal is to be part of a revolution that gets us out of the Dark Ages of data security and toward a brighter future in which we can all feel confident that our user accounts and our data are completely safe and secure. So we never stop developing new solutions, and we will never stop creating new improvements and enhancements for the solutions that we have already created.
Q: How do you bring ideas to life?
It starts by reading, reading, and reading, to continuously understand the latest developments in data security, cyberattacks, data breaches, and other threats that we need to address. The key is to identify the common denominators and the root causes of a problem and then address them. So the reading, research, and analysis is followed by building prototypes, testing how each solution ”feels,” and then improving and publishing beta versions as quickly as possible. Then we check users´ behavior and assess reactions when they use the product, and we use this intelligence and feedback to make continuous improvements and ultimately refine our products to be as user-friendly and easy-to-use as possible.
Q: What’s one trend that really excites you?
Wearable computing is something that we are excited about and that we have embraced in our development for the Apple Watch. In 10 years, I believe that we will finally be completey networked, thanks to wearable computing. Of course, this poses a great challenge for us as security experts, but wearable computing is already delivering terrific options and benefits for end users, and we are fans and users of these technologies. So we are already working on solutions and procedures that will allow us to provide the same level of powerful security through wearable devices. I also follow, with great interest and fear, the progressive fusion of IT and the automotive industry. In integrating IT solutions during car design, it is very important to get consulting advice from IT security experts. Without a proper approach to security in these applications, we could see disastrous results, and there is already evidence emerging that automobile hacking could be one of the next major threats in cybersecurity.
Q: What were the top 3 mistakes you made starting your business and what did you learn from it?
- Not enough marketing. There is a strong tendency among developers and engineers to invest most of the effort in design and product development, thinking that the product will be so fantastic and the concept so unique and groundbreaking that users will simply line up to use it or buy it. Unfortunately, it’s not that simple. Marketing must be a major focus for any product or solution so that you can build a brand, create awareness, and drive potential customers to you. If no one knows about your product and you make minimal effort to drive awareness and drive people to it, then you are almost doomed to fail no matter how great the product might seem to you.
- Too much text in explanations and on websites. It can be difficult to find the right balance between giving enough information and offering too much information, especially when you need to educate an audience about a product. We went too far and were a bit too detailed and text-heavy in how we tried to explain our solutions and make sure that people understood them. So we try to make sure that our high-level talking points and information are fairly simple and easy-to-understand, and we have made use of videos to condense our messages and show people how our solutions work rather than tell them.
- Too many technical descriptions. Naturally, in data security, the technical details are extremely important, especially to IT decision-makers who might be evaluating our solutions. But the benefits and core concepts behind a solution can easily get lost in all of those technical descriptions. We made that mistake, so we try to explain things in terms that anyone can understand, whether the reader is an IT professional, a business executive, a website developer, or just an everyday online user who is concerned with personal privacy and data security.
The best way to learn how to communicate things is to talk to someone who is not an expert in your field. Try to explain your product in a simple and direct way that would make sense to almost anyone. Then ask questions. What does the person understand about your product? What is not understood? Did you give too much information or detail? How can you make things more clear and improve your explanation?
Q: How do you go about marketing your business, and what has been the most successful form of marketing for you?
As I talked about earlier, we are mostly conducting online marketing, and we are mostly focused on B2B channels such as Linkedin. We regularly publish blog posts on our company blog and on Linkedin, share useful information and insights for developers, and share the latest news reports and updates about data security issues on Linkedin. We use sponsored posts and InMail to reach highly targeted audiences on Linkedin, but we have also managed to build up a healthy following and are able to tap into our existing connections for marketing purposes. We also publish plugins for major content management systems worldwide, such as WordPress and Joomla, which helps bring attention to our solutions for developers. And, of course, an important aspect of our marketing is direct word-of-mouth recommandations from happy customers.
Q: What would you say are the top 3 skills needed to be a successful entrepreneur – and why?
I think the top three skills are listening to your customers, focus, and determination. You have to start out by listening to our customers or potential customers, understanding the needs of the marketplace and assessing how you can bring your unique capabilities to address an unmet need and deliver an important solution or product. But, of course, you need to be focused, otherwise you may try to take on too much, pursue too many markets or opportunities, and fail to deliver a truly refined and comprehensive solution. As you start up and begin to grow, you will hopefully encounter many opportunities that you can pursue, but you have to stick with what you can do best and what provides the best chance for success right now. And you have to challenge any changes in scope, direction, or strategy by doing your research, quantifying opportunities or the impact of these changes, and making sound decisions based on actionable data. You have to make sure that there is a very compelling business case before you change or expand your focus.
And, finally, there is determination. It can take many hours and considerable effort to get a company off the ground, develop a product, and bring it to market. If are trying to do this while still maintaining an existing career, it becomes even tougher. So never underestimate the time and effort it will take to succeed, and make sure you have the resolve and determination to take it on without sacrificing the quality of your output. The good news is that the workload may become much more manageable once you’re up and running and you’re growing. And you may be able to hire additional resources to help you. But, during the early stages, a lot may fall on your shoulders, and you have to be prepared to outwork and outperform other entrpreneurs and competitors so you can gain an edge and ultimately succeed.
Q: What are the top 3 online tools and resources you’re currently using to grow your company?
The top three online tools and resources that we are using are Linkedin and YouTube, along with our own SecSign Portal solution. In our case, we not only publish useful and engaging content and videos on Linkedin and YouTube to attract potential customers, but we offer our free cloud solutions, including the Portal, which anyone can try and start using within seconds. The Portal, in particular, gives users an opportunity to test our secure authentication by logging into the Portal using the free account that is automatically granted to them when they create a SecSign ID for authentication. This gives them a way to start experiencing the simplicity and usability of our solutions while introducing them to the features of our Portal solution for file sharing, file storage, and messaging.
Importantly, we use our own solutions every day, wherever we have control over authentication, and whenever we need to share files, information, and messages with our internal staff and external business partners. Thus, we share and store files and messages through our Portal solution, and we use SecSign ID to protect access to our company blog, our website, and to the Portal itself.
Q: What are three books you recommend entrepreneurs to read?
For entpreneurs in IT security and many other areas of tech and software, it is far more important to read daily blogs from experts and review daily news websites to find out about the latest developments and learn important lessons that can be applied. Particularly in data security, new attacks are happening every day and attackers are deploying new methods that must be tracked and assessed daily. By the time a book is published on data security, many new threats and events will have emerged and the book will no longer be relevant. So I focus on keeping up with what is happening every day and noting the details of emerging threats and successful attacks, along with the latest developments in technologies and security procedures designed to stop them.
Also, more important than any book is to listen carefully to your customers and find out what they need and how they use products. This is extremely important in always keeping the user experience as a priority and focusing on usability. No security solution or other software or tech product is going to succeed if it is inconvenient for the user. So I not only pay attention to daily developments in data security, but I listen to users and customers every day to learn more about how we can continuously improve usability.
Q: What is your favorite entrepreneurship quote?
“The Internet is the first thing that humanity has built that humanity doesn’t understand, the largest experiment in anarchy that we have ever had.”- Eric Schmidt(Google)
This quote hints at the biggest danger of the Internet: something that nobody understands cannot be protected. Thus, it is vitally important that entrepreneurs and developers seek advice and support from data security experts when they build their own companies and solutions. The risks of a potential data breach or violation of user privacy are enormous, and they could easily destroy everything that you have built or damage your brand beyond repair. Thankfully, with the right expertise and the right approach to security, these nightmares can be avoided, but you have to make sure to get advice and collaborate with those who can help you.
Q: How can our community get in touch with you?
They can reach me at falk2fa@secsign.com
Twitter: @SecSign
Linkedin: https://www.linkedin.com/in/falkgoossens
CrunchBase: https://www.crunchbase.com/organization/secsign-technologies-inc
