EFTA01207240.pdf

Lane Trusted Identity & Authentication Management. February 2015 EFTA01207240 IperLane Vision IperLane manages identities for enterprises, restoring customer privacy while eliminating the burden of safely storing Pll and proper implementation of authentication Behavioral authentication Identity tokens replace Continuous monitoring & leveraging the device as stored PII, sparing huge anomaly detection on an "identity token" enterprise liability hardened databases EFTA01207241 Current Market Failures G Enterprises are typically inept at both maintaining secure databases and properly implementing strong authentication Maintaining Pit represents a massive enterprise liability, O particularly in light of new regulations regarding data breaches Consumer-facing firms ill-equipped to properly design security Trend towards unified logins via social media (eg Facebook) Consumers increasingly want control over their digital identities EFTA01207242 Significant Market Opportunity Iperlane sits at the intersection of Nearly $45bn opportunity by 2018 high-growth markets in security: $45bn A Identity & Access Management: 0 IAM 1 Driven by demand for Identity-as- a-Service as companies transition to Cyber cloud environments Insurance $21bn A IT Securny Outsourcim: Driven by the growing complexity and resource burden in IT security IT Security Outsourcing A Lyber insurance: High-profile data breaches fuel necessity of and 2014 2018 demand for cyber risk coverage Sources: Gartner, IOC, Marsh 4 EFTA01207243 Identity & Authentication Landscape IperLane sits in the nexus of IAM and cyber risk transfer User/Device Fingerprinting F RTER ThreaMetrix. BehavioSec O41STP 0ET.Q ® iovatfoit AON •>> simeio 01 MARSH Ipe Lane PingIdentity' C_ , nonY YCROFT LOCKTON AIG Centrify Willis TRAVELERS' FORGEROCK Cyber Cloud-based Insurance IAM EFTA01207244 Our Solution SDK for mobile applications to manage user identities ► Facilitate seamless authentication for users while managing security backend for the enterprise ► Provide enterprises with a secure channel to an optimized identity database allowing them to associate tokens with real identities EFTA01207245 Our Solution, continued ► State-of-the-art encryption and tokenization ► Cutting-edge OS-level protection ► Behavioral anomaly detection to prevent data leaks Verify Manage Behavioral Authentication Identity Tokenization EFTA01207246 Behavioral Authentication Leverage smartphone sensors (e.g. accelerometers, gyroscopes) & regularly collect sensor data to: ■ Authenticate users without the need of entering multiple passwords ■ Detect device tampering or theft ■ Correlate geolocation, address book & other data to verify consistency EFTA01207247 Identity Tokenization Decouple sensitive information to reduce risk: ■ Maintain an encrypted database with Pll ■ Associate anonymized tokens to database records and only expose tokens to the customer ■ Monitor database access behavior to spot potential attack s ■ Augment database security with market-leading OS-level protection to prevent attackers from utilizing known malware against our system EFTA01207248 Who We Are Our team has extensive experience, technical understanding and a sizable professional network in information security Experience in offensive security research grants unique insights Vincenzo lozzo Kelly Shortridge Joi Ito ■ iOS Hacker's Handbook ■ Co-lead of data security ■ Director, MIT Media Lab co-author & analytics coverage at ■ Board member of ■ Black Hat Conference Teneo Capital NYTimes & Sony Review Board member ■ NYU Poly Cyber ■ Board advisor, Stellar ■ Recipient of DARPA Symposium advisory ■ Early investor in Flickr, board member Cyber Fast Track grant Last.fm & Twitter EFTA01207249  Capital Raise Our seed round will grant us a runway of approx. 12 — 15 months ■ Basic authentication & identity management SDK ■ Hardened database based on a blend of proprietary technology and CockroachDB ■ Data Scientist / Chief Scientific Officer ■ Technical Developer / CTO ■ Insurance providers to transfer data breach risk Initial Partnerships ■ Potential high-growth SMB customers (e.g. Etsy) [ EFTA01207250 The Next 12 - 15 Months Develop legal framework to transfer customer's Pll risk to IperLane Resolve potential compliance and regulatory issues Begin Series A Hire CTO & Go to Market Chief Scientist Winter 2014-15 Spring 2015 Summer 201 5 Fall 2015 Develop behavioral authentication Finish mobile SDK for Android & iOS Develop hardened database Integrate compliance & regulatory requirements EFTA01207251 Summary ► Trusted identity management for enterprises, restoring customer privacy while eliminating the burden of safely storing Pll and proper security implementation ► Significant ($45bn), high-growth market opportunity in outsourcing identity & access management ► Highly differentiated offering through industry- leading mobile security and authentication expertise EFTA01207252  Lane Trusted Identity & Authentication Management. EFTA01207253 Appendix Product Mechanics Register Device • User registers, selects username and generates a temporary password • IperLane begins to collect data to build a comprehensive user profile in less Data than 24 hours Accept/Deny • Every 2 to 4 hours, IperLane receives geolocation, accelerometer, gyroscopic and other data from the user's device • IperLane acknowledges or denies • IperLane authorization requests based on profile data received Aft 6061:10:13 ■ EFTA01207254 Appendix — Product Implementation Authentication SDK Full Product Offering di 0 User 1 User IperLane Authenticates Authenticates 0 2 User & 411 User & Confirm / Deny Customer Interact Authentication Customer Interact 42 3 Confirm / Deny Exchange of Authentication I Tokenized Data or / Transient Pll Customer /Customer 4 4 16 EFTA01207255