Sift Acquires Keyless in Battle Against Account Takeover Fraud

data protection

Digital fraud prevention firm Sift has acquired Keyless, a company that provides passwordless and multi-factor authentication.

“Keyless’ zero-knowledge cryptography and privacy-preserving biometric authentication technology eliminates account takeover (ATO) fraud due to weak or stolen passwords, phishing, and credential reuse, while allowing users to log into websites and apps simply by looking into their device’s camera,” Sift said in a Wednesday (Nov. 17) news release.

The company noted the acquisition comes in an era in which account takeover attacks have reached new heights during the pandemic, with business businesses facing the threat of hackers using large-scale automation to conduct massive ATO attacks and steal account value, payment info and other personal data.

Read more: 36% of US Consumers Say Trust Is Key Factor in Choosing Online Merchants

It’s also happening at a time when many consumers say they’d be willing to trade some of the conveniences of eCommerce — specifically speed — if that means their sensitive data is kept safe, as PYMNTS research, conducted with Sift, has found.

The PYMNTS Trust Quotient study surveyed more than 2,500 consumers and found that 84 percent of them want smaller merchants to take whatever steps necessary to guard their information during their first transactions.

Keyless’ biometric-based authentication removes a key avenue for ATO attacks by providing account security to businesses ready to embrace a passwordless customer experience by using multi-factor authentication, adding to the safeguards already offered by Sift Account Defense and its ATO prevention capabilities.

“Protecting businesses from fraud while reducing customer friction is the foundation of a Digital Trust & Safety strategy,” Sift President and CEO Marc Olesen said in the announcement. “Keyless has created a truly innovative product that provides better account security with less friction for users, and meets the qualifications for regional regulations like PSD2.”

Sift stresses that Keyless “puts privacy at the center of the experience” by authenticating customers without keeping biometric or cryptographic information on their device or in any central location. Keyless doesn’t have access to biometrics, which means no one but the customer has access.

Founded in 2014, Sift is based in San Francisco and provides security services for brands that include Doordash, Wayfair and Airbnb.