Founder of Draper Associates, Draper Associates
The Startup Hero with Tim Draper Episode 6: Kari Thor Runarsson
Join Tim Draper for Episode 6 of Start Up Hero, where he interviews entrepreneurs about their business. In this episode, Tim talks with Kari Thor Runarsson. Runarsson is the CEO and Co-Founder of Authenteq.
Authenteq is a networked automatic identity verification platform. With Authenteq IDs, users experience increased trust and transparency on P2P marketplaces and communities. With a verified identity, online users become accountable for their actions leading to a better user experience for everyone on the marketplace.
http://authenteq.com
Listen to the podcast version at: https://itunes....
About Tim Draper
Tim Draper, founder of Draper Associates, has been active in media appearances and events, discussing his investment philosophy and his views on Bitcoin, SpaceX, and entrepreneurship. In interviews, Draper described himself as an early investor in SpaceX, stating that the company is "going to take us to Mars." He has reiterated his prediction that Bitcoin will reach $250,000, arguing that it is "better, faster, cheaper than the dollar" and will "eclipse fiat currencies." Draper has advised families to hold six months' worth of Bitcoin, businesses to hold two to four weeks of payroll in Bitcoin, and governments to hold Bitcoin as a hedge against hyperinflation. He has also stated that "if you're a fiduciary... and you don't own Bitcoin, you're being irresponsible." Draper has also commented on the broader investment landscape, stating that "every 20 years, seven out of the 10 biggest companies in the world turn over." He has discussed his criteria for identifying entrepreneurs, saying he looks for founders who are "challenging the status quo" and have a "burning desire" that makes them proceed regardless of criticism. Draper has also promoted Draper University, describing it as a "human accelerator" that turns "ordinary people into heroic entrepreneurs." He has criticized what he called "socialist countries," stating they have "weak leaders" and "flatline" economies, while arguing that "free countries and the capitalist countries grow at extraordinary rates."
Transcript (54 segments)
✨ AI-enhanced transcript with speaker attribution
H
Host0:01
Welcome to Startup Hero. I'm here with Kári Rúnarsson, run our Senate, and he runs Authentiq. And Kári, want you to tell us about Authentiq.
K
Kári Rúnarsson0:35
Authentiq is an identity verification and private information management platform that verifies a person's real identity and then issues a government-grade digital biometric passport that the user can use to authenticate and verify themselves when doing things online. All the information is on my metric passport.
H
Host0:58
And so how would a physical passport know? So it's digital, and then it's saved on the user's phone and on the blockchain, and all the information is only accessible by the user themselves. So Authentiq, or anybody else, has any access to it or function. So to use it, the users are controlling and owning it. So you've got this digital passport, and then what's the benefit to the user?
K
Kári Rúnarsson1:28
Well, one of the things that we've been going through now is we opened up a branch or office and daughter company in Germany, and that's taken over four months to open a bank account. It's taking four trips to Germany to open one bank account, always because of some issues with the ID. They did the KYC process, which all banks have to put their users through, and every time there's been some problem. A photocopy of the passport, the copy wasn't, the dark they needed a signature, so I'd go back and forth four times to Germany to do that. With something like Authentiq, you could do that across borders or from a location that's not at the branch itself. But I have an Estonian card meeting yet, and I opened a bank account in 24 hours, and it works for the whole EU. So why wouldn't people just do that, become Estonian first?
Well, I think a lot more people should do that. Basically, it's not too dissimilar from the Estonian e-ID. I'm from Iceland originally, and I have an Icelandic e-ID. In most Nordic countries they have e-ID. The problem and a huge limitation to the e-ID programs that are out there, including this one, is that the e-ID is an electronic identification. You can only use it inside that country, and even inside the country it's fairly limited, usually limited to government agencies, filing tax returns and stuff like that. With Authentiq, we allow the user to use that same concept but across borders and in any country. It's also a lot easier for companies to participate. They don't have to go through a huge bureaucratic process of being part of that system. A hairdresser could even do that.
H
Host3:20
So if I have this electronic ID from Authentiq, am I less likely to be hacked, and do I use it every time I make a payment or open a bank account or trade?
K
Kári Rúnarsson3:38
The way it's used by the online service that's our customer is up to that service. They can use it to verify a person once, or they can use it if they're doing a high-value purchase. An auction site might want to put a threshold on anything over a thousand dollars, they need somebody to sign up with it. So yeah, it's very versatile and can be used in so many different fields.
H
Host4:11
So let's say, is the biggest use case the bank, the government, or the individual who cares about it the most? Target or Sony, people get hacked.
K
Kári Rúnarsson4:29
Yeah, again, one of the main benefits is that it is on the blockchain and only the user has access to that blockchain entry. Each entry is even separately encrypted on the blockchain, so hacking it is not impossible—nothing's impossible—but the amount of energy and work you need to go through to hack somebody to get their birthday or whatever is just beyond what anybody would do.
H
Host4:58
So it's unhackable in essence. Okay, it's not hackable. So we have someone like that saying, 'Hey, what's my purpose in having this? Is it to be more secure or to prove I'm me? It's more convenient than going four times to Germany to open a bank account, for instance.' And online shows, why? What do you have for me that I can take to the German banks so that I can open it just like that?
K
Kári Rúnarsson5:31
One of my co-founders has been working on electronic ID schemes in two Nordic countries, and we're trying to have that level of accuracy and security but at the same time keeping the convenience of the user being able to do this verification from their home or office. With the current e-IDs out there, you always have to go to a physical location. With Estonia, you had to go to an embassy or consulate to get your e-ID. Authentiq is completely automatic from your office.
H
Host6:11
So how do you know it's me? Face recognition, fingerprint, password, some combination of them?
K
Kári Rúnarsson6:20
We start with the only way of truly binding an identity: we access the chip in the passport because we get information that's visible. There's nothing secret—the information that's printed on your passport, we can get access to it digitally. So we get a digital copy of your picture, you take a selfie, and then we match those two pictures. We make sure that the passport hasn't been changed in any way. We match them automatically and make sure that the person taking the photo is a live person and not a video.
H
Host7:03
How do you know it's not just a photo? You do magic?
K
Kári Rúnarsson7:10
Well, I can show that. You can beat a video—if I have a really high quality video of me moving like that, someone else can't use that? Correct. And we have a way of making sure that doesn't happen.
H
Host7:28
Okay. And is that your secret sauce? Is that your...
K
Kári Rúnarsson7:31
That is part of it, but the main secret sauce, I would say, is the business model. What is the business model? The business model is that the user can adopt this without charge. I can use this without charge. It's always an online service that's paying for it. So for instance, a financial institution—according to numbers in Europe, a manual KYC check by a bank costs about 50 euros or dollars. We could lower that significantly because the price of the automatic process using the app is a lot lower. So with their use of your app, it would be like: 'Hey, this is Tim Draper, and here he's been verified.' And after you've given consent to them, the likelihood that this is Tim Draper is 99.999 percent. It's always your consent. So I give consent for them to use this. I use Authentiq, and then the bank can do all their work electronically, quickly, and that will help them move money or do whatever they have to do.
H
Host8:56
So the ones who are going to pay you for that—is that a unique part of your business, what you said about the business model? Is there something more to the business model?
K
Kári Rúnarsson9:05
The part that's maybe more unique is that we don't claim any ownership of the information. So we're not trying to make money from the information of the user. We don't even know the information that you have. It's all controlled by you. You're the holder of the private key to the blockchain entry, so we never know really what's going on there, and we're not trying to monetize off that information.
H
Host9:32
So it becomes scrambled up in the data sphere somewhere. And I have my data, and I keep track of all my data, and that can include my credit card numbers, social security number, password, whatever else. And you never see it. But you take all that data, you put my face on it, and you say that's that person attached to that data, and it's on this blockchain. So the information that you need to verify to a third party from that pool you can do, and you decide what information is being shared. Would this be optional? I mean, I think Target would be efficient enough to use it every time a new customer comes through with a credit card.
K
Kári Rúnarsson10:29
Part of our process is that the onboarding process, the first time we do this using a passport, takes about 60 seconds. After that, you've done the process; you don't do that every single time you want to verify your identity to an online service. After that, it takes about two seconds. So we lower the threshold of connecting your ID or verifying your ID to multiple sites down to one or two seconds.
H
Host10:53
Are you ultimately going to have people just go and buy things and then just walk by and take the stuff, maybe put their finger down?
K
Kári Rúnarsson11:04
We haven't really thought of it that way, partly because we don't want to interfere with buying habits or anything like that. There's a possibility of using this as a single sign-on, but we don't want to get that Big Brother stamp on us. So it's always up to you; you always give consent. Maybe a better example than Target would be Ashley Madison. You sign up to Ashley Madison, they know a lot of personal stuff about you, and they were ultimately hacked. Using Authentiq, the only thing Ashley Madison or any dating website really needs to know is: are you male or female, what age are you, and are you a real person? So we can tell Ashley Madison that Tim Draper is a male, he's of a certain age, he's verified. And we know who he is, or he has been verified to a very high accuracy. That's all Ashley Madison really needs to know for you to be a good user on the site. So if it is hacked, they won't get your name because that will never be in there, and it's none of their business. It's none of their business if I am on a website, whatever.
H
Host12:09
And would you put medical records on something like this?
K
Kári Rúnarsson12:16
There's definitely been interest from the medical community. That is a huge problem, especially in the States where you have no centralized databases. In many Nordic countries you have centralized databases and in Estonia you have a centralized database with government records, but in places like the US you don't have that. So that's definitely something that could be added.
H
Host12:40
How much? Do you have any customers so far?
K
Kári Rúnarsson12:43
We expect to launch in May. We're just finalizing the product and strengthening the security features like liveness detection and all that. We're working with development partners that are implementing this and giving feedback. But yeah, May or June, I would say we will launch.
H
Host13:03
And when you launch, what's the plan? Are you going to start talking to some smaller customers that might be early adopters, or do you have to go after the big ones with the big problems?
K
Kári Rúnarsson13:21
I think in the beginning, we'll talk to smaller ones simply because it's easier to get access to them and get a meeting with decision makers. I've been on the other side in previous work; it's a long sales cycle. First, we want to work out all the kinks and make sure it's really up to par. We don't want to send a half-complete product out there. Our reputation depends on it being secure and accurate.
H
Host13:49
Do you have a few early customers that you think are going to be perfect candidates for us?
K
Kári Rúnarsson13:56
Yes, it's twofold: marketplaces and auction websites. A lot of damage can be done by a bad actor that takes part in an auction even if he's not the winning bid, he can influence the bidding history. So they really want to manage that there are no bad actors. Then you have financial institutions where it's a matter of regulation—they need to subject their users to this process, and we can offer them a much more convenient and cheaper way to do that.
H
Host14:37
Are there competitive services that have something like this, and what do you have over them?
K
Kári Rúnarsson14:44
When we started looking into this, there weren't a lot of competitors. It's been growing, but what's common with all of them is that they're all using the user information to some extent to monetize it. And we really decided that is the one thing users are concerned about when we talk to them: who sees my information, who can access it, especially with new laws. In the US, carriers or other providers get more access to users' information, people are very concerned about this. So by saying it's user-controlled and consent-based, we have a clear differentiation.
H
Host15:32
And your facial recognition or whatever recognition system, is that unique or do other people have it?
K
Kári Rúnarsson15:43
When we started out, we looked into our own, but it's become a commodity. There are several really good players that offer a solution as a vendor. We use one, and then we enhance it. We use a provider that's doing the security for EDX in Europe, so when you go to a European airport, we're using the same vendor that does the face recognition there. But in an airport, you have a machine that controls the height of the camera and equal lighting from both sides. When you're at home, you might have more lighting from one side which produces a shadow, so we need to correct those things. The core matching algorithms we have some parameters for, but we need to augment that.
H
Host16:42
And you've been bootstrapping for quite a while. What made you want to do this? It's been a couple of years. What made you decide this is something you really wanted to go after?
K
Kári Rúnarsson16:56
Luckily, I've been in a startup that had an exit, so I've been fueled by the vision that I can do it again. Honestly, I think if I hadn't had a successful exit, I probably would have given it up. But I know that in this startup environment, you need to realize it's a roller coaster—you will have a lot of hard times, times when you can't pay yourself. Because I was more realistic about this journey, I think that's what's kept me going. And the feedback—we've gotten a lot of good feedback. We met at a pitching event where we came in second place, and you were in the jury. The feedback and realizing that the market is huge, the need is really big out there—we see this growing to be the core of your identity online. Anything that's identifiable and verifiable can be added to that, and you can use it not only for online sites but also for checking into a flight, checking into a hotel—eliminating lines and queues. Boarding a 350-person airplane takes 30-40 minutes. With a solution like ours, which is still in a prototype idea stage, you could potentially get that done a lot faster.
H
Host18:40
You could replace the TSA maybe. Marry people into your important...
K
Kári Rúnarsson18:47
I think we could definitely cut down the checks and the lines. Coming to the States last weekend, I spent two hours in an immigration line and thought this is not necessary.
H
Host19:05
And you're based in Europe. Do you feel you're going to just start in that market, or are you going to come to the US right away? What's going to be a global business?
K
Kári Rúnarsson19:19
The good thing about starting in Europe is that most Europeans have passports, and that is our main means of identification. We can use driver's licenses and ID cards, but we're starting out with the passport. It's just a lot more common for Europeans than men.
H
Host19:40
So you're going to replace the passport with this to do the verification, and will they use this instead of a physical passport in the future?
K
Kári Rúnarsson19:48
In the future, I'm not going to write off the passport, but it's really a bank ID. It's called a passport because it allows you to pass through certain things. We are looking for people to match them. That's great.
H
Host20:10
Anything you run across that you were frustrated by, any issues that you've come into as you've built this business? What's happened?
K
Kári Rúnarsson20:26
It's been quite a ride. I guess you need to go through it. It started out as a very simple app that took pictures that you could verify. We're taking over a billion pictures a day. I thought it was strange that a photo used to be evidence in court, but nowadays you can take a photo on your phone, use Photoshop, and change it. It's strange that we can't trust this piece of evidence that was thought to be beyond all doubt twenty years ago. So we started out making a simple app that took a picture, and it was encrypted—the app talked to the hardware, timestamped, hashed, everything. So you could know this is what happened. It just evolved from there, and it's become a lot bigger. The legal environment right now, because KYC regulation is different between each country in Europe, it's similar but always a little bit different. The complexity has grown a lot, which I really didn't envision when I started.
H
Host21:48
Now do you think that you're going to have to pivot again so that the business 15 years from now will look different?
K
Kári Rúnarsson21:59
No, I'm really content. Up until about nine months ago, I felt there was something missing, but I'm really happy with our vision and our solution now. The only thing I see changing is that there's no reason why Authentiq couldn't become the primary way to go to be on your communicating or transacting online. It will be as easy as just a two-second verification to an online service that you are who you say you are. It could be as easy as a hairdresser taking it up because people are booking time slots and not showing up. If your identity is verified and connected to your real identity, you're more accountable for your actions online than if you can do it behind some email that nobody knows where it leads.
H
Host23:02
So I get it. It's great. When I verify, do I put a camera in front of my face?
K
Kári Rúnarsson23:10
Yes, the process is you download the app, take a selfie, scan the passport, and then the magic goes on behind the scenes.
H
Host23:18
Okay, so that's when you start. But when I'm verifying for the florist or the hairdresser, it's just I take my camera, put it in front of me. So the way to do it is that there's a QR code or code that's displayed on the website on my profile page. I take that QR code, and it talks to the certificate on the phone. And if I'm not verifying, only the initial verification? How do I get the florist or the salon to know it's me so that I can give money to them?
K
Kári Rúnarsson24:32
In the checkout process, you have your phone. When you want to verify, a QR code is displayed on the florist's website. You take your phone and snap it, and the phone and server talk together.
H
Host25:01
Okay, yeah, that's great. That's happening already, that part. Good. Well, thanks so much for being on the show. That's terrific. So it's Authentiq, it's A-U-T-H-E-N-T-I-Q dot com. Yes sir, Authentiq. Great. So if any of you are interested in learning more about Authentiq, send them a message or go look at their website. Great, thanks so much. Thanks for being on the show.
K
Kári Rúnarsson25:37
Thank you.
H
Host25:39
All right, so there's another Startup Hero.