Israeli startup Slicklogin thinks passwords are insecure, messy, and time-consuming—and that two-step authentication via SMS text message is too awkward. The answer to the world's password woes, according to Slicklogin: soundwaves. It seems at least one tech giant may think Slicklogin might be on to something: even though the company has only been around for a year or so, they have just been acquired by Google.
Slicklogin's main product is, well, a bit unusual. It consists of both a website and a phone app which are used to verify a user's identity. First, a website leverages their API to generate a unique, nearly-silent sound through the user's computer speakers. The user's phone then runs an app which captures that sound, verifies it, and confirms back to Slicklogin's servers that the user is using the phone number they gave to the site. Take our word for it: the process is much simpler than it sounds.
Intriguingly, Slicklogin never made it to market. Google acquired the company, under undisclosed terms, months after its American debut at TechCrunch Disrupt. Slicklogin is one of a number of products in recent years designed to replace or sideline traditional passwords; beyond the rapid growth of two-step authentication, many companies are trying to sell vendors on the idea that passwords are outdated. For example: Pulsewallet uses the veins in your palm as an identity verifier, Apple embraced thumbprints to unlock their devices, and another Israeli firm named ID-U Biometrics marketed eye-tracking as a password replacement. For all parties involved, the name of the game is creating a password replacement that is easier to use than entering an actual password.
One of the main reasons so many Israeli companies have entered into the identity verification field is that it gives them a chance to capitalize on skills learned in the country's military. Slicklogin's homepage touts its founders' experience in the cybersecurity/intelligence-oriented Unit 8200, a sort of Israeli analogue to the NSA that has served as a training ground for many of the country's best-known tech startups. CEO Or Zelig previously founded, according to LinkedIn, a reverse-engineering company called Retheos, and vice president Ori Kabeli previously worked as an engineer for sensor firm PrimeSense, which was acquired by Apple. None of the founders have extensive private sector experience; most of their software and hardware work was conducted during military service. Nevertheless, despite, being relatively new to the startup world, they were acquired by Google extremely quickly.
Why? Because Google wants to kill the password. The company is a key member of the FIDO Alliance, an industry-wide consortium that promotes "password-free online authentication." FIDO promotes biometric authentications such as fingerprint scans as a replacement for the password, accompanied by second-step verifications like text messages or sounds. It was unclear at press time whether Google acquired the company to integrate Slicklogin's tech into their products, to keep it out of the hands of rivals like Apple, or because they wanted the talent behind the company. Either way, it marks another landmark in Google's quest to make the password obsolete.