1. Analysis
May 6, 2022

CEO Chat: Q&A with Andrew Bud of iProov

How financial fraud inspired the iProov CEO to create a biometric identity startup

By Eric Johansson

Andrew Bud is the CEO and founder of iProov, the fraud-busting startup using biometrics to fight crime.

He has felt first hand the need for solutions like iProov. Back when he was running SMS payment provider mBlox, he was shocked to find that criminals used the company to steal millions of dollars. So, after, communications company CLX eventually acquired mBlox for $117m in 2016, Bud had already launched his next venture to help put a stop to it.

He launch iProov three years earlier in 2011 and, as its CEO, Bud has spearheaded the growth of the company’s biometrics solution. In short, the solutions ensures that the users are real and not a bot, preventing bot-led cyberattacks and financial fraud. iProov has offices in London, Maryland and Singapore.

More recently, iProov has been involved in a fight in the courts against rival FaceTec, which had sued the British startup, accusing it of having infringed on its biometric patents. iProov has filed a countersuit against FaceTec.

Industry leaders have argued that biometrics, together with more stringent cybersecurity policies, could prevent financial fraud. Juniper Research analysts believe the number of biometrics-powered payments will skyrocket from 671 million in 2020 to 1.4 billion by 2025. Research firm GlobalData has similarly urged for innovation in this space.

“Mobile especially is an ideal form factor for leveraging biometric security systems, as the hardware for reading biometric indicators (cameras, thumbprint readers) is already built into most smartphones,” GlobalData researchers said in a recent report. “For other areas of payments, such as online payments via desktop or laptop, or for non-mobile payments at the POS, additional hardware would be needed to support biometric authentication.”

Unsurprisingly, there is no shortage of startups like iProov that have raised money to use biometrics to fight fraud. Facial recognition startup NtechLab raised $15m in a funding round in 2020, for example.

Biometrics occasionally gets a bad rep in the press. Privacy activists have often linked the technology with growing mass-surveillance. Some have even suggested that using biometrics to identify customers could lead to more fraud.

In the latest of our CEO Chats, the iProov boss rejects the claims about the technology being used for surveillance. The iProov CEO also reveals why he believes the time is right to take digital identities seriously.

Tell us a bit about yourself. What did you do before founding the company?

My background is as an engineer, and I’m inordinately pleased to be a fellow of the Royal Academy of Engineering. I started in the nuclear fusion industry, before participating in the microprocessor revolution in manufacturing, and then I played a part in founding the Italian mobile communications industry. Before iProov, I’d founded and built mBlox, which became the world’s largest provider of enterprise-to-consumer text messaging. I started mBlox in 2000 and it grew to process six billion transactions a year, with revenues of over $200m when it was sold, and it was at one time also the world’s largest processor of mobile payments.

Where did the idea for iProov come from?

It was at mBlox that I lived the problem we needed solved. mBlox’s SMS payments infrastructure was abused to steal millions dollars from the public. As company founder and executive chairman, I felt very ashamed. This experience taught me how vital genuine authentication security is; yet the context demanded total ease of use. We needed something ultra-inclusive, cross-device and simple to use, yet profoundly resistant to fraud to ensure nothing like this could happen again. There was no solution, so I just had to invent it.

What’s the biggest misconception people have about biometric authentication technology?

It’s got to be the confusion between facial verification and facial recognition. These are two completely different solutions that address completely different issues, yet they frequently get treated as the same thing.

Online facial verification is what iProov provides. The user identifies themself in some way, and only then they use their face to confirm it. So the user has control and choice: they know it’s happening, they benefit from it, and yet their privacy is fully protected. Its purpose is to protect the user and the organisation from the horrors of identity fraud. For example, online facial verification is often used to safely set up a new bank account.

Facial recognition is a very different thing. It’s used to identify people, often without their knowledge or consent. It raises all sorts of issues. We don’t do it.

Activists often mention biometric identification in the same breath as the word “surveillance”. What are your thoughts on this?

Electricity gives us light and power – but can also be used badly and cause a fire. What matters most is how a technology is used. Face verification is not used–and cannot be used–for surveillance. Because surveillance requires that the biometric technology is used to identify people so that they can be tracked. But face verification never identifies anyone. Instead, it simply confirms you’ve told the truth after you’ve chosen to identify yourself. That casts light on your integrity and gives you power over your own identity.

Are biometric and data privacy laws too strict?

The UK and Europe have the General Data Protection Regulations (GDPR), the strictest privacy protection laws in the world, which we apply to iProov’s worldwide activities. They are solidly built on important core principles, putting the citizen and their dignity at their heart, ahead of any commercial interest. I think that’s right, and their strictness has great benefits–in curbing abuse and creating trust. The problems we have are not about strictness but about confusion and obsolescence – they struggle a bit with some modern technologies like machine learning and biometrics.

What one piece of advice would you offer to other CEOs?

Be very frugal and conserve your cash until you discover the huge, burning problem to which you are the perfect solution, even though you had absolutely no idea it existed. It will always take longer than you think and it’s very hard to use money to make a market move faster. Think global, act poor, and focus on winning the customers who will change your life.

What’s the most surprising thing about your job?

How much I enjoy it after 10 years. The biggest challenge of all for an entrepreneur is to find a problem so huge, so vital, so valuable and so challenging that you and your team will be excited to spring up to solve it every morning for 10 years. A decade ago who knew if it were possible to find that again? But it is. And I’m also really surprised how much more confidence I have to do so than 20 years ago. Maybe age and experience do count for something after all.

What is the most important thing when you want to scale a startup?

Get the right team. People you like, respect and trust. Get lots of diversity into that team, but make sure they share a sense of humour! Psychological safety and mutual support are so vital in coping with all the problems that emerge during scale-up. And solve next year’s problems now–you won’t have time then.

What’s the strangest thing you’ve ever done for fun?

In north west London there is an abandoned railway line, some of which is mysterious, concealed and overgrown. At the end of it there is a long tunnel, boarded at both ends. Many years ago, before the days of smartphone lights, I pried open that boarding and walked that tunnel, from one end to the other.In pitch darkness, under crumbling masonry, through puddles of who-knew-what, accompanied by scurrying sounds, for over 300m. Who would do such a thing? I loved it.

What’s the most important thing happening in your field at the moment?

Digital identity is being taken seriously, at last. It sounds so obvious, but for many, many years it seemed like a splendid idea, which governments and banks really didn’t care about at all. In-person or paper-based processes with lots of human contact, in low-threat environments and easily managed consequences, meant that no one could really be bothered. That is so over now. The combination of a cyber-threat environment in which online fraud is now the biggest cause of crime, the understanding that identity theft in an online world can ruin people’s lives and subvert societies, and the shock-wave of the pandemic that drove all processes out of branches and paper-processing offices and made people’s couches the centres of their world. All of this is changing the world astonishingly fast.

What’s your biggest pet peeve?

Slovenly writing and the curse of the spell corrector! It’s instead of its. Your instead of you’re. “Could of” instead of “could have”. “May have” instead of “might have”. “Incredibly” instead of “very”. English is such a beautiful, subtle, finely tuned language, whose grammar I am old enough to have still been taught. I hear its cries when it’s tortured.

GlobalData is the parent company of Verdict and its sister publications.