richard.chetwynd | June 29th, 2017
Today I’m really excited to announce that ThisData has joined forces with OneLogin. But before I jump into the reasons why this will be awesome for both our customers and the future of account security, I want to roll back and tell you about how we got here.
In early 2015 ThisData raised capital on a mission to help people protect their data. We discovered that over 90% of data loss was as a result of compromised user accounts, so we set about developing a system for determining how likely the current user of an app was actually who they say they are.
In the early days, we would simply track the known IP addresses, devices and browsers for a user, and produce a risk score for every login to an app. If we detected a high-risk login, we could send a webhook to our customers’ app to enable security automation, and also send end user notifications asking “was this you?”.
Over time we’ve come up with more sophisticated ways to identify a user, improve our accuracy, and make better use of the growing dataset of behavioral attributes. With more data available we’ve been able to run extensive machine learning experiments and, as a result, we’ve started to replace parts of our risk pipeline with the best performing algorithms.
Fast forward a couple of years, and we’re more obsessed than ever with solving a problem that seems to be continually getting worse. Password reuse attacks are at an all-time high, fuelled by the billions of user credentials that have been dumped online over the past few years.
So - why OneLogin? I realized that we need to grow faster and to increase our market reach we had a couple of options, including raising additional capital or finding a partner to help drive our growth. I had witnessed the meteoric growth of my previous company (Litmos.com) after we were acquired by CallidusCloud, who had more resources than us and a far greater reach.
We had been working closely with OneLogin for a number of months helping with adaptive authentication and improving user experience by only asking for one-time passwords on logins with elevated risk. OneLogin is a leader in a high-growth industry that can help millions of users protect their accounts and their data. The team was great to work with and shared our vision for helping users, so naturally it made sense to explore how a more formal relationship might work.
Move forward a few more months and here we are, incredibly excited about the future of our work and how we can help OneLogin offer safer more usable experiences to their customers.
So how will this affect ThisData customers? For you it’s business as usual, we will continue to develop and support our core APIs, and you can use the same channels to reach support and account management. We do plan on integrating our services more tightly with the rest of OneLogin so you may see some changes to UI but we will keep you updated on when and how this will happen.
For OneLogin customers, you can take advantage of ThisData’s technology by enabling adaptive authentication on your OneLogin account. You’re also more than welcome to sign up directly for a ThisData account if you want to add risk-based decision making or breach detection to your applications.
If you have any questions at all, please don’t hesitate to reach out. We’d love to hear more about your particular use case and share our experiences with adaptive authentication.