As it launches its highly secure VeroCard multi-factor authentication device after years of development, Australian cybersecurity firm VeroGuard Systems is on track to create hundreds of new security and engineering jobs in Adelaide and Melbourne by 2023.
The firm – which emerged from Adelaide’s Defence-heavy innovation sector and now enjoys a strategic partnership with the CSIRO and a global partnership with Microsoft – has spent 17 years refining the technology behind its newly launched VeroCard.
Described as a ‘personal high security card’, Verocard is a handheld digital wallet that offers, among other things, strong enough security that it can be used for everything from a tamper-proof digital ID to a fully fledged EFTPOS terminal.
Backed by recent certification to Payment Card Industry (PCI) Pin Transaction Security (PTS) standards, the device – which functions as a rugged ‘black box’ hardware security module (HSM) – has been designed to provide non-repudiable authentication to all manner of online services.
Its robust design caught the attention of Microsoft, with which VeroGuard chairman and CEO H. Daniel Elbaum said the company is “engaged in signing a contract to secure Office 365”.
That deal will provide more than 1.56 billion Office users with access to what Elbaum called “the first PIN-based FIDO2 device… if you are migrating all of your ID management into the cloud, you can get one of those.”
VeroCard’s use cases had gotten a significant shot in the arm through the COVID-19 pandemic, Elbaum told Information Age, with companies increasingly worried about maintaining the security of key information as employees log on remotely.
Australian consumers and businesses have become increasingly concerned about privacy and security, with a recent Office of the Australian Information Commissioner (OAIC) report finding data privacy is now the top consideration when choosing digital services – and that 26 per cent of Australians don’t trust companies to protect their data.
Providing a high-security way to tighten control over access to those services “is a clever way to give confidence to the public,” Elbaum explained, “and to companies that are afraid. Now that everybody works from home, they want to make sure nobody else can log into their corporate systems.”
The technology would also be a leveller for small businesses “who have nothing in the market,” he added.
“If you go to BHP, of course they have everything secure – and they paid millions of dollars for this – but if you’re a small business, how are you going to secure yourself? Everybody identifies SMEs’ migration into the cyber market as almost impossibly difficult.”
Making security innovation pay
The Microsoft deal is a strategic coup for VeroGuard and for Elbaum, who as founder of Dynamic Data Systems – whose staff were eventually subsumed into VeroGuard Systems – developed the world’s first mobile EFTPOS system in 1993 and worked with Australia’s Big Four banks to introduce it.
Elbaum understood the Internet’s potential to scale secure transaction networks years ago, and worked to bring VeroGuard’s HSMs online in a “uniquely bizarre” effort that would leverage hosted .NET infrastructure to support massive transaction volumes.
Seventeen years after his initial revelations – and on the back of $110m in investment – Elbaum said that the integration of similar levels of security and functionality into a small form-factor, PIN-driven device marked a significant step forward.
VeroGuard’s partnership with CSIRO has given the company access to its cloud-based TrustStore technology, which allows the system to split data packets across multiple servers in a way that provides what the company called “an ultra-secure ecosystem of trusted members for sharing, transacting, communicating and using data”.
That ecosystem supports VeroGuard products including VeroMod, VeroVault and VeroVision – and now enables the new VeroCard solution, which CSIRO Data61 director John Whittle called “a unique sovereign security platform [enabling] the protection of Australian businesses and infrastructure like never before.”
“This is a fantastic example,” Whittle said, “of how our national science agency partners with industry to deliver real-world solutions with the potential to create jobs.”
Just how many jobs? By the end of 2022, Elbaum says, the company will grow from its current staff of 50 – 20 in its Adelaide manufacturing hub and 30 in its Melbourne development centre – to 176 total staff.
By the end of 2023, this will have grown to “close to 500” people, he adds, as expected surging demand and an expanding product pipeline drive the company to actively recruit banking, cybersecurity, defence, and payment specialists as well as technical experts such as .NET architects and software engineers.
VeroGuard’s commitment to Adelaide has been public record for several years, but increasing investment in the city’s innovation infrastructure – including its selection as the base for the Australian Space Agency (ASA) and related industries – drove it to this year re-commit $57.5m for a high-tech manufacturing site in Adelaide’s northern suburbs.