Subscribe to the Crunchbase Daily
Tech industry heavyweights James “Jim” Clark and Tom “TJ” Jermoluk teamed up last year to come up with a company that would eliminate passwords “and radically change the way the world logs in, without requiring organizations to radically change their technology stack or processes.”
But before we get too deep into the technology, let’s first shed some light on the duo’s illustrious careers in tech. Clark founded several highly successful companies, including Silicon Graphics (which went public and was acquired by Hewlett-Packard Enterprise in 2016 for $275 million). Clark also founded Netscape (which also went public before being acquired by AOL in 1998 for $10.2 billion, a staggering amount for these days much less at that time) with a16z co-founder Marc Andreessen.
Jermoluk, besides once serving as general partner of storied venture firm Kleiner Perkins, also at one time served as president and COO of Silicon Graphics.
The New York-based company’s self-described mission is to help enterprises, and eventually consumers, replace passwords “with fundamentally secure X.509-based certificates” via a SaaS (software-as-a-service) offering.
Clark serves as Beyond Identity’s chairman and Jermoluk as its CEO. Jasson Casey, also a co-founder, is the company’s CTO.
Prior to this round, Clark had funded the company on his own in the form of a convertible loan that converted at the Series A round. There was no outside seed investment.
NEA General Partner Forest Baskett knew Clark and Jermoluk from his own time at Silicon Graphics, where he once served as the company’s senior vice president of research and development and chief technology officer.
But before that, Baskett and Clark were colleagues years ago at Stanford University.
“He [Clark] came to see me with a project he thought could be a great fit at Stanford—I loved it and helped get him hired. He became an important part of a bigger research program I was running there,” Baskett recalls. “After he and a great group of graduate students proved out the project, he left Stanford to found Silicon Graphics to commercialize the project.”
A few years later, Clark convinced Baskett and Jermoluk to join Silicon Graphics as well, where the trio “worked closely together there for many years.”
When Clark came up with the idea for Beyond Identity in 2019, he called Baskett.
“We got together and talked about it several times. I came to understand the proposal and realized it was another great idea,” Baskett told Crunchbase News. “Jim wanted me and NEA to invest and TJ to be the CEO. He trusted me, he trusted NEA, he trusted TJ and he wanted to get it done.”
NEA also backed Silicon Graphics in its early days.
The premise behind Beyond Identity stems from a belief that not only have passwords historically been horrible to remember, but dangerous as well, said Baskett.
“Then Apple introduced Touch ID on the iPhone 5S along with the secure enclave inside to protect the fingerprint data that Touch ID enabled. Google then copied the concept and pushed it into the Android environment not long after Apple pushed it into the rest of the Apple environment,” Baskett explains.
Suddenly, there was a secure way to unlock your devices without passwords.
Clark figured out that the “secure enclave” could be programmed to be a personal “certificate authority” so that a device could interact with websites without passwords in the same way that websites interacted with each other with certificates, not passwords. This practice was pioneered by Netscape.
Beyond Identity is now making it “easy, practical and safe to adopt these personal certificate authorities as a comprehensive substitute for passwords,” said Baskett.
“This is huge in many dimensions. It’s truly a big idea,” he told Crunchbase News. “But it’s complicated to implement and requires many interfaces to be as widely useful as we want, something the sophisticated software team at Beyond Identity can do, and be paid for.”
A secure alternative
Beyond Identity has patents pending with the goal of creating an extended “Chain of Trust™” that includes user and device identity and a real-time snapshot of the device’s security posture “all in an immutable package that is signed by a provably secure certificate.”
What’s so cool about what the company is doing is that it claims to be delivering for the first time “a fundamentally secure solution (based on industry-standard certificate chains) for passwordless identity management that requires no changes to security infrastructures, completely removes login friction for end users, and provides consumers with a much more secure alternative to password managers.”
Basically, Beyond Identity is trying to “reboot” primary authentication by introducing the concept of personal certificate authority and self-signed certificates.
In an interview via Zoom, Jermoluk told me the company is excited about the idea of allowing users to be their own certificate authority, take control of their own security and “own their own identity.”
He said the founding team was surprised that no one had ever thought of it before.
“It’s like when you see a wheel. Once you see it, it’s obvious,” Jermoluk said. “And then it’s like, ‘why wouldn’t you do that?’”
Koch, NEA and a couple of “others” are already using the technology, in addition to Beyond Identity itself, he said.
The company has over 40 employees, the majority of whom were hired over the past six months and mostly by word of mouth, according to Jermoluk.
“All this time, we’ve been operating under our stealth name, and didn’t tell anyone who we are or have a website with anything more than our name on it,” he said. “But now we think it’s time to get the public aware of what we’re doing.”
The company’s goal is to target enterprises with 200 employees or more. Jermoluk points out that other startups, such as Okta, have done well in the mid-market. Ping has also been able to attract some larger Fortune 100 companies.
“We think there’s a big market opportunity there for us and have both of those markets in mind,” he said. “Eventually we want to go after the full consumer market, which we think will ultimately be a big market, even bigger than enterprise.”
For example, the company said it plans to target individual consumers who hate passwords, struggle with password vault usability and security, and don’t trust the “login with” solutions offered by companies who monetize user data.
Beyond Identity plans to use its new capital in part to expand its headcount, with the goal of almost doubling in size this year. It also plans to keep plugging away on projects already underway that are focused on the enterprise market.
Illustration: Li-Anne Dias