Xnspy stalkerware spied on thousands of iPhones and Android devices

A little-known phone monitoring app called Xnspy has stolen data from tens of thousands of iPhones and Android devices, the majority whose owners are unaware that their data has been compromised.

Xnspy is one of many so-called stalkerware apps sold under the guise of allowing a parent to monitor their child’s activities, but are explicitly marketed for spying on a spouse or domestic partner’s devices without their permission. Its website boasts, “to catch a cheating spouse, you need Xnspy on your side,” and, “Xnspy makes reporting and data extraction simple for you.”

Stalkerware apps, also known as spouseware, are surreptitiously planted by someone with physical access to a person’s phone, bypassing the on-device security protections, and are designed to stay hidden from home screens, which makes them difficult to detect. Once installed, these apps will silently and continually upload the contents of a person’s phone, including their call records, text messages, photos, browsing history, and precise location data, allowing the person who planted the app near complete access to their victim’s data.

But new findings show many stalkerware apps are riddled with security flaws and are exposing the data stolen from victims’ phones. Xnspy is no different.

Security researchers Vangelis Stykas and Felipe Solferini spent months decompiling several known stalkerware apps and analyzing the edges of the networks that the apps send data to. Their research, presented at BSides London this month, identified common and easy to find security flaws in several stalkerware families, including Xnspy, such as credentials and private keys left behind in the code by the developers and broken or nonexistent encryption. In some cases the flaws are exposing the victims’ stolen data, now sitting on someone else’s insecure servers.

During their research, Stykas and Solferini discovered clues and artifacts that identified the individuals behind each operation, but they declined to share details of the vulnerabilities with the stalkerware operators or publicly disclose details about the flaws for fear that doing so would benefit malicious hackers and further harm victims. Stykas and Solferini said that all of the flaws they found are easy to exploit and have likely existed for years.

Others have waded into murkier legal waters by exploiting those easy-to-find vulnerabilities with the apparent aim of exposing stalkerware operations as a form of vigilantism. A huge cache of internal data taken from the servers of TheTruthSpy stalkerware and its affiliate apps and given to TechCrunch earlier this year allowed us to notify thousands of victims whose devices were compromised.

Since our investigation into TheTruthSpy, TechCrunch has obtained further caches of stalkerware data, including from Xnspy, exposing their operations and the individuals who profit from the surveillance.

Xnspy advertises its phone monitoring app for spying on a person’s spouse or domestic partner. Image Credits: TechCrunch (screenshot)

Data seen by TechCrunch shows Xnspy has at least 60,000 victims dating back to 2014, including thousands of newer compromises recorded as recently as 2022. The majority of victims are Android owners, but Xnspy also has data taken from thousands of iPhones.

Many stalkerware apps are built for Android since it is easier to plant a malicious app than on an iPhone, which have tighter restrictions on which apps can be installed and what data can be accessed. Instead of planting a malicious app, stalkerware for iPhones tap into a device’s backup stored in Apple’s cloud storage service iCloud.

With a victim’s iCloud credentials, the stalkerware continually downloads the device’s most recent iCloud backup directly from Apple’s servers without the owner’s knowledge. iCloud backups contain the majority of a person’s device data, allowing the stalkerware to steal their messages, photos, and other information. Enabling two-factor authentication makes it far more difficult for malicious individuals to compromise a person’s online account.

The data we have seen contains over 10,000 unique iCloud email addresses and passwords used for accessing a victim’s cloud-stored data, though many of the iCloud accounts are connected to more than one device. Of that number, the data contains more than 6,600 authentication tokens, which had been actively used to exfiltrate victims’ device data from Apple’s cloud, though many had expired. Given the possibility of ongoing risk to victims, TechCrunch provided the list of compromised iCloud credentials to Apple before publication.

The Xnspy data we obtained was unencrypted. It also included information that further unmasked Xnspy’s developers.

Konext is a small development startup in Lahore, Pakistan, manned by a dozen employees, according to its LinkedIn page. The startup’s website says the startup specializes in “bespoke software for businesses that seek all-in-one solutions,” and claims to have built dozens of mobile apps and games.

What Konext doesn’t advertise is that it develops and maintains the Xnspy stalkerware.

The data seen by TechCrunch included a list of names, email addresses, and scrambled passwords registered exclusively to Konext developers and employees for accessing internal Xnspy systems.

The cache also includes Xnspy credentials for a third-party payments provider that are tied to the email address of Konext’s lead systems architect, according to his LinkedIn, and who is believed to be the principal developer behind the spyware operation. Other Konext developers used credit cards registered to their own home addresses in Lahore for testing the payment systems used for Xnspy and TrackMyFone, an Xnspy clone also developed by Konext.

Some of Konext’s employees are located in Cyprus, the data shows.

Konext, like other stalkerware developers, makes a concerted effort to conceal its activities and the identities of its developers from public view, likely to shield from the legal and reputational risks that come with facilitating covert surveillance on a massive scale. But coding mistakes left behind by Konext’s own developers further link its involvement in developing stalkerware.

TechCrunch found that Konext’s website is hosted on the same dedicated server as the website for TrackMyFone; and Serfolet, a Cyprus-based entity with a conspicuously barebones website, which Xnspy says processes refunds on behalf of its customers. No other websites are hosted on the server.

TechCrunch contacted Konext’s lead systems architect by email for comment, both to his Konext and Xnspy email addresses. Instead, a person named Sal, whose Konext email address was also in the data but declined to provide their full name, responded to our email. Sal did not dispute or deny the company’s links to Xnspy in a series of emails with TechCrunch, but declined to comment. When asked about the number of compromised devices, Sal appeared to confirm his company’s involvement, saying in one email that “the figures you quoted don’t match with what we have.” When asked for clarity, Sal did not elaborate.

Xnspy is the latest in a long list of flawed stalkerware apps: mSpy, Mobistealth, Flexispy, Family Orbit, KidsGuard, and TheTruthSpy have all exposed or compromised their victims’ data in recent years.

If you or someone you know needs help, the National Domestic Violence Hotline (1-800-799-7233) provides 24/7 free, confidential support to victims of domestic abuse and violence. If you are in an emergency situation, call 911. The Coalition Against Stalkerware also has resources if you think your phone has been compromised by spyware. You can contact this reporter on Signal and WhatsApp at +1 646-755-8849 or zack.whittaker@techcrunch.com by email.

Read more:

Inside TheTruthSpy, the stalkerware network spying on thousands
TheTruthSpy exposed: Check if your Android device was compromised
Your Android phone could have stalkerware, here’s how to remove it
KidsGuard stalkerware app leaked phone data from thousands of victims

Xnspy stalkerware spied on thousands of iPhones and Android devices by Zack Whittaker originally published on TechCrunch

Rivian and Mercedes ‘pause’ plans to produce electric commercial van

Rivian and Mercedes-Benz have paused plans to produce electric commercial vans in Europe just three months after the two automakers announced the partnership.

Rivian shares fell as much as 3.4% before rebounding slightly. Rivian shares are trading at $26.62, down 2.46% since the market opened.

Mathias Geisen, head of Mercedes-Benz Vans, said the collaboration with the Rivian team has been based on a common engineering passion and a strong spirit of partnership. “That’s why I respect and understand the decision of Rivian to prioritize the delivery of their consumer business and existing commercial business in the near-term,” he said in a statement.

Geisen added that the company’s electrification strategy at Mercedes-Benz Vans remains unchanged and the ramp-up plan for its new EV manufacturing site in Jawor, Poland is not affected.

Rivian founder and CEO RJ Scaringe said in a statement that as the company evaluates growth opportunities, it pursues the best risk-adjusted returns on its capital investments.

“At this point in time, we believe focusing on our consumer business, as well as our existing commercial business, represent the most attractive near-term opportunities to maximize value for Rivian,” he said.

For Rivian, that means sticking to North America, where it produces and sells its two consumer vehicles — the R1T truck and R1S SUV — as well as a commercial van for Amazon.

Last month, Rivian said in its third-quarter earnings report that it remained on track to hit its annual production target of 25,000 vehicles despite unpredictable supply chain crunches and component shortages.

Still, the company has had to pull back on other growth plans as macroeconomic headwinds persist and costs rise. Rivian said in its Q3 report it was delaying its next-generation R2 platform until at least 2026. With the Mercedes deal now paused and the R2 platform, all eyes will be on present-day problems and achievements like production and deliveries of its three existing vehicles, operations at its existing facilities and construction progress at its new factory in Georgia.

Rivian and Mercedes ‘pause’ plans to produce electric commercial van by Kirsten Korosec originally published on TechCrunch

Twitter begins rolling out its Community Notes feature globally

Twitter announced over the weekend that Community Notes are now visible around the world. Community Notes, which was previously known as Birdwatch, is the social media giant’s crowdsourced fact-checking system.

The feature allows users to add context to tweets and takes an open-source approach toward debunking misinformation. Moderators who are part of the program can add notes to tweets to add context and users can then vote if they determine the context to be helpful. Prior to this global expansion, Community Notes were only visible to users in the U.S. Twitter plans to add moderators from other regions soon.

Beginning today, Community Notes are visible around the world

— Community Notes (@CommunityNotes) December 11, 2022

“People everywhere can now see and rate notes, helping to ensure notes are helpful to those from a wide range of views,” Twitter said in a tweet about the global launch.

A few weeks ago, Community Notes received an update that the company claims will help to identify more “low quality” fact checks. As a result, more of the contributors who write these unhelpful annotations will lose their writing ability, Twitter said, requiring those users to earn back their “contributor” status. The algorithm change involves scoring notes where contributors explain why a tweet shouldn’t be deemed misleading.

Birdwatch rebranded to “Community Notes” shortly after Elon Musktook ownership of Twitter and is something the new CEO sees as key to the future of Twitter’s moderation, as he believes it “is a gamechanger for improving accuracy on Twitter.”The original idea behind Community Notes was to create a system that would add a layer of fact-checking and context to tweets that don’t necessarily violate Twitter’s rules. But in the Musk era, Community Notes may play an even larger role as Twitter now employs far fewer moderators following its layoffs.

The expanded visibility of Community Notes comes as Twitter officially brought back the Twitter Blue subscription. Web sign-ups will cost $8 per month and iOS sign ups will cost $11 per month for “access to subscriber-only features, including the blue checkmark,” per atweetfrom the company account.

Twitter begins rolling out its Community Notes feature globally by Aisha Malik originally published on TechCrunch

MessageGears, a cloud customer engagement platform, raises $62M

Dan Roy, a former software engineer at Delta, says he witnessed firsthand the challenges companies face when making the shift from an on-premises model to a software-as-a-service business. Accucast, where he served as CTO after leaving Delta, struggled with this as it pitched software and services for email marketing. The solution, he came to believe, was a hybrid approach — one that directly accesses brands’ first-party data instead of relying on cloud data syncs.

Roy founded MessageGears in 2011 with Taylor Jones, a colleague, to productize this solution. The company’s platform uses data where it lives in the format it’s already in to give companies a suite of marketing tools in the cloud.

“This approach was embraced by early adopters such as Expedia and Rakuten but really started to gain traction as more brands started moving first-party data to more modern cloud data warehouses such as BigQuery, Redshift and Snowflake,” CEO Roger Barnette told TechCrunch in an email interview. (In computing, a “data warehouse” is a system used for reporting and data analysis.) “The ‘old way’ of copying and syncing data between systems diluted the benefits of those solutions for big brands.”

MessageGears, which today announced that it raised $62 million in a funding round led by Long Ridge Equity Partners, offers features including customer segmentation and marketing message personalization. The platform can orchestrate the delivery of messages across different channels (think email and text), drawing on data stored in existing data warehouses.

According to Barnette, the goal is to improve overall customer engagement by personalizing brand experiences. It’s easier said than done. A recent report released by London Research and BlueVenn found that, globally, only 29% of client-facing companies felt they’d established a seamless experience across their digital properties. A separate poll by Omdia highlighted issues with data visibility; 55% of respondents said that silos prevent a holistic view of their customer experience data.

“While the primary users of MessageGears are marketing teams, marketing operations and data teams are usually heavy champions throughout the procurement process,” Barnette said. “Technical teams can help marketing deliver world-class campaigns without sacrificing data security. They don’t have to worry about syncing or lag time and can empower marketers with the flexibility to build audiences and campaigns using live data.”

Companies might be wary of having customer data passed through a third-party service like MessageGears, particularly in light of the global rise in data breaches. Barnette insisted that brands don’t have to copy any sensitive data to a separate silo, though, claiming that MessageGears only decrypts customer records for the purpose of fulfilling campaigns and to “suppress sensitive data” from the platform’s visual dashboards.

“All campaign filtering and segmentation executes within the customer’s data environment. Only data required to personalize a message is passed to our cloud environment,” Barnette added. “All personally identifiable information (PII) is encrypted both during transmission and at rest. Additionally, all PII and campaign data is redacted immediately following delivery.”

MessageGears competes with customer engagement software vendors including Batch, which last year raised $23 million to expand its services for customer segmentation and messaging. It has another rival in MoEngage, which landed a $30 million investment this past December for its multi-channel analytics and campaign-organizing tools. That’s not to mention Iterable, Cordial, Oracle Responsys, Adobe Campaign, Emarsys and Zeta Global.

It’s safe to say MessageGears has a foothold in the market, though, with an over-50-company customer base that includes Expedia, T-Mobile, Rakuten and Chick-fil-A. Barnette didn’t answer a question about MessageGears’ revenue and burn rate, and said that the startup doesn’t have plans to grow its 102-person workforce by the end of the year. But he asserted that the startup is positioned for growth.

“With the economic headwinds, tech companies especially are reducing their headcount and battening down the hatches, which will idle innovation,” Barnette said. “The pandemic accelerated growth for MessageGears as retailers and other consumer brands sped up and prioritized digital transformations and looked to become more efficient while standing out to their customers with relevant, personalized offers … MessageGears benefits enterprise brands in three ways: cost savings, efficiency gains, and [d]eeper personalization.”

Argentum Group and Atlanta Ventures also participated in MessageGears’ latest growth round, which brought the startup’s total raised to just over $80 million. As a part of the fundraising, Long Ridge’s Angad Singh joined MessageGears’ board of directors.

MessageGears, a cloud customer engagement platform, raises $62M by Kyle Wiggers originally published on TechCrunch

Vinfast takes the IPO path, TuSimple and Navistar break up and Rad Power Bikes makes its most important product yet

The Station is a weekly newsletter dedicated to all things transportation.Sign up here — just click The Station — to receive the full edition of the newsletter every weekend in your inbox. This is a shorter version of The Station newsletter that is emailed to subscribers. Want all the deals, news roundups and commentary? Subscribe forfree.

Welcome back to The Station, your central hub for all past, present and future means of moving people and packages from Point A to Point B.

The general mood is mixed from startup founders in the mobility sector. But one theme keeps popping up in my conversations with them. The need for a bit more time. Time for the economic uncertainty to settle out; time to land more funding; and more time for their existing runway.

Brodmann17 co-founder and CEO Adi Pinhas shared many of those sentiments with me this week. His company — a six-year computer vision technology startup based in Israel — shut down. “We just needed more time,” he said.

Interestingly, I didn’t hear a lot of this last week during the TC Sessions: Space event in Los Angeles. Investors struck a bullish tone and founders seemed more optimistic.

Why, dear reader, do you think there is such a striking difference?

On a far rosier note, Rad Power Bikes launched what I think might be its most important product: an electric assist trike.

I can see you rolling your eyes. But hear me out. The trike, which I tried, is super accessible to a wide swath of people who might not otherwise ride a two-wheeled bicycle. It’s easy to get on and off, is stable and surprising adept at sudden and sharp turns. It even goes in reverse.

Image Credits: Kirsten Korosec

The RadTrike, as it is branded, has been in the works for years. Actually it’s been on the mind of its founder Mike Radenbaugh since at least 2007 when a couple of customers asked for a bike that was stable, had a low standover height, power, could carry items and was easy to use. The RadTrike has a range of between 20 and 35 miles, a top speed of 14 miles per hour and can be used by anyone over 4 feet 10 inches tall.

“There’s this category of vehicle that is completely underserved in this country, which is light electric vehicles with a mobility and utility focus,” Randebaugh told me in a recent interview.

Got a news tip or inside information about a topic we covered? I’d love to hear from you. You can reach at kirsten.korosec@techcrunch.com to share thoughts, criticisms, opinions or tips. Or you can drop us a note at tips@techcrunch.com. If you prefer to remain anonymous, click here to contact us, which includes SecureDrop (instructions here) and various encrypted messaging apps.

Micromobbin’

Taur co-founder Carson Brown is the latest founder to chat with me for my ongoing series over at TC+. If you’re unfamiliar, Taur is the e-scooter company daring to be different with a front-facing scooter. We talked about why Taur’s scooters are designed to make people feel comfortable riding on the road (even when there are no bike lanes), why scooter ownership will far outpace shared scooters and how to use design to get people to adapt their mindsets and adopt scooters for daily use.

Berlin Senate’s Transport Administration has voted to allow cyclists and e-scooter riders to park for free in car parking spaces in a move to tackle improperly parked light electric vehicles. The rule goes into effect January 1.

Biomega, a Danish e-bike company, has come up with a “weightless trailer” to attach to your bike. It has a 250W motor and a battery with a 52 to 93 mile range that makes towing cargo or kids much easier.

European Bolt partnered with Drover AI to bring tech that detects and corrects sidewalk riding to e-scooters.

Dott is using virtual reality to test scooter sounds that will alert other road users to scooters without causing noise pollution.

Hived founder Murvah Iqbal talked to Micromobility Industries about why micromobility is great for last mile logistics.

Ola Electric CEO Bhavish Agarwal predicts nearly 100% of India’s two-wheeler market will shift to EVs in three years.

RideUp has launched a network of cycle centers offering bike subscriptions across the UK.

Shared micromobility in the United States is almost back to pre-pandemic levels, according to the latest Shared Micromobility in the U.S report by the National Association of City Transportation Officials.

Tier-owned Spin has exited 10 U.S. markets due to low demand and an annoying combination of over-regulated and under-regulated markets. The departure has resulted in 30 layoffs.

Voi is cutting another 13% of staff, or 95 workers, on top of the 35 that were laid off last month.

Deal of the week

Apart of Mobileye and Porsche, the IPO arena has been a bit meh lately — at least in the mobility sector. But one more snuck in before the end of the year.

I’m talking about Vinfast, the Vietnamese electric vehicle maker founded in 2017.

The company, which filed for an initial public offering in the United States, has been making a massive and aggressive push into this market. I can’t predict whether an IPO will speed up the process; it will certainly give the company more visibility.

The EV startup has been pursuing the U.S. market, most recently with a showcase offour SUVspresented at the LA Auto Show. Over the summer, VinFast received$1.2 billion in incentives to build a factory in North Carolina, where the automaker hopes to begin building cars by July 2024.

Other deals that got my attention …

Bumper, the UK-based car repairs payment platform, raised £26.1 million ($30 million) in investment from its Series A extension round with participation from Autotech Ventures, InMotion Ventures, ITOCHU and Revo Capital. As part of the Series A extension round, a new debt facility was agreed with Secure Trust Bank Commercial Finance worth £20 million ($23 million), with the additional investment coming in the form of equity.

Carvana’s troubles seem to be mounting, which is crushing its stock price. Some of its largest creditors including Apollo Global Management Inc. and Pacific Investment Management Co. (which hold around $4 billion in unsecured debt) signed a pact binding them to act together in negotiations with the online used-vehicle retailer.

Customcells raised a €60 million in a Series A round led by World Fund to advance its cell technology that’s focused on aviation. Abacon Capital, Vsquared Ventures and Porsche also chipped in.

Einride raised $500 million in equity and debt financing. The equity-based $200 million Series C portion came from backers including Northzone, EQT Ventures, Temasek, Swedish pension fund AMF, Polar Structure and Norrsken VC. The Swedish company also secured $300 million in debt funding led by Barclays Europe.

FreeWire Technologies, the EV charging station and energy management solutions company, acquired Mobilyze.ai, which developed an EV charging analytics and prediction software platform. Financial terms were not disclosed. As part of the acquisition, Mobilyze.ai’s founders, David Keith and James Long, are joining FreeWire’s product management team.

Helbiz scored another $5 million from Yorkville Advisors Global, but its stock is still in the $0.20 range.

Kodiak Robotics won a $49.9 million two-year contract from the the U.S. Department of Defense to help the Army automate future ground vehicles to conduct high-risk missions like reconnaissance and surveillance. Kodiak beat out 33 other companies to win the contract to develop, test and deploy autonomous software that can navigate complex, off-road terrain, diverse operational conditions and GPS-challenged environments.

Moove, a Nigerian mobility fintech startup, has raised $30 million to fund its expansion to UAE.

Onomotion, a German-based startup, raised 21 million euro to expand its e-cargo bike urban logistics business across Europe and the US.

Sonatus raised $75 million in a round led by Foxconn. The company wants to expand its software-defined vehicle tech into new markets. Sonatus’ platform is already in production in Hyundai, Kia and Genesis vehicles.

Notable reads and other tidbits

Autonomous vehicles

Perhaps one of the biggest AV news items this week (at least in my view) was the breakup between TuSimple and truck manufacturer Navistar.

The move to end the partnership comes less than a month after Cheng Lu returned to his role as CEO of TuSimple after previously being ousted. Lu returned after the company board fired co-founder Xiaodi Hou following an internal probe that showed certain employees having ties and sharing information with Hydron, a China-backed hydrogen-powered trucking company. Hou and co-founder Mo Chen then fired the board.

Uber and Motionallaunched a robotaxi service in Las Vegas — the first step in the companies’ 10-year plan to co-scale across major North American cities. While Motional has already launched similar services in Las Vegas on both the Lyft and Via networks, this is Uber’s first time offering autonomous rides (with a human safety operator behind the wheel, for now) to the public.

Electric vehicles, batteries & charging

American Battery Factory received the OK from city officials to locate its first plant in Tucson, Arizona. ABF says it will pump around $1.2 billion into the facility, claiming it will be the “country’s largest gigafactory” for lithium-iron phosphate (LFP) battery cells when it’s completed, with a footprint of about 2 million square feet.

BrightDrop, General Motors’ electric delivery van subsidiary, added DHL Express Canada to its portfolio of customers, marking the company’s entrance into its first international market.

GM said Canadian EV charging company Flo will provide the 40,000 Level 2 chargers it plans to install in communities (with help from its dealership network) across the U.S. and Canada. GM will cover the cost of the chargers and shipping, while dealerships will pay for things like cable management, maintenance and warranties.

GM workers at a battery plant in northeast Ohio voted in favor of representation with the United Auto Workers.

Sono Motors co-founders Jona Christians and Laurin Hahn are making a last-ditch effort to keep its Sion solar EV program alive. The publicly traded company has launched a 50-day campaign called #saveSion.

Weiming Soh, the Singaporean auto veteran who’s the current CEO of Renault China, is planning to build super-premium EVs that can monitor the health of its passengers.

Gig economy

Uber agreed to a $10 million settlement with the City of Chicago for listing local restaurants in the Uber Eats and Postmates food delivery apps without the restaurants’ consent, as well as for charging excess commission fees.

Miscellaneous

Google plans to combine the teams working on its Maps product and on Waze, a mapping service that Google acquired in 2013. Waze’s team of 500 employees will fall under Google’s Geo organization, which oversees Maps, Earth and Street View, starting Friday. Neha Parikh, Waze’s current CEO, will leave her role.

Navier, the electric leisure boat startup, managed to bring its concept hydrofoiling watercraft into reality, and has opened preorders.

Tesla plans to add a new radar product to its vehicles in mid-January, according to documents posted with the Federal Communications Commission.

Volkswagen Group CEO Oliver Blume will outline a new software and vehicle platform strategy to the automaker’s supervisory board on Dec. 15.

Vinfast takes the IPO path, TuSimple and Navistar break up and Rad Power Bikes makes its most important product yet by Kirsten Korosec originally published on TechCrunch

Using the blockchain to enhance KYC processes for web3 businesses

There’s no way for blockchain-based businesses, financial service providers or banks to bypass Know Your Customer (KYC) processes. But existing KYC solutions that have been developed over the years, such as manual and online identity verification, video and biometrics, have their drawbacks, including a high risk of error and effort duplication.

With the advent of blockchain technologies, companies are realizing that there are better, more efficient KYC solutions that let them avoid having to collect and store personal information.

Not your run-of-the-mill KYC solution

As blockchain technology matures, many people are looking toward decentralized identity or self-sovereign identity as an ideal — people will gain control over their digital identities and they’ll avoid having to provide excessive, unwarranted information.

Mechanisms already exist to help us reach that ideal. In web3, physical assets will eventually be owned by someone, but a digital-only relationship between the buyer and seller won’t suffice. There must also be a physical relationship so that a buyer has legal recourse to get this physical asset — a complexity most people are glossing over.

Select a provider that is transparent about what they do with their data and confirm that they’re doing all the checks you need.

That’s where blockchain can be used to improve on traditional KYC providers. Typical KYC processes require people to upload their proof of identity to a verifier. However, businesses working toward becoming more decentralized shouldn’t need this extent of information, nor should they require custody of a person’s tokens. Businesses must be able to simply and credibly confirm that an account or digital wallet interacting with them has been verified.

There are a multitude of off-chain KYC solutions that come with different capabilities and price points. The difference comes down to what level of detail and scale a company needs. The major downside of all these operations is the storage requirement from a regulatory perspective. Often, KYC and AML (anti-money laundering) details have to be stored for a certain time period to meet reporting standards and in case there are irregularities. This presents a major weakness in the system, as a company’s customer data is stored by multiple parties whose cybersecurity mechanisms may vary in effectiveness.

Using the blockchain to enhance KYC processes for web3 businesses by Ram Iyer originally published on TechCrunch

Nillion raises over $20 million to build new web3 infrastructure

Nillion, a web3 startup aiming to build a non-blockchain decentralized network, closed an oversubscribed round of more than $20 million, the company exclusively told TechCrunch.

“Nillion is a deep technology infrastructure project,” Andrew Yeoh, the company’s founding chief marketing officer, told TechCrunch. “While blockchains decentralize finance, Nillion aims to decentralize everything else and the rest of data.”

The startup aims to provide a new internet infrastructure for securing storage and data computation. “Companies and competitors can collaborate without passing on key information,” Yeoh said.

Its decentralized network utilizes Nil Message Compute (NMC), a mathematical development that was created by the team’s chief scientist, Miguel de Vega. (In its white paper, the company calls NMC a “new cryptographic primitive,” which translates loosely to “new way of storing and securing stuff.”)

While Nillion’s model is not blockchain-based, it does have a decentralized component to it, meaning that it falls under the larger web3 banner by TechCrunch’s reckoning. It can be thought of as a way to provide decentralized computing power, more generally; the group’s early writings indicate that it will have a token in the future.

“Nillion allows for very fast computations of secured data and storage of that data that you can’t do with the blockchain,” Yeoh said. “We look at it as opening up an entirely new universe of web3 use cases that expands the ecosystem significantly.”

The startup was founded in November 2021 and has bootstrapped operations up until this point, with over 40 employees and no prior funding. The founders include ex-Uber, Indiegogo and Hedera Hashgraph employees, as well as executives from Coinbase and Nike.

The round was led by Distributed Global. Other investors include AU21, Big Brain Holdings, Chapter One, GSR, HashKey, OP Crypto and SALT Fund. There were over 150 investors who participated in the raise, in a “conscious decision” to prevent concentrated ownership, Nillion CEO Alex Page said in a statement.

“We were at a position where we could have internally funded this for decades, but we wanted to bring in strong strategic investors and a pool of people that could help this thing grow a lot,” Yeoh said. “We were able to raise a fairly significant amount of money in the middle of a bear market. Most of our checks and commitment came in after FTX, which is interesting, and we did it without a deck, which is also interesting.”

In the wake of the crypto bear market and the FTX collapse, Yeoh believes this capital raise points to the industry’s interest in web3 infrastructure and real use cases. “We’re building infrastructure that is inevitable. There’s no way web3 or anything hits the mainstream if they can’t handle private data.”

The capital will be put toward building technology on the network and hiring engineering talent, Yeoh said. To date, Nillion has signed over 30 letters of intent, he added.

“We’ve spoken to decentralized exchanges and applications as well as a couple layer 1 [blockchains] that are interested in handling private data on the blockchains,” Yeoh said. “On the Web2 side, we’ve spoken to AI machine learning companies, invited to speak at Amazon and interestingly enough, we’ve gotten a number of outreach from legal and healthcare companies because they deal with a lot of sensitive data.”

In the short term, Nillion plans on focusing on building out and supporting real use cases while launching its network alongside its initial suite of products.

“It’s like having an iPhone in 2007, which was amazing but only really had the camera app, mail app and messaging app,” at the time, Yeoh said.

In two weeks, the startup will have an end-to-end prototype. In 2023, it will turn into a public network and be launched by the end of next year, Yeoh shared. The long-term plan is to “not lose sight” of its mission to solve societal problems and build use cases.

Nillion raises over $20 million to build new web3 infrastructure by Jacquelyn Melinek originally published on TechCrunch

Thoma Bravo snags Coupa for $8B despite activist pressure to hold off for higher price

When news surfaced last week that activist investors were taking the unusual step of pressuring Coupa Software to not sell for less than $95 a share, it got our attention. You don’t normally see investors sending a letter asking a company to hold off on a sale. It’s typically the opposite.

But today, the company announced that Thoma Bravo was acquiring it for $8 billion. That works out to $81 a share, which still represents a 77% premium for shareholders, but well below what HMI Capital was asking for in a letter made public earlier this month.

The letter believed published rumors that another private equity company, Vista Equity Partners, was in the hunt to buy it, but in the end, Thoma Bravo was the buyer along with a wholly owned subsidiary of the Abu Dhabi Investment Authority (ADIA) also participating in the deal as a minority investor. Thoma Bravo has a long history of acquiring mature enterprise software companies and taking them private.

Coupa, which makes spend management software for large businesses, has been having a rough year in the stock market, like many SaaS companies, feeling the wrath of investors looking for profit over growth. The company’s stock price was down 64% year-to-date and was down over 2.5% in pre-trading, suggesting that perhaps investors aren’t happy with the deal.

Company CEO Rob Bernshteyn put a happy face on the deal as you would expect, saying that customers can expect a similar level of service, regardless of who the owner is signing the checks.

Roger Siboni, Coupa’s lead independent director said that the company took into consideration the current economic climate and decided it was a deal worth taking. “The Board evaluated the transaction against the company’s standalone prospects in the current macroeconomic climate and determined that the compelling and certain cash consideration in the transaction provides superior risk-adjusted value relative to the Company’s standalone prospects. The Board is unanimous in its belief this transaction is the optimal path forward and in the best interest of our shareholders,” he said in a statement.

While the board of directors has unanimously agreed to the terms, it should be interesting to see if the shareholders are as friendly to the deal when they meet early next year. It would seem that HMI Capital, which owns 4.8% of the Coupa stock, will lead the charge against the deal if the letter the firm published is any indication of its feelings about the company being undervalued at this price.

Should the deal pass muster with stockholders and regulators, it is expected to close in the first half of 2023. Surprisingly, given HMI’s letter, there is no go-shop provision with this deal, which would allow Coupa to keep looking for a better deal.

Thoma Bravo snags Coupa for $8B despite activist pressure to hold off for higher price by Ron Miller originally published on TechCrunch

How to implement a video SEO strategy

We all know that content is king when it comes to SEO. However, winning SEO strategies today demand more than just good textual content.

Good content today also includes video. A video SEO strategy is no longer optional to driving growth — it’s absolutely necessary.

So what’s an SEO strategist to do? How do you nail down a comprehensive strategy that will impress your boss and get results beyond your client’s expectations?

Video drives traffic and leads

Let’s get down to the basics for a second. Digital consumption is growing at an ever faster clip. People have access to more information than they ever did before, which has led to an inundation of content. Because content is plentiful, people don’t take that long to decide whether your content is worthy of their time.

One of the fastest ways to get people to notice your content is through video. In fact, the human brain processes images tens of thousands of times faster than text, and viewers retain 95% of a message when they watch it on video compared to 10% when reading it.

Users, and Google, expect more than just a keyword; they want an experience.

What’s more, studies have shown that video consumption is not just for entertainment and amusing pet videos — 84% of people say that they’ve been convinced to buy a product or service by watching a brand’s video. Not only is it effective as a marketing tool, it also drives traffic and leads — 86% of video marketers say video has increased traffic to their website. The primary source of that additional traffic is, of course, Google search.

Getting a sustained jump in web traffic is every SEO strategist’s dream, and video is no-brainer way to do it. Take a look at what happened when we placed high-quality, relevant videos on a client’s website:

Image Credits: Nuvolum

Why is video good for SEO?

These days, SEO is so much more than matching search queries to keywords on a page. Google aims to deliver content that best satisfies the user’s needs and considers the entire user experience. Google’s search quality evaluator guidelines place importance on the following when determining the quality of a website:

The purpose of a page.
E-A-T (expertise, authoritativeness and trustworthiness).
Main content.

Considering these points is essential to creating a good user experience with good content.

How to implement a video SEO strategy

The right video SEO strategy for you will largely be determined by the type of content you currently create for your user base. It’s worth taking the time to perform a content audit and determine the type of content you have. This can be the basis for your video content strategy.

This is also a great way to identify where you might have any gaps in your current strategy. Video can help fill that gap as well.

Watch out: A common mistake when implementing video SEO is creating a video that isn’t in line with your strategy at all. Instead, the video becomes something you do simply because you think you should. Whatever your growth goals, ensure the video(s) you create are a part of the greater strategy.

Different types of videos include:

How to implement a video SEO strategy by Ram Iyer originally published on TechCrunch

Playtika lays off 610 workers, shuts down three online gaming titles amid broader restructure

Playtika, the Israeli tech company that made its name with through a series of wildly successful online gambling and gaming titles with hundreds of millions of players, is leveling the latest swing of the layoffs pendulum. The company today has confirmed that it is laying of 15% of its staff. Playtika currently employs 4,100, so the redundancies will impact 615 people across the company’s global footprint in Europe, Israel and the U.S.

A memo sent to employees that TechCrunch has seen notes that three titles will also be sunset as it seeks to rationalize costs across the board. We understand that these will be ‘MergeStories,’ ‘DiceLife’ and ‘Ghost Detective’. We also understand that the company is also going to offer alternative roles to a proportion of employees impacted by the cuts. Playtika’s most popular titles, such as ‘Best Fiends’, have racked up at least 100 million users.

”Playtika’s success is rooted in our agility, efficiency, creativity and obsession with delivering the most fun forms of mobile entertainment to our players,” CEO Robert Antokol told TechCrunch in an email in response to questions about the cuts. “We consistently evaluate our strategic plans with attention to many factors, including the economic environment. We believe the structure announced today further leverages our core strengths of delivering superior in-game experiences and scaling mobile games to global franchises in continuation of growth. Saying goodbye to talented colleagues and friends is difficult. They will always be part of Playtika’s rich history and a foundation to our bright future as we build on our reputation as a technology and entertainment powerhouse.”

The layoffs have been the subject of rumors since last week in the Israeli press — although the actual figures are higher than the 500 number getting reported.

Playtika — publicly traded on Nasdaq — has been facing an especially tough year in what has been a hard time for the tech sector overall.

The company was one of the wave of businesses that went public last year, riding on the back of a huge surge in usage among pandemic consumers cooped up at home and staying out of in-person social situations.

In its IPO in June 2021, it debuted with a per-share price of $27 and a valuation of over $11 billion to raise nearly $1.9 billion, before climbing to a market cap of over $14 billion in its first day of trading.

But those figures have seen massive drops. Currently, its market cap (pre-market open on December 12) stands at $3.1 billion, with stock priced at $8.61/share as of market close on Friday.

The company also missed on earnings estimates in the last quarter. Although third-quarter revenues climbed slightly to $647.8 million versus $635.9 million in the same quarter a year ago, net income dropped to $68.2 million versus $80.5 million in Q3 2021.

And last week, one of its shareholders, Joffre Capital, pulled out of a deal to take a majority stake in the company after disputes over governance. Although this wasn’t cited in the memo sent to employees, that inevitably will have an impact on the company’s financial planning going forward.

It’s not game-over just yet, but online gaming is going to lose a lot of lives in the coming months.

Playtika itself had already cut 250 workers in May; Electronic Arts is reportedly looking for a buyer; Unity laid off around 200 people earlier this year, and some believe this is just the start.

More to come.

Playtika lays off 610 workers, shuts down three online gaming titles amid broader restructure by Ingrid Lunden originally published on TechCrunch

Pin It on Pinterest