Salesforce buys mobile 2-factor authentication start-up, adds its tools to cloud platform

Austin-based Toopher uses smartphone's location-awareness features to fight off fraudsters

Salesforce.com Wednesday added mobile-based two-factor authentication to its stable of identity and access control technologies with the acquisition of Toopher, a start-up born from the Austin (Texas) Technology Incubator.

Toopher, which immediately stopped selling its products after the announcement, uses a smartphone's location-awareness capabilities to provide two-factor authentication. The capabilities will be folded into Salesforce's cloud platform, according to a statement left behind on the now barren Toopher Web site. Terms of the deal were not announced.

Toopher counts LastPass, MailChimp, and the universities of Oklahoma and Texas as its customers.

Read this

Salesforce.com signs up open source ForgeRock's identity tech

A development partnership between the two firms means Salesforce.com's new identity service uses ForgeRock's single sign-on management software.

Read More

Salesforce over the past few years has been building out a collection of identity and access management tools. In October, Salesforce unveiled Login Flows, a new option added in the Winter 15 release of Salesforce.com that allows developers to customize logins by invoking additional business processes. In addition, Salesforce.com was active in the development of OpenID Connect, an authentication protocol used across SaaS, mobile apps, enterprise and other resources. The company also was active in developing the OAuth standard from the Internet Engineering Task Force (IETF).

"Saleforce's acquisition of Toopher's modern authentication capabilities makes sense when considering the fast-growing Identity Management as a Service (IDaaS) market," said Mark Diodati, research vice president at Gartner. "These capabilities are considered 'table stakes', so having them will enhance Salesforce's competitive capabilities."

In the Toopher model, when an authentication request comes from a new or unrecognized location, the user receives a notification from the Toopher app with the details of the request. The user can then approve or deny the authentication.

A letter, which is now the entirety of the Toopher.com domain said, "we are thrilled to join Salesforce, where we'll work on delivering the Toopher vision on a much larger scale as part of the world's #1 Cloud Platform." The note then thanked the company's users and clients, adding, "Even though we will no longer sell our current product, our commitment to your security remains steadfast (as does our love for breakfast tacos)."

Toopher was founded in 2011 by University of Texas PhD student Evan Grim, who became CTO, and one of the school's adjunct professors of finance, Josh Alexander, who served as CEO. Toopher was funded by Alsop Louie.

Watch here for an explanation and demonstration of Toopher's capabilities.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All