Home Interviews “Multiple factor authentication can protect users from hacking attempts”

“Multiple factor authentication can protect users from hacking attempts”

Tarun Wig

Tarun Wig is a young entrepreneur with over a decade of industry experience. He’s the co-founder of Innefu Labs and his expertise lies in innovating cutting edge technologies to assist law enforcement agencies and protect users as well as organizations from cybersecurity attacks. He is a well-known and active participant in cybersecurity communities in India.

He’s also a co-founder and former director of a cybersecurity company he acquired in 2008. Innefu Labs is an AI-driven technology product company with capabilities in Data Analytics/Information Security/Video & Image Analytics.

In an exclusive interaction with CISO MAG’s Rudra Srinivas, Tarun Wig narrates his journey, the vision of the company, its product lineup, and ethics.

You have more than 12 years of experience in information security, working with government agencies and large corporates. You are also co-founder and former director of a cybersecurity company acquired in 2008. Tell us about your journey. What was your idea behind Innefu Labs? What’s your mission and vision for the company?

Innefu Labs started nine years ago with an idea to develop technology which could bring change into how organizations handle data. While most of the organizations in the country were focused on providing services, we wanted to focus on developing state-of-the-art products indigenously in the country. Out of this thought, Innefu was born:  an AI-driven company developing cutting edge technology to carry out Predictive Intelligence and Cyber Security solutions.

Idea: When we started up, we realized that there was no support system in place to help Government organizations for collaborating intelligence insights from different government departments. The government departments like Indian Army, Intelligence agencies, and Police departments have multiple data at their disposal, but not compiled together. We felt that this is what we needed to work upon and help to strengthen the governments, security agencies, large enterprises, and retails chains to become smarter and secure. Now, with our AI tools, we can collaborate and create a sensible database that could be used by all.

Mission:  To develop customer-oriented state-of-the-art technologies with exemplary support to ensure that we don’t have even one unhappy customer

Vision:  To make governments, security agencies, large enterprises & retail chains become smarter and secure.

The company started with a team of ten people working out of the living room of a house and today, it is more than 120 people strong with clients spread across three different continents. Today serves four out of the top 10 corporates in the country apart from serving some of the largest and most critical Law Enforcement and Intelligence organizations in South East Asia. We have a 120-member strong team spread across two locations in Delhi with a satellite office in Mumbai.

You have a large clientele from the Indian defense sector like DRDO, Indian Army, CRPF, among several others. These agencies witness a large amount of cyber espionage and state-sponsored attacks. Tell us how your company differentiates itself from other global information security that is already established in India?

Global security organizations are focused on very generic areas like cloud security, security devices, etc. We at Innefu are focused on niche and specific areas in defense, paramilitary and law enforcement agencies.

We help organizations carry out explorative investigations and predictive analytics using our analytical tools based on data from various sources like their own internal intelligence documents, their internal databases, open-source intelligence databases, by fusing these datasets together. Our tools help them arrive at actionable intelligence and insights.

Our understanding of the defense and law enforcement domain helps us focus on the needs of our customers. Hence our product caters to specific needs rather than a generic need.

Also, how do your Identity Verification products prevent external vectors from entering these heavily guarded defense environments, considering the fact that in most cases you are the ones guarding the entry to these forts?

Innefu’s AI Vision is an image and video analytics solution based on ML and AI models. The system takes live Feeds from CCTV cameras, traffic cameras, recorded video feeds or any other source. It analyzes video footage in real-time and detects abnormal activities on the user applied rules like Intrusion Detection, Person/Object Identification, etc. making the surveillance system more useful, efficient and reliable. The solution analyses the feed from CCTV cameras, recorded videos, and static images to automatically identify and raise alerts on missing children, identifying criminals, crowd formation, trespassing, breach, object identification, tailgating.

One of your AI tools was used to identify 3,000 missing children within four days. It was also identified as one of the first-ever deployment of AI tools for social welfare. Tell us how “AI Vision” was used here. How else can this tool be used to prevent cyber-attacks and cybercrimes?

Innefu’s Prophecy AI Vision is a state of art Facial Biometrics solution by optimized deep learning algorithms to identify or verify a person from a digital image or from a video feed. The process involves clicking a picture of a kid on the street and automatically matching it with a database of missing children, for real-time information and alerts.

How do you think security teams and public safety professionals will find Innefu Labs as beneficial and explore newer avenues of cybersecurity that have not been tapped?

We use AI in National security which is a unique field and we use our own analytical tools for carrying out predictive intelligence which helps in exploring newer avenues of cybersecurity.

Your Unified Authentication platform, AuthShield, integrates facial and thumbprint biometrics with standard 2FA solutions including push notifications, OTP’s, SMS and Email OTP’s, etc. Can you brief us on this platform?

AuthShield is a multifactor authentication solution for identity and application security. Since passwords have shortcomings, multiple factors of authentication can protect users from hacking attempts.

AuthShield authenticates and verifies the user based on:

  • Something only the user knows (User ID and Password)
  • Something only the user has (Smartphone/ Hard Token)
  • Something the user is (Biometrics)

AuthShield performs two-factor authentication through a secure randomly generated OTP or through One-touch authentication or biometrics. With thumbprint biometrics, the physical identity of the user is mapped to the server and increases the security. With one-touch (Push Notifications), OTP’s, the user’s identity is mapped to the registered devices and authenticates the user based on a unique challenge-response mechanism.

Anytime the user wishes to log in, the user receives a one-touch notification on their registered device. The one-touch notification follows a PKI encryption standard to ensure that the challenge sent to the user is encrypted in nature and can only be decrypted by the registered device of the user.

We have also read that your multifactor authentication even includes voice recognition. Do you think the current two-factor authentication systems are becoming outdated and are not up to speed with the emerging threat landscape? Do you also feel voice, facial, and fingerprint biometrics are where the industry should be headed?

The traditional two-factor authentication methods like OTP etc. have been around for a while but, due to the emerging threat landscape, the hackers are becoming smarter. Due to this, the industry is headed towards biometrics authentication in the form of voice, facial, fingerprint, iris, etc. because biometrics provides an advanced foolproof method of authentication when coupled with traditional methods.

Rudra Srinivas is part of the editorial team at CISO MAG and writes News, Features, and Interviews.