Lock

As more and more areas of our lives move online and onto mobile, the need to verify identity and prevent unauthorized access increases exponentially. As countless corporate hacks and successful social engineering scams have demonstrated, passwords alone are woefully inadequate in this regard. Short of biometrics, which are costly and often impractical, text message-based two factor authentication is among the best options available to know who’s at the other end of a login.

Tyntec is one of the global leaders in this category, having powered the functionality for hundreds of tech, financial services, and defense industry clients worldwide. Today, the company is announcing its first implementation in the rapidly growing and increasingly sensitive category of real money gaming. GameDuell, a cross-platform casual game developer and publisher, will soon begin requiring that its 80 million global users login with SMS verification.

GameDuell offers its more than 70 games in seven languages across the US, UK, France, Netherlands, Sweden, Denmark, Germany, and Austria. One of the keys to the tyntec partnership, therefore, is that it is one of the few companies in its category to offer support in multiple countries, not to mention continents.

Unlike most of its competition, tyntec is not an SMS aggregator which relies on mobile carriers to deliver its messages. Rather, the company has partnered with 50 global operators to install its own hardware gateways on their network. As a result, it can ensure secure and timely delivery of messages to more than 90 percent of global mobile phone users.

With the implementation of two factor authentication, GameDuell users will be asked to enter their mobile phone number to verify their identity when paying to uploading new in-game credits.

Tyntec was founded in Munich in 2002, but has expanded since to a global team of 150 operating in San Francisco, London, and Singapore. The company was bootstrapped for its initial two years until reaching profitability, but has since raised two venture rounds of undisclosed size from Boston fund of funds HarbourvVest Partners and Paris-based telecom growth investor Iris Capital. The company continues to operate profitably and is unlikely to raise further capital, according to co-founder and CTO Thorsten Trapp.

Companies use tyntec’s SMS products, not only for identity verification, but also for simple notifications like calendar alerts. The company sent over 3 billion messages last year on behalf of its more than 500 customers. Tyntec is not without competition including from mBlox, Clickatell, SAP, Twilio, Ericsson, Sybase, and many others. That said, few of these challengers have the reach or the owned-infrastructure of the German company.

Despite the popularity, Trapp admits that SMS has a limited lifespan. The category has seen significant margin compression over the last five years – coinciding with rise of smartphones and messaging apps – and many carriers are growing weary of the competition from over-the-top services.

Recognizing this shift, in May 2002 tynted introduced tt.One, a product that assigns unique mobile phone numbers to internet communications platforms like VOIP and social networks, enabling these non-telephone services to support two-way voice, SMS, and data transfer. The company is also expanding into the number portability market, including through a partnership with NeuStar in the US.

Regulatory concerns have been a big driver of two-factor authentication business for tyntec. In Europe in particular, operators in financial services and other sensitive sectors are obligated to “know their customer,” before granting access to privileged information. Trapp predicts that this requirement will quickly extend to additional markets, both geographic and in terms of industry. Today’s entry into the gaming sector is likely a harbinger of things to come.

With a growing roster of high profile clients and the breadth of infrastructure to support them, tyntec appears well-positioned to capitalize on the increasing need for online identity verification. That is unless the bad guys stop trying to exploit companies and people.