mSIGNIA is a software cybersecurity company specializing in client APIs (cAPI) and universal SDKs (uSDKs). cAPI and uSDKs manage, collect, and pass identity data and user input to cloud services to authenticate the user and protect payment transactions like those defined in standards such as EMV 3DS + SRC, FIDO, and the W3C. mSIGNIA’s cAPI allows Trusted Third Parties (TTPs) to collect the data required for multi-factor authentication in compliance with PSD2 SCA, FIDO, and proprietary authentication methods like behavioral and digital biometrics.
If ‘Data is the economy’s New Oil’, then mSIGNIA’s cAPI and uSDKs are the wells and pipelines which provide security data from the Internet of Things to the Cloud.
mSIGNIA’s product is compliant with EMV 3DS, PSD2 SCA, W3C, and FIDO. mSIGNIA sells product to the entire payment ecosystem, including merchants, payment service providers, acquirers, payment networks, issuers, delegated authenticators, reliant parties, risk scoring engines, and even other 3DS vendors. mSIGNIA’s cAPI + uSDK enabled products enhance EMV 3DS with improved data transparency, better risk data collection, and mobile-first design.
mSIGNIA is privately and strategically held with 3 of the top 4 investors being large, international financial institutions. Nearly half of mSIGNIA’s investors have invested multiple times throughout the life of the company.
mSIGNIA is headquartered in Irvine, California with product development teams in the US and Europe. Back to Top
mSIGNIA, co-founded by Paul Miller and George Tuvell, has grown to be an expert team dedicated to enhancing standardized payment products for EMV 3DS, PSD2 SCA, W3C, FIDO, and other global security standards.
Paul Miller – Paul has been in security since 1993 and mobile security since 1999. His prior experiences include leading global mobile security efforts at Symantec®, Gemplus® (now Thales®) and GTE Cybertrust® as well as innovative startups in the US and Switzerland. He has served on numerous industry boards including Radicchio® (the first ever mobile security consortium), Liberty Alliance® (the first identity consortium), EMVCo®, the Global Chipcard Alliance® and he served as the only US national on a European Commission project on trusted transaction roaming. He is inventor on over 20 security related patents.
George Tuvell – George’s entire career – since 1999 – has been in mobile security. mSIGNIA is George’s 3rd mobile security startup. His prior startup, SMobile Systems®, was a global innovator in operator-grade mobile security solutions for large customers including AT&T®, Sybase®, Vodafone®, Nokia®, and VeriSign®; Juniper Networks® bought SMobile in 2010. He has worked with security industry associations including the Messaging Anti-Abuse Working Group®, Mobile Anti-Virus Research Association®, Oceanos® and EMVCo. He is inventor on about 30 mobile and security related patents.
Joe Hurley – Joe joined mSIGNIA’s board and operational team after retiring from Discover Financial Services®, where Joe was SVP and Head of Global Business Development and held various other leadership positions. Joe led Discover’s investment in mSIGNIA with past responsibilities including strategic business relationships, global network alliances, merger and acquisition opportunities such as leading the team for the PULSE ATM-Debit Network® and Diners Club®, and other strategic networks initiatives. Joe has sat on several boards including various Diners Club franchises and the Electronic Funds Transfer Association®.
mSIGNIA’s founders have specialized in mobile security since 1999; leading mobile security efforts worldwide for Symantec®, GTE Cybertrust®, Gemplus®, and various start-ups. They helped define “Mobile-First” as a buzzword and continue innovating at the internet’s edge through Client APIs and Universal SDKs.
Mobile continues to be a game changer: the device is so personal it literally puts you online. No longer does a user have to go to a PC and login; users are now always connected. Mobile has converged the physical and digital worlds which – ultimately – will yield a single, Secure Connected Commerce payment experience.
mSIGNIA was founded because mobile changed everything… but security failed to change with it. mSIGNIA was the first company to provide iOS and Android security SDKs that are integrated into a mobile app… providing security from within the app. This caused mSIGNIA to quickly realize SDKs distributed in 3rd-party apps must be flexible and well managed… they must be Universal SDKs managed by a Client API server.
Security now requires a mobile-first design. Security now requires the experience of mSIGNIA.
mSIGNIA’s patent-pending cAPI and uSDKs enable the payment ecosystem to thrive in the mobile environment… rather than be limited by it. Follow the links to learn more about the balance between merchant payment and trusted third parties who secure the transaction. Back to Top
Ensuring a user’s privacy is critical to consumer trust and global compliancy laws. mSIGNIA’s privacy professionals have a long history of privacy policy and are members of the IAPP.
mSIGNIA’s multi-party cAPI interface to the client world of the Internet of Things, provides trusted third parties a method for transparently declaring to merchants and consumers the risk-related data I/O they request. Banks and merchants can control which data is collected and passed according to international privacy laws and ecosystem rules.
With web payments, mSIGNIA’s cAPI enables issuer data I/O to be reliably performed through the merchant connection as 1st party data exchanges; the need for 3rd party cookies is eliminated.
With cAPI and uSDK enabled payments, merchants control the data permissions their clients request, and users can individually approve the requests to allow data access. cAPI extends good privacy practice and data transparency by limiting the number of off-device, third-party connections initiated by a client.
ven after a user gives their consent to access their data, mSIGNIA’s patented Digital Biometrics products take great care to anonymize any personal identifiable data allowable before it is sent off the device through various fuzzing and hashing techniques. These techniques ensure PII is not stored on web servers and the anonymization of identifiers prevents multiple web services from colluding to create a cross-indexing of a user or their device. Back to Top
mSIGNIA has about 20 international patents, either issued or pending, that define mSIGNIA’s inventions in Digital Biometrics, Dynamic Key Cryptography, and Client API / SDK Management.
mSIGNIA’s Digital Biometrics US patent # 9,559,852 was part of IP litigation where in May 2018 the Patent Trial and Appeal Board rejected an attack attempting to invalidate the Digital Biometric patent. mSIGNIA Digital Biometric inventions use Data Analytics (machine learning, AI, etc.) to identify users and devices by anticipating how their data on the device changes.
The Client API (cAPI) which enable mSIGNIA’s universal SDK (uSDK) to be remotely configured by Trusted Third Parties to perform various functions like storing 3rd party data at the client, collecting custom data from the device, and prompting for device functionality like capturing a fingerprint are embodied in mSIGNIA’s Client/SDK Management US provisional patent #US20200250342A1.
mSIGNIA’s patent issued portfolio includes US patent numbers 8817984, 9294448, 9559852, 9722804, 9979707, 10178076 and international patent numbers 6095691 (Japan), 6489328 (Japan), HK1204719 (Hong Kong), and EP2810401B1 (Europe). Back to Top
mSIGNIA Headquarters
9891 Irvine Center Dr, Suite 200
Irvine, CA 92618-4320 USA