.jpg)
OwnID raises $6M to replace passwords with smartphone-based biometrics
The founders of OwnID, Dor Shany and Rooly Eliezerov, previously founded Gigya, a startup that wanted to make it easier to help identify customers. They sold that startup to SAP for $350 million in 2017, but the idea of making it easy to log into websites without friction was always in the back of their minds, and they launched OwnID last year to help solve that particular problem.
Shany explained that the founding team understood identity from their time at Gigya, and they wanted to create a company to make it as simple as possible to authenticate from a user perspective. Anyone who has forgotten a password knows how maddening this process can be.
Their idea was to move the process to your phone and take advantage of the phone’s built-in authentication system. “The phone is actually a two-factor authentication on its own because it’s something you have and biometric authentication. The essence is that you go to a website, you enter your email address, you click ‘skip password’ and log into your phone with your biometric (face or finger) ID.” That’s it.
If you have ever tried to log into a streaming service like Netflix on your television, you know it can be a frustrating experience, and in cases like this, OwnID presents you with a QR code on screen, and you use your phone to scan the code, then log into your phone.
Another annoyance that OwnID takes care of is when you move between devices and you need to remember your password (unless you have a password manager of some sort). With OwnID, you are always authenticating with the phone, so that problem should just go away.
Shany said that it’s difficult to spoof because you register through your phone when you first come to the website and the cryptographic key is stored on your phone from that point forward. Whenever the website or app sees your phone has the key, it knows it’s you.
From the website or app owner perspective, they are connecting to OwnID via an API, and once the developer adds the code, users are presented with an option to log in without a password using the phone.
The company is making OwnID publicly available today for the first time, but it is already working with large customers like Nestlé and DeLonghi. It currently has about 20 employees with plans to double that in the coming year. He says that the pandemic has actually made it easier to find diverse employees because they can hire people from anywhere, and that gives them much more flexibility.
OwnID announced a $6.2 million seed round today led by Mayfield. The founder’s previous company Gigya raised over $100 million, according to Crunchbase, before being acquired by SAP. It’s worth noting that Mayfield was an early investor in that company as well.
linkedin.com
Redefining digital identity for everyone. OwnID offers a digital identity that any individual can create and use to log in to websites and apps - making usernames and passwords obsolete. Our mission is to create a simple, trusted, and effortless tool to verify your digital identity. We want to create a future where everyone in the world is in charge of their own identity, creating a more trusting identity system globally.
OwnID is on a mission to create a simple, trusted, and effortless experience to verify your digital identity. We are redefining the way individuals can register and log in to websites and apps – making passwords completely obsolete. OwnID was founded by Dor Shany and Rooly Eliezerov. Rooly Co-founded Customer Identity platform Gigya (acquired by SAP), and Dor held leadership roles at Gigya for over a decade. Both bring decades of experience in the Identity and security industry and our passion for bringing the frictionless login experience and improved security of OwnID to millions of users across the globe.
Your site/app is about to start receiving traffic from AI agents. Pause for a moment and consider what that means from a security standpoint.
Security mechanisms and authentication wasn't built for the AI-agent era.
Picture this: Your customer lets an AI assistant order supplies on their behalf. But who approved that $50,000 order? Your logs only show "user authenticated" – not that it was delegated to an AI.
Here's why security teams are losing sleep over AI agent authentication:
- Traditional auth methods create zero distinction between human and AI actions
- Without boundaries, AI agents inherit 100% of user privileges – including critical operations
- When disputes arise, you have no proof of who actually initiated the transaction
Imagine an AI agent purchasing supplies, updating customer records, or accessing sensitive data without accountability.
Our AI-native identity platform gives security teams control with AgentGuard and AgentTrace:
- Distinguish between human-initiated and AI-agent-initiated actions
- Create granular permission sets defining exactly what agents can access
- Maintain immutable audit trails that stand up to regulations
- Immediately revoke access when seeing suspicious patterns
Without AI-native identity controls, your security architecture has a massive blind spot - agents acting with full user privileges, unnoticed and untracked
Security teams must maintain complete visibility and control over every action, whether performed by humans or their AI agents.
Browser-use agents like OpenAI Operator about to become your new shoppers.
But here's the uncomfortable truth:
Your existing security tools are blind to this new type of visitor - a bot that represents a user:
- Agents can't solve CAPTCHAs
- They can't receive SMS OTP
- They show passwords in clear text
- They can't use passkeys
Most auth systems were built assuming humans would be the ones logging in.
That's why we designed our platform for both human customers AND their AI agents.
When an AI agent tries to shop on your site:
- OwnID detects it's an agent, not a human
- Sends secure verification to the real human user
- Creates an auditable consent trail
- Enforces appropriate permissions
- Provides comprehensive logs for compliance
Retailers who solve this first will have a massive competitive advantage
OwnID, a leading provider of identity solutions for large B2C companies, is proud to announce a groundbreaking addition to its platform: AI-native identity support for AI Agents. With browser-using AI Agents - such as ChatGPT Operator and other autonomous digital assistants becoming an integral part of customer interactions, businesses require a secure, scalable way to manage their identities. In response, OwnID introduces Customer and Agent Identity Management (CAIM) - a new category designed to seamlessly authenticate, authorize, and audit AI Agents operating on behalf of users.
"AI Agents are set to transform digital experiences, from personal shopping bots to enterprise assistants," said Dor Shany, CEO of OwnID. "Businesses must ensure that these AI-powered interactions are just as secure, transparent, and compliant as human-driven ones. Our AI-native composable identity solution does exactly that."
AI-Native Identity: AgentLogin, AgentGuard, and AgentTrace
OwnID's AI-native identity solution is built on three core pillars:
AgentLogin – A secure login mechanism designed specifically for AI Agents. This ensures AI-driven interactions are authenticated seamlessly, preventing unauthorized access while maintaining a frictionless user experience.
AgentGuard – A dynamic policy and consent enforcement layer that continuously monitors AI Agent activities. AgentGuard ensures that AI Agents operate strictly within pre-defined user permissions and security policies, granting only just-in-time and just-enough access for each task.
AgentTrace – A comprehensive audit trail system that logs AI Agent activities, including authentication events and human-in-the-loop interactions. This provides businesses and customers with full visibility into AI-driven actions, ensuring accountability and compliance.
Why It Matters
With AI Agents gaining traction across industries, traditional authentication methods are no longer sufficient. Businesses need a solution that differentiates between human users and AI Agents while ensuring security and regulatory compliance. A recent Forbes article highlighted the growing need for Agentic AI and the shift toward a Do-It-For-Me (DIFM) Economy, underscoring the importance of managing AI Agents securely (Read more).
With OwnID's CAIM solution, enterprises can confidently deploy AI-driven services without compromising on user experience, identity protection or user consent. By unifying user and AI identity under one frictionless framework, OwnID is pioneering the next era of digital identity.
Consent-Driven AI Authentication
OwnID's platform ensures that no AI Agent acts without explicit user consent. Before an AI Agent logs in on behalf of a user, OwnID records the user's permissions—such as reading purchase history or scheduling appointments—ensuring that every AI-driven action is backed by an approval trail. This guarantees businesses can confidently allow AI-driven transactions while maintaining trust and compliance.
Shaping the Future of Identity Management
By pioneering the concept of Customer and Agent Identity Management (CAIM), OwnID is forging new standards for how identities—both human and AI—are verified, managed, and monitored across digital ecosystems. "We believe AI Agents will soon be interacting with businesses on behalf of millions of users," said Dor Shany. "Our mission is to ensure these interactions are not only seamless but also secure, compliant, and fully auditable—ushering in a new era of user-centric and agent-focused identity."
OwnID invites enterprises, AI developers, and industry leaders to explore this new frontier in identity management.
An easy and secure passwordless add-on for your website.
OwnID is a passwordless add-on for your Drupal website. The authentication flow is web-based and doesn't require you to install an app. Our complete end-to-end platform works cross-OS, cross-device, and cross-domain. It supports Passkeys out of the box.
Features
Our module handles a multitude of login scenarios: new user login, existing user login, phone unavailable, biometrics not supported, and more. Your users will be able to log in quickly and easily, always.
OwnID does not store any user data and has no access to any biometric data.
Post-Installation
1. Sign up to OwnID console.
2. Select Drupal integration and complete your onboarding.
3. Copy and paste the AppID and Shared Secret into OwnID Drupal module Settings.
4. Enjoy your passwordless login!
Additional Requirements
Currently, our module only supports email as a login identifier.
Recommended modules
We recommend using Email Registration
Frequently Asked Questions
How does it work?
User identification is based on device-stored cryptographic keys protected with biometrics. (No phone number is required.)
Does OwnID support passkeys?
Yes.
Does the configuring of this module require any coding knowledge?
No. It's a complete no-code integration and can be completed in minutes.
Do you support multiple languages?
We support over 30 languages. Our plugin automatically detects the language used in the website.
Also:
OwnID’s Post
Also:
OwnID Introduces the First AI-Native Identity Solution for AI Agents
Also:
OwnID Passwordless login