As the notion of the AI agent begins to take hold, and more tasks will be completed without a human involved, it is going to require a new kind of authentication to make sure only agents with the proper approval can access particular resources. Anon, an early-stage startup, is helping developers add automated authentication in a safe and secure way.
On Wednesday, the company announced a $6.5 million investment — and that the product is now generally available to all.
The founders came up with the idea for this company out of necessity. Their first idea was actually building an AI agent, but CEO Daniel Mason says they quickly came up against a problem around authentication — simply put, how to enter a username and password automatically and safely. “We kept running into this hard edge of customers wanting us to do X, but we couldn’t do X unless we had this delegated authentication system,” Mason told TechCrunch.
He began asking around about how other AI startups were handling authentication, and found there weren’t really any good answers. “In fact, a lot of the solutions, people that were using, were actually quite a bit less secure. They were mostly inheriting authentication credentials from a user’s local machine or browser-based permissions,” he said.
And as they explored this problem more in depth, they realized that this was in fact a better idea for a company than their original AI agent idea. At this point, they pivoted to becoming a developer tool for building an automated authentication layer designed for AI-driven applications and workflows. The solution is delivered in the form of a software development kit (SDK), and lets developers incorporate authentication for a specific service with a few lines of code. “We want to sit at that authentication level and really build access permissioning, and our customers are specifically the developers,” Mason said.
The company is addressing security concerns about an automated authentication tool by working toward building a zero trust architecture where they protect the credentials in a few key ways. For starters, they never control the credentials themselves; those are held by the end user. There is also an encryption layer, where half the key is held by the user and half by Anon, and it requires both to unlock the encryption. Finally, the user always has ultimate control.
“Our platform is such that as a user, when I grant access, I still maintain control of that session — I’m the ultimate holder of the password, user Name, 2FA — and so even in the event of our system, or even a customer system getting compromised, they do not have access to those root credentials,” company co-founder and CTO Kai Aichholz said.
The founders recognize that other companies, large and small, will probably take a stab at solving this problem, but they are banking on a head start and a broad vision to help them stave off eventual competitors. “We’re looking to basically become a one-stop integration platform where you can come and build these actions and build the automation and know that you’re doing it in a way that’s secure and your end user credentials are secure and the automations are going to happen,” Mason said.
The $6.5 million investment breaks down into two tranches: a pre-seed of around $2 million at launch and a seed that closed at the end of last year for around $4.5 million. Investors include Union Square Ventures and Abstract Ventures, which led the seed, and Impatient Ventures and ex/ante, which led the pre-seed, along with several industry angels.