Interview with John Zurawski, Vice President of Sales and Marketing at Authentify
by Mirko Zorz - Thursday, 23 January 2003.
John Zurawski has more than 20 years of experience in computer software, Internet and high technology.

He has held prominent positions for the analytical software firm SPSS, Inc., the scientific computing firm Numerical Algorithms Group, and the visual search technology firm He fills Board Advisory positions for Photofete, Inc, and Numerical Algorithms Group. Mr. Zurawski has a B.S. in Biochemistry from Loyola University and is an avid sailor.

Currently Mr. Zurawski is the Vice President of Sales and Marketing at Authentify.

Introduce Authentify. When was the company started?

Authentify was founded in December 1999, primarily to provide a real-time registration confirmation tool. The company Chairman, Jim Woodhill, felt that there was a significant gap in the security for online registration. Many security practices rely on easily compromised information, or end at the computer keyboard as opposed to getting to the person behind the computer.

Authentify|Register "provides an organization with a crucial layer of security for any online process". Introduce it's features.

Authentify provides the only way to interactively make out-of-band contact with the actual user of a computer in real-time, that also permits the use of biometrics with no software or devices required on the client computer. The heart of the process is the ability to synchronize an automated outbound telephone call to a Web session over the Public Switched Telephone Network (PSTN). Once the telephone call is placed, the Web session will respond to voice prompts made over the phone, or the voice prompts can be tailored to respond to what has been entered on the computer keyboard. Using the PSTN offers a powerful audit and data trail. Telephone billing information can be compared to any registration information provided over the Web. Additionally, a voice recording from the user can be required and captured as part of the process. This is a powerful deterrent to online fraud.

What are your main business goals for this year?

Authentify has gained 14 customers since the first release of the service in April 2001. We would like to continue the trend of adding a customer a month.

Which challenges do you face in the marketplace? What do you see as your advantages?

The marketplace is challenging. To use a metaphor, it's difficult to sail faster than the wind, and the economic winds are not blowing particularly hard right now. It's also a challenge offering something new and different. Many firms do not want to be the first in their industry to try something new.

On the other hand, consumer acceptance of our combined Web and Telephony process has been very high. The Public Switched Telephone Network is widely deployed, stable and people know how to use the telephone. These things work in our favor. An Authentify customer need not develop or support a totally new infrastructure to gain the extra layer of security.

What do you see as the main problems in online security?

There are a number of challenges facing the security industry, but if I were to point to any specifics, I believe many organizations begin to feel more secure than they really are. Some of companies you would expect to be well prepared and understand the importance of security, are victimized right along with everyone else. AOL has just had a security problem potentially exposing confidential user information, the auction sites get victimized it happens to regularly. Another challenge is attempting to justify the expense of tight security in terms of return on investment. That's a bit like measuring the return on your car insurance. It only pays off when your car is wrecked or stolen.


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th