“We built in two years, with an initial investment of over €4m, the application we dreamed of for our entire career.” We, in the words of Hervé Blanc, co-founder and CEO of Sharekey, includes himself, ex-Accenture (20 years), ex-Skype and ex-Cisco, and Sauro Nicli, co-founder, ex-McKinsey (18 years), ex-CIO of Axa and ex-CIO of Sicpa. This collaborative application is aimed at executives--for the moment CEOs, CxOs, boards of directors and law firms--since it works by invitation only. The strategy will extend to all circles of decision-makers who need to exchange information in complete confidentiality, in complete security and with a very broad granularity.
Yet another “revolutionary” collaborative application? “I love it when the conversation starts like that,” Blanc laughs at his stand at the cybersecurity day organised at LuxExpo The Box, as if the verbal prodding allowed him to start a well-oiled machine. From reading the 15,260 pages of Microsoft’s general terms and conditions, 8,600 of Spotify’s or 7,243 of Zoom’s, to name but three, the consultant-entrepreneur concluded that even when the usual stars of collaboration talk about “privacy,” they keep the keys to the house and are therefore both perfectly capable of accessing all the data that passes through them, but also of making it available to the American justice system or intelligence services.
A 24-word key in a 1,700-word library
This is more or less where “end-to-end encryption,” whose keys are not in the hands of the owners of the data, is replaced by a novel “app-to-app encryption,” in which the keys are in the devices of the users who can share their public key to communicate. There, encryption algorithms and technologies offer a 24-word “passphrase” chosen from a library of 1,700 words, which is 256-bit encryption, “military grade,” he says.
What I particularly like is that this tool saves people from having to go back to messaging applications like WhatsApp, Telegram or Signal in a business context.
No backdoor, no tracking since data exchanges are completely encrypted. The start-up finally settled in Switzerland, in the Zug valley, a mature ecosystem for fintech, close to two data centres, the Fort Knox II near Gstaad and the Equinix ZH5 in Zurich, in order to be redundant in case of trouble. Instead of Luxembourg, the entrepreneurs preferred to go where they already had keys, but where only the Swiss Data Protection Act counts, placing them under the sole authority of a single judge in Zug. In other words, the likelihood of a judge imposing too many requirements to hand over data to authorities requesting it would be low... and the data encrypted. “Frankly, if we had enough clients in Luxembourg, such as banks or financial institutions, who need their data to remain in Luxembourg, I would have no difficulty in replicating the project here,” says Blanc.
Once the application is installed, in no time at all, because everything is thought out from the start from the point of view of the user experience, the CEO has instant messaging, voice and video calling possibilities, a “DropBox,” permanent and revocable sharing and control functions with the board of directors or assistant and sharing with links.
On Wednesday 19 October, at LuxExpo, the CEO demonstrated the cryptowallet with his right hand, controlled entirely by his thumb, to show how simple the solution is.
Axa and Clarins, the first customers to be won over
This digital cockpit that the user can install on six devices at the same time is synchronised in real time and “green.” “At Sharekey, we don't share documents, but a key that allows you to consult the document, which reduces our environmental footprint. And that's also why we charge by the volume of data stored by each user account.” As soon as the award from the PwC Cybersecurity Day audience was known and shared on LinkedIn, the boss of Axa--among the first to adopt the technology, along with cosmetics group Clarins--sent his congratulations.
Ranked as one of the top 10 cybersecurity start-ups in Switzerland in June 2021, it also made it to the final of the top 10 Swiss start-ups two months later, then to the top of the Mobile World Congress in Barcelona last February and was named “Most Innovative Solution” at the IT Night in Paris in May.
“What I particularly like,” says PwC's Cybersecurity Day mastermind and big four cybersecurity partner Koen Maris, “is that this tool saves people from having to go back to messaging apps like WhatsApp, Telegram or Signal in a business context and that you can install it synchronously across multiple ones. People don't realise enough how much control they lose over their data in these messengers.”
The start-up, which now employs 28 people, 26 of whom are under 26 and 45% of whom are women, has surrounded itself with advisors who will also be its first preceptors and is looking to raise €5-10m in a Series A round in which it does not want to see any American or Chinese funds arrive. “To reassure my clients, I always suggest that they look at the code. I have no problem proving that what I say is true about encryption and the absence of a back-door. It’s not to give access to my clients’ data via a shareholder,” he explains. The funds will be used to deploy its customer acquisition strategy and move from direct sales to sales via cybersecurity solution providers, then software solutions and finally telecommunications companies.
Universal viewer and timestamp feature coming soon
In the first quarter, new features will be added, such as the integration of a universal pdf viewer, Pdf3, which, unlike Adobe, for example, does not send open documents to a US cloud. The tool will also allow annotation of the pdf in real time to improve or correct the content, depending on the roles that the owner of the discussion decides.
In the last quarter of 2023, another much-anticipated feature will arrive, the “ping to blockchain.” The main idea is that a manager who needs to validate a project, a board resolution or human resources, will be able to give a legal dimension to his actions with a certification and time-stamping system anchored in the blockchain.
The only “problem” with Sharekey is that you have to try it to understand it. “And to try it is to adopt it,” says Mr Blanc, confidently.
This article is part of the Paperjam Tech weekly newsletter, the place to be for news on innovation and new technologies. You can subscribe to it
This story was first published in French on . It has been translated and edited for Delano.