Nahal Shahidzadeh, Acceptto: Imagine a World With No Passwords, Using Your Behavioral Pattern for Protection

Written by Gabriela Vatu
Published on May 27, 2019

We may think that our data is safe and that our devices are safe, but that's not always the case, even with many precautions taken, if our passwords have been stolen by criminals. Working to help settle the whole issue, Nahal Shahidzadeh is Acceptto's co-founder and COO, although she also had the job of CEO within the company until mid-2017.

Acceptto works to provide people with a safer way to handle their online presence and their devices, redefining how we see threats and how we perceive our own security. In an interview with TechNadu, Nahal Shahidzadeh talks about what sets Acceptto apart, how to secure our information, how multi-factor authentication can become safer, and the risks of IoT.

TechNadu: You're one of the co-founders of Acceptto and currently handling the company's operations and planning. Tell us what sets your company apart from other security solutions that are currently on the market?

Nahal Shahidzadeh: Acceptto is a transformative cybersecurity company delivering continuous identity access protection and real-time threat analytics with Biobehavioral AIML-powered authentication technology in an age where your identity is persistently attacked.

Our Biobehavioral AIML-powered Cognitive Authentication platform analyzes and verifies user identity by inferring contextual data such as device and browser attributes, spatiotemporal velocity, user habits and network anomaly detection signals to detect and prevent identity access fraud across the enterprise and end consumers.

There are three elements that set Acceptto apart. The first is the company's vision and how significant/chronic of a problem it solves. Today, we are in a password and data breach crisis. On an almost weekly basis, yet another disastrous breach is announced. We started the company five years ago on a hypothesis that all of your passwords have already been breached, you just do not know it yet. Today, with Acceptto, you can prevent threat actors from getting in, or even more challenging, detect bad behavior post authorization with our Continuous Behavioral Authentication. This is superior to the traditional binary authentication including two-factor authentication (2FA) and multi-factor authentication (MFA) solutions that our predecessors and competitors offer which has been proven insufficient time and time again.

Another key element is the people. We have principal AIML research scientists who worked on the human brain project, security architects who were principals of top security firms such as McAfee with focus on identity. We also have a CEO and CTO (my co-founder) who come with more than 50 years of product development and research who have designed and architected ten Intel microprocessors with over 100 patents and publications plus other principals and engineers who subscribe to the vision of Continuous Behavioral Authentication being the path forward.

Another element that sets us apart is the distinguished trailblazer clients, the true lifeblood. History often forgets to credit those early adopters who allow a technology company like ours to come out of the gate and make an immediate impact. We have been blessed with forward-thinking CEOs, CIOs, and CSOs who have signed up to be our co-travelers in this journey to drive a paradigm shift in IAM.

TechNadu: How can your company help make people's lives more secure?

Nahal Shahidzadeh: Imagine a world where there are no passwords and your data is protected by you and your credential is actually “you”, that is to say, your “behavior” or your “habits” which are continuous. Unlike binary authentications which are static and stored somewhere (and sometimes due to negligence or a back door fully exposed), our solution uses cognitive continuous authentication to ensure only “you” have access to your digital resources, even if you walk away from a computer while still being logged in.

TechNadu: We've all heard, and hopefully all use, multifactor authentication. How is your company's solution different or better than what we commonly associate with this notion?

Nahal Shahidzadeh: Binary authentication such as passwords with 2FA and various MFAs are temporal, which causes high friction and can be easily intercepted during transmission. Current MFA security solutions lack context and rely on too few attributes. Your biometrics are binary, and perhaps worse than many imagine. Regardless of how safe a fingerprint or retina scan appears to be, it can be spoofed and cannot be reset, ever. There are few, if any, solutions that continuously validate your identity post-authorization.

Our technology is built on the premise that all your credentials today, including those that you’ve yet to create, have already been compromised. If your identity is simply based on a password, a one-time token or only your biometrics, you are at grave risk. Our approach is to enable a cost-effective actionable threat analytics that enables pre-auth intelligence, context-aware risk-based authentication and most importantly post authorization continuous behavioral authentication. This way we totally eliminate reliance on weak and outdated controls by incorporating our multi-modal, multi-domain telemetry that contributes to the creation of a unique, contextual, Biobehavioral™ Derived Credential, which is virtually impossible to impersonate, tamper with or spoof.

TechNadu: Tell me what are some of your career achievements you are most proud of.

Nahal Shahidzadeh: I can tell you that my biggest achievement is not my career. I have been very blessed, and my true biggest achievement is our children. That being said, bootstrapping Acceptto with Haitham (our CTO and co-founder) is my career achievement. We bootstrapped our vision of Continuous Behavioral Authentication™ which we hope to become viral in the next 2-5 years, protecting our data and keeping our infrastructure safe.

TechNadu: We've seen a rise in IoT device usage in recent years and we all know how abysmal security of such devices is for the most part. What are your suggestions to help people increase the security of their data while still enjoying the benefits of IoT?

Nahal Shahidzadeh: This is one windy, scary road ahead of us. There is no way around it. We have to go through it. There are some great companies, and a lot of startups, that are focused on establishing standards for the security of IoT devices. My focus is to solve the current problem at hand first and that is how to get rid of passwords and help clients leverage our continuous behavioral modeling to protect the enterprise and their clients’ data and identity. At Acceptto, we deliver the smartest, most resilient and evasion-proof identity validation technology commercially available today for physical, web, mobile, cloud and IoT devices.

TechNadu: How about you? Do you have any IoT devices of your own? How do you keep your own data safe at home?

Nahal Shahidzadeh: My Alexa, Siri, the lighting system that communicates with them all, my security system, the garage door, and my Ring. Hmmm, am I safe because I have them all aggregated and controlled using my phone? Shahrokh, our CEO, jokes that security is a feeling. You can be secure and do not feel it, and you can be insecure and feel you are secure.

TechNadu: What do you believe are currently the biggest threats we face in terms of security?

Nahal Shahidzadeh: Relying on a 4-decade old binary authentication and 2FA/MFA, when every day, the best companies in the world are breached is the biggest threat to our cybersecurity. IT is the definition of futility: doing the same thing and expecting different results. In this case, the cybercriminals always win.

TechNadu: Teaching people how to stay safe online seems like a never-ending chore. What would you start with? What's the first lesson you'd give someone about keeping themselves and their data safe online?

Nahal Shahidzadeh: Go through your accounts and put at minimum measures for some good old MFA. Be aware that you need to watch for phishing and demand your service providers to enable audit techniques for your account.

TechNadu: As a parent yourself, and with a younger generation growing up with the Internet, how do you think parents should protect them and teach them how to protect themselves?

Nahal Shahidzadeh: Cyber hygiene starts at an early age. We need to teach our kids that first of all there are no secrets and how much they share their data on social media can have significant implications.

We'd love to hear back from you about what you think of what Nahal has said, so let us know by dropping a comment in the section below the article. Share the interview online if you have the time, and please follow TechNadu on Facebook and Twitter for more tech news, guides, reviews, and interviews. 

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: