Author: azeeadmin

In February, London-listed telecom, Airtel Africa, said it was looking to sell a minority stake in its mobile money business in a bid to raise cash and sell off some assets.

The firm seems to have found an investor as it announced that The Rise Fund, the global impact investing platform of investment firm TPG, will invest $200 million in its mobile money arm. 

The investment will see the mobile money business —  Airtel Mobile Commerce BV (AMC BV) — valued at $2.65 billion. AMC BV is an Airtel Africa subsidiary and the holding company for several of Airtel Africa’s mobile money operations across 14 African countries, including Kenya, Uganda, and Nigeria.

AMC BV says the holding company will use the investment to reduce its debt and invest in network and sales infrastructure in the respective operating countries. The deal will close in two tranches — $150 million invested at first close, with $50 million to be invested at second close.

Following the deal’s completion, Airtel Africa will still hold a majority stake in the business and is exploring the opportunity to take the business public within the next four years. 

“Our markets afford the substantial market potential for mobile money services to meet the needs of the tens of millions of customers in Africa who have little or no access to banking and financial services, and this demand is driving growth,” Airtel Africa CEO Raghunath Mandava said. “With today’s announcement, we are pleased to welcome The Rise Fund as an investor in our mobile  money business and as a partner to help us realise the full potential from the substantial opportunity  to bank the unbanked across Africa.”

Airtel mobile money business, one of the many players driving financial inclusion across the continent, offers a range of services. They include mobile wallet deposit and withdrawals, merchant and commercial payments, benefits transfers, loans and savings, virtual credit card and international money transfers. 

Typically, these services are present across countries of operation except Nigeria. In the West African country, Airtel has gone through the route of partnering with local banks but has now applied for its own mobile banking licence. 

In its most recent reported results for Q3 2020, it witnessed a year on year revenue growth of 41.1% to $110 million, largely driven by 29% growth in the customer base to 21.5 million and 9.7% ARPU growth. Transaction value went 53% up to $12.8 billion ($52 billion annualised), and underlying EBITDA stood at $54 million ($216 million annualised) at a margin of 48.7%.

AMC BV benefits from a strong offline presence of kiosks, mini shops and agents which tie with its core telecom business. In a bid to drive growth this year, the business has struck partnerships with Mastercard, Samsung, Standard Chartered Bank, WorldRemit, among others, to expand both the range and depth of its mobile money offerings.

With more than $5 billion in assets under management across its platform, the San Francisco-based The Rise Fund is known to be one of the world’s largest global impact platform. 

Yemi Lalude, a partner at TPG who leads Africa investing for The Rise Fund, said that with financial inclusion being a global issue that is most acute in Africa, the telecom is closing the gap between traditional financial institutions and the millions of unbanked Africans.

“We look forward to working with Airtel Africa to enhance their mobile money services, broaden its use cases, and grow into new markets. With this investment in Airtel Africa’s mobile money operations, we are excited to expand The Rise Fund’s global fintech portfolio and continue to deepen our focus on improving financial inclusion in Africa and around the world,” she said.

Last year, TPG invested $600 million in Reliance Jio. The telecoms operator is a competitor to Airtel Africa’s parent company, Bharti Airtel. That’s one interesting detail although both investments target different markets.

Asteya, a Miami-based disability insurance startup that is geared toward small business owners and gig workers, launched today with a seed round of $10 million. Co-founder and CEO Alex Williamson, who was Bumble’s chief brand officer, describes Asteya as an “income insurance” startup. 

The announcement comes on the heels of Bumble’s IPO last month, signaling that former executives are already taking their cash and betting that they themselves can build the next unicorn.

While she was at Bumble, Williamson took medical leave. “Had Bumble not been so generous with me with medical leave, I would have needed disability insurance,” she said.

According to Williamson, 51% of U.S. employers offer disability insurance to their employees. The other 49% are left unprotected should something happen to them. In today’s changing workforce, many of these people are small business owners and gig or freelance workers. It’s this class of worker that Asteya is targeting with its first product. It offers up to $500,000 in protection through a one-time payout for a monthly fee that starts at $6/month. 

When people get sick and need to take time off work to get back on their feet, worrying about how they are going to pay rent or cover any other regular financial responsibilities can be a hardship in itself.

“If your finances aren’t in order, you can’t focus on getting help,” Williamson told TechCrunch.

People not covered by disability insurance — once they fall ill — have the option of applying for federal disability. The main distinction here is that disability insurance starts paying immediately, while federal disability only pays after you get approved by the government, but the process can be cumbersome and is known to take several months. Many people who attempt to file for federal disability on their own are often denied and then subsequently need to use a lawyer to get approved. And after all that, payments — which range from only several hundred to a couple thousand dollars a month — kick in six months after you’re approved.

Signing up — and getting approved — for disability insurance with Asteya takes minutes, the company said. Like many other startups, Asteya, through its hassle-free approach in a sector that’s known to be tangled in bureaucracy, sees an opportunity to bring humanity into insurance, Williamson said.

Women are often charged a significant premium for disability insurance compared to men — which makes them a more expensive hire for companies — adding another unnecessary difficulty for female candidates. New York and Massachusetts are a few of the states that outlawed the policy in 2019, and following their lead, Asteya’s first product is gender-neutral, Williamson said. 

The company has a managing general agent (MGA) and broker’s license, and through its MGA license, all policies are offered through insurance heavyweights Munich Re and Lloyd’s of London. In short, if the startup doesn’t succeed, your coverage won’t be affected.

Considering Williamson’s contacts and those of the founding team members, they were able to line up funding pre-launch, and Bumble’s founder and CEO, Whitney Wolfe Herd, is an angel investor. 

Other investors include 2BF Ventures, Capital Factory, Cap Meridian Ventures, Northstar Ventures, Atrum, and angel investor Geeta Sankappanavar.

The company is planning to offer a product for longer-term disability, as well as one that covers people with pre-existing conditions. “It’s an area we’re on a mission to cover,” said Williamson.

Fireblocks has raised a $133 million Series C funding round led by Coatue, Ribbit, and Stripes. The company provides several products that let you store, transfer and issue digital assets. In particular, Fireblocks provides custody to institutional investors — it currently stores $400 billion in cryptocurrencies.

BNY and Silicon Valley Bank are also participating in today’s funding round. Existing investors Paradigm, Galaxy Digital, Swisscom Ventures, Tenaya Capital and Cyberstarts Ventures are investing once again.

Overall, Fireblocks has raised $179 million since day one. The company says it has yet to reach a valuation of $1 billion — it isn’t a unicorn yet, but not far from it.

The startup doesn’t have a consumer-facing product. Instead, it sells its products to banks, fintech startups and other financial institutions. As interest rates have been close to 0% for a while, financial institutions are looking for a solution to store cryptocurrencies and diversify their balance sheet.

Fireblocks lets them do that securely. The company uses multi-party computation to handle private keys. When you create a wallet, cryptographic secrets are generated on your device and on the servers. Whenever you’re trying to initiate a transaction, multiple secrets are used to generate a full public and private key. This way, there’s no single point of failure.

The company has also put together a network of liquidity partners. You can connect directly with 30 different exchanges and initiate transfers from there. That’s why over-the-counter trading desks and market makers also use Fireblocks to settle trades across several exchanges.

Fireblocks also lets you issue and manage tokens. It can be particularly useful if you want to issue stablecoins, tokens that are backed by fiat currencies and don’t fluctuate over time against their fiat value. It works across multiple blockchains as well.

You can earn staking rewards on Ethereum 2.0, Polkadot and Tezos through integrations with Staked or Blockdaemon. There’s a DeFi API so that you can take advantage of the most interesting DeFi protocols.

The company also integrates with compliance providers Elliptic and Chainalysis for anti-money laundering reasons. The company can flag and reject transactions depending on a set of rules.

As you can see, Fireblocks provides plenty of integrations with the crypto ecosystem at large. Starting from scratch and building those integrations in house would require a ton of resources, especially if cryptocurrencies aren’t the core element of your business.

In many ways, Fireblocks reminds me of banking-as-a-service companies, except that Fireblocks focuses on crypto assets. And today’s funding round proves once again that there are a lot of investments happening in the crypto industry right now. PayPal acquired Curv just a couple of weeks ago. And this acquisition is certainly helping other crypto infrastructure companies proving that they’re valuable.

Saleor, a Poland and U.S.-based startup that offers a “headless” e-commerce platform to make it easier for developers to build better online shopping experiences, has raised $2.5 million in seed funding.

The round is led by Berlin’s Cherry Ventures, with participation from various angels. They include Guillermo Rauch (Vercel CEO and inventor of Next.js), Chris Schagen (former CMO of Contentful) and Kevin Mahaffey (co-founder of Lookout).

Saleor says the injection of capital will be invested in further developing Saleor‘s headless e-commerce platform, including a soon-to-launch cloud product and GraphQL API for front-end engineers.

Founded in 2020 but with a history going back to 2013, years before founders Mirek Mencel and Patryk Zawadzki spun out the product separate from their agency, Saleor is described as an “API-first” e-commerce platform that takes a “headless” approach. The idea is that the platform does the back-end heavy lifting so that developers can focus on the front end where most of the value is created for users.

“Saleor was born of necessity when our agency work at Mirumee Software required more modular, flexible and scalable e-commerce software,” Saleor co-founder Mirek Mencel recalls. “Most solutions for bigger brands came with proprietary baggage like vendor lock-in, slow adoption of new technologies and commercial certification programs. On the open-source side, we didn’t enjoy Magento’s developer experience and felt alternatives weren’t viable at scale”.

And so Saleor was conceived as an open-source platform focused on “technical excellence and quality” that could deliver greater scalability and extensibility than existing proprietary software. By 2016, the product had grown from something Mencel and Zawadzki’s agency used internally into a platform used by developers around the world.

“We could have stopped there, but saw brands pressing for more revolutionary front-end experiences,” Mencel says. “Decoupling Saleor’s core from its presentation layer was the obvious path to revolutionary front-ends. As difficult as it was, we tore down what was a rather good open-source e-commerce platform and rebuilt it API-first”.

Beyond their early headless conviction, the pair also came to the realisation that GraphQL delivered “more power, precision and developer happiness” than REST. Reasoning that most developers prefer “a few things done superbly to many things done well,” they committed exclusively to Saleor’s GraphQL API. “We have never looked back,” says Mencel.

In 2018, the original six-person team shipped Saleor 2.0. Now with a headcount of 20, Mencel says Saleor has a simple vision of developer-first commerce: open-source, GraphQL and “fair-priced” cloud — a vision that Cherry Ventures has clearly bought into.

“We are currently witnessing a paradigm shift with developers switching to headless commerce solutions, allowing more flexible, differentiated shopping experiences,” says Filip Dames, founding partner of Cherry. “Mirek, Patryk, and their team are at the forefront of this development and will enable innovative merchants to build state-of-the-art shopping experiences that scale across all consumer touch points and devices”.

“We decided to pursue venture backing as a way to increase the Saleor core team size and accelerate buildout of Saleor Cloud, which we’ll launch this year,” adds Mencel.

Cubyn, the Paris-based logistics startup that lets e-merchants outsource fulfilment and delivery logistics, has raised another €35 million in funding.

The round is led by Eurazeo and Bpifrance Large Venture, with participation from First Bridge Ventures and Fuse Venture Partners. Existing backers DN Capital, 360 Capital, Bpifrance Smart Cities fund and BNP Paribas Développement followed on.

Cubyn says it will use the new funding to double its team of 85 to more than 170 employees by the end of 2021, and deploy its service more internationally. First up is Spain and Portugal (launching next month), followed by Italy, the U.K. and Germany.

Impressively, the company will open a 25,000 square meter “automated” facility in the Paris area in the coming months as it looks to drive down costs and delivery times.

Originally offering pickup and delivery only, 18 months ago, shortly after Cubyn raised €12 million in Series B funding, the company launched “Cubyn Fulfilment,” seeing it enter fulfilment too.

Described at the time as a fully integrated solution that covers the entire fulfilment process, including keeping stock in Cubyn’s warehouses, it set the company up to grow off the back of an e-commerce boom, prompted not only by the pandemic most recently but also the continuing D2C and marketplace trend. For example, marketplaces Back Market, Rakuten, Mirakl and Fnac are currently using Cubyn.

Its proprietary technology aims to streamline merchant logistics, “ranging from web apps to advanced optimization through algorithm and warehouse robotics,” says Cubyn. The result is that it claims to be able to operate a fully integrated fulfilment solution at a fraction of the industry standard cost. This has seen the company grow its gross merchandise value (GMV) from €30 million to €250 million in 2020.

“Cubyn is disrupting the traditional e-commerce third party logistics market from the ground up, offering a better, faster and cross-border service at a 30% lower price,” says Cubyn co-founder and CEO Adrien Fernandez-Baca in a statement. “We are also providing merchants with not just additional revenue streams, but with our international roll out, we are now opening up new markets for them, outperforming other options available in terms of cost and delivery speed by far”.

“COVID has accelerated the need for merchants to have a reliable, scalable and tech fulfilment solution,” notes Antoine Izsak at Bpifrance Large Venture fund. “We’re excited to work with Cubyn to scale their business across Europe in the next few months”.

Adds Fernandez-Baca: “Today 85% of our shipments are in France, 15% international. With the funding, the ratio is predicted to change to 50-50”.

The adoption of financial apps is surging in Southeast Asian markets like Indonesia, the region’s most populous country. Founded by fintech veterans last year, Brick develops APIs that make it easier for tech companies to add identity verification and access financial data from their users. It is currently partnered with Indonesia’s seven largest banks, covering more than 90% of the country’s bank accounts, and plans to expand into all Southeast Asia countries.

More than three-fourths of Southeast Asia’s population is unbanked or underbanked, meaning that don’t have a bank account or access to traditional lending services. Brick will serve them as well, with products like mobile wallet and telcos APIs that are currently in beta and slated for launch next quarter.

The startup, which is now used by 250 developers and 35 tech companies, announced today it has raised new seed round. The amount of funding was undisclosed. Investors include investment firms Better Tomorrow Ventures, PT Prasetia Dwidharma, 1982 Ventures, Antler and Rally Cap Ventures, and angel backers like TrueLayer chief operating officer Shefali Roy, Cred chief executive officer Kunal Shah, Modalku CEO Reynold Wijaya, Carousell CEO Quek Siu Rui, and the founders of Nium, Xfers, Aspire, BukuWarung, ZenRooms and CareemPay.

Brick was founded in 2020 by chief executive officer Gavin Tan, an early employee at Aspire, a neobank for small- to mid-sized businesses, and chief technology Deepak Malhotra, previously co-founder of Indian neobank Slice and a former PayPal engineer.

Brick’s APIs have been deployed by personal financial management, cloud accounting, lending, wealth management and neobank apps, and Tan told TechCrunch it also sees use cases in verticals like savings, stock trading and financial planning.

Tan said he began thinking of launching Brick while working at high-growth fintech startups in Southeast Asia, including Aspire, and encountering a lack of infrastructure that slowed product development.

“Without unified APIs like those provided by Brick, fintech developers have to spend months figuring out commercials, navigating differing tech standards and navigating differing data standards, before they are able to launch their app,” Tan said.

 

Brick and other fintechs have benefited from strong support from Indonesian regulators. For example, Bank Indonesia published open banking API standards in 2020.

Tan said the standards “represents concrete government recognition of open banking principles, including consumer ownership of data and the necessity of their consent to transfer and use that data (which Tan describes as “a core principle that all our products adhere to”) and establishing a common language for banks and fintechs that enables the adoption of embedded finance. It also laid out implementation timelines for open APIs, beginning with payment initiation APIs in 2021, which Brick will launch later this year.

Brick works closely with Bank Indonesia and Indonesia’s Financial Services Authority and is participating in Bank Rakyat Indonesia’s Sembrani Wira accelerator program.

The most obvious comparison for Brick is to Plaid, the financial API provider that helped enable the adoption of open banking and open finance in the United States, Canada and European countries. A key difference, however, is that Plaid serves markets where the majority of people have a bank account.

On the other hand, “in Southeast Asia, only 25% of adults regularly use a bank account,” Tan said. “For the 75% unbanked and underbanked adults, their data resides in alternative financial data sources.” To tap into that market, Brick is building APIs for alternative financial data sources, like mobile wallets, telcos, utility providers, e-commerce platforms, social security and tax offices.

The company is currently focused on product launches in Indonesia, and plans to start expanding into other high-growth fintech markets, including Singapore, the Philippines and Vietnam, later this year.

Years ago, founder Serge Salager, a Vancouver-based entrepreneur, had taken an earlier company public on the Toronto Stock Exchange when a deep-pocketed buyer started asking whether the business might be for sale. Flattered but also nervous about who else the potential acquirer was talking with, Salager found himself scouring the web obsessively for news about other possible takeover targets, from changes to their pricing and features, to fresh job offers.

Salager was right to be paranoid. The buyer acquired a rival company. On the bright side, Salager had a new business idea — to create a much better service than existed at the time and which frees users from having to scour the web obsessively themselves when trying to track new developments.

Enter Visualping, a now six-year-old, 16-person freemium service that monitors the entire internet for changes and has amassed 1.5 million users, an undisclosed percentage of which pay the company a monthly subscription fee based on how many web pages and keywords they are following. (Two searches per day are free; 660 per day will set users back $100 per month.)

Journalists like the service as it helps them keep tabs on the people and companies they cover. Law firms use it to stay on top of changing regulations, along with other information. Employees of Apple use it to keep track of what is being said about the company and where.

The use cases are almost endless, which works in the company’s favor, as does its apparent ease of use. Users simply provide the company with a screenshot of a page or the part of the page they want to keep tabs on, along with any keywords, and Visualping then informs them via email as soon as a site has been altered or a keyword has appeared somewhere.

Visualping — which has a browser extension and says a mobile app is coming this summer — has also benefited from the pandemic. Indeed, in lieu of endlessly refreshing the sites of companies like Rite Aid and CVS, more people are learning to use the service to keep tabs on the availability of  COVID-19 vaccinations, thanks to mentions of Visualping in recent months in the WSJ, CNBC, and Fox News.

In the meantime, like other data companies, Visualping is getting smarter all the time by applying machine learning to the information it’s generating on behalf of its users, insists Salager. It won’t, for example, alert a user when the banner ads on a page have changed. If a customer is tracking a major price change, it can hold off on sending that person an alert until that price change meets a certain threshold.

Of course, with data comes privacy concerns, and on this front, Salager insists that Visualping is fully compliant with GDPR, the EU law on data protection and privacy — though he also adds that the company may some day serve up targeted ads to its customers based on their search preferences, as does Google.

For now, Salager says, VisualPing is instead focused wholly on building up new enterprise products, given that more companies have begun gravitating to the product. That’s the vision that investors are funding, too, Salager says, sharing publicly for the first time that VisualPing closed on $2 million in seed funding in December from Mistral Ventures, a Canadian fund, and N49P, and AngelList syndicate.

It’s not a ton of capital, he notes, but with the revenue that VisualPing is generating, it’s enough to get the startup through the next two years, he says. And after that? We ask Salager if he sees a tie-up down the road and whether he’d be open to acquisition talks, given what happened with his last company.

He does and he is, he answered candidly. While one scenario sees Visualping becoming “publicly traded like Dropbox,” he says (Dropbox also catered to consumers before later growing its business offerings), another “good fit is Google,” he adds. “We believe we fit very well with Google Alerts, so maybe an exit to Google is something we try to do, too.

More details have emerged today about the European Commission’s legislative proposal for a pan-EU ‘digital green pass’ to show verified COVID-19 status. The plan is controversial from a human rights and civil liberties perspective, given the clear risk of discrimination. But privacy and security experts are also raising concerns about the technology architecture that will underpin the system — which has yet to detailed in full.

“The proposal does not yet meet the requirements of data protection and protection against discrimination,” said German Pirate MEP Patrick Breyer in a statement today. “It does not ensure that the digital variant of the certificate is stored decentrally on devices of the person concerned and not in a central vaccination register.”

The European Union’s intention for COVID-19 vaccine passports — or rather what it’s branded a “digital green pass” or a “digital COVID-19 certificate” — will show whether the holder has been vaccinated against COVID-19 or had a recent negative test or if they have recovered from the disease and have antibodies, Commission president, Ursula von der Leyen, said today during a press briefing to give more details of its legislative proposal for the “common instrument”.

“The certificate will make sure that the results of what it shows — the minimum set of data — are mutually recognized in every Member State,” she also said, adding that the aim for the system is to help Member States reinstate freedom of movement “in a safe, responsible and trusted manner”.

Justice commissioner Didier Reynders said the intention is for every EU citizen to be able to receive the certificate free of charge and ask other Member States to accept it. He said the Commission will largely not be regulating use of the pass. Rather it will be up to Member States to set specific requirements related to the common instrument.

He gave the example of a European country being able to specify that they would accept a vaccination status of a person who has had a vaccine that’s not yet been approved for use in the EU, for example. But Reynders said the Commission will be obliging Member States to accept pass holders who have been vaccinated with an EMA approved vaccine.

The Commission wants the system to be ready to use “before the summer”, he also said. However that timeline looks incredibly ambitious for what is a complex technical project that involves sensitive personal data being used for a purpose which is inherently controversial, given the clear risk of COVID-19 status being used to discriminate or unfairly infringe on individuals’ civil liberties.

The digital certificates being ready means not only the Commission implementing/procuring any central components and ensuring Member States implement the necessary technical pieces at a national level for the system to work as intended but also getting the required legislation approved by the EU Council and Parliament — and doing all that “maybe” as early as June, per Reynders.

Asked during the press briefing if there was a ‘plan b’, given how ambitious the questioner suggested the Commission’s plan is, he said there is no other plan — as the only plan is to avoid fragmentation by implementing a common instrument to prevent Member States making unilateral choices over COVID-19 at their borders.

Still, the proposal currently leaves room for European countries to apply different rules, according to Breyer — who has also warned it could lead to discrimination by allowing freedom of travel to be linked purely to vaccination if Member States choose not allow negative tests to be accepted as an alternative, for example. “This needs to be improved,” the MEP suggested today.

“On the other hand, I welcome the fact that the retention of medical information after showing the certificate is excluded,” he added.

EU lawmakers avoided too much discussion of what Member States might do with the common tool but they confirmed the digital pass would be available in both a paper and digital form (although, again, Breyer expressed concern counties may choose not to implement the paper form, thereby discriminating against those who do not have access to a smartphone).

Reynders also confirmed the digital pass would incorporate a QR code to verify what’s on the certificate and check if it’s validated.

The Commission scheme shares at least one component with a system that was recently reported by Spiegel as under procurement in Germany — which it said involves QR codes but also blockchain technology (with IBM and a local company called Ubirch winning the tender) — and which is intended to be compatible with the EU’s digital pass requirements.

There was no mention of blockchain during today’s Commission press briefing. Internal market commissioner Thierry Breton said only that the technical solution “is also part of trust”.

“That’s why we have worked with Member States so that we are now all together on the same page. We share exactly the same technology,” he went on, adding: “We keep of course the GDPR at very high level. We will not exchange data and the good news is that all Member States have shared this view now. And this is extremely important because of course trust is also when you will move from one country to the other one that everybody will know just with a QR code you will know what is on your certificate and if it is validated.”

Asked after the briefing whether or not the pan-EU system will incorporate blockchain components a Commission spokesman sidestepped the question, saying only: “The gateway will link the national public key directories for the signature keys.”

“We cannot yet tell you who will implement this technically,” he added.

The spokesman went on to say that the “trust framework” (provided for by article 4 of the draft regulation) will be developed by the Commission “based on the outline on which Member States agreed in the eHealth Network on Friday” — referring to the voluntary network of Member State representatives which was established by EU directive in 2011 to facilitate cross-border data sharing for an e-health purpose.

On a related webpage the Commission also writes: “The eHealth Network has published an outline of the trust framework needed for [e]stablishing the Digital Green Certificate infrastructure, and continues to develop mechanisms for the mutual recognition and interoperability of vaccination, test and recovery certificates.”

“Further work is being conducted by the eHealth Network in collaboration with EU agencies, the Health Security Committee, the World Health Organization and other institutions,” it adds there.

The eHealth Network’s current outline for the “trust framework for the interoperability of health certificates” is available here — as a 16-page PDF (v.1.0, dating from March 12, 2021).

The document discusses some design choices and intended outcomes but does not provide details of the chosen technical solutions as decisions appear to have not yet been taken — despite the Commission’s goal of the whole thing being wrapped up and ready to run in a little over two months’ time.

Pressure from southern European nations worried about the impact of the coronavirus on heavily tourism-dependent economies is one driving force for the Commission to scramble to roll out a common approach for mutual recognition of vaccination documentation. Although fear of fragmentation of the bloc’s Single Market is likely the bigger accelerant for the Commission. (It’s notable, for instance, that other Member States, including France and Germany, have previously expressed concerns over linking the right to travel to a pass. So how ‘on the same page’ European countries are on this issue looks debatable.)

Also questionable is how trusted the technical underpinnings of the digital pass will be — as plenty of detail is still to be confirmed.

In the eHealth Network’s outline, a section on “data security by design and default”, for example, asserts that the trust framework “should by design and default ensure the security and the privacy of data in the compliant implementations of digital vaccination certificate systems, ensuring both security and privacy” — but it does not explain how this will be achieved.

“The design should prevent the collection of identifiers or other similar data which might be cross-referenced with other data and re-used for tracking (‘Unlinkability’),” it goes on before adding: “Further discussions are needed as to the technological aspects and timeline for the incorporation of these features in the trust framework.”

Another section offering an “overall description” notes that the EU trust framework is designed to be “largely decentralised”. However it confirms there will be “some centralised elements”: Namely “roots of trust” stored in a common directory/gateway (aka “EU Public Key Directory/Gateway”), and the “Governance model” — raising core questions of trust over those key elements. 

On the EU Public Key Directory the document envisages the gateway “shall be provided by a public sector body, such as the European Commission”. But evidently there’s still room for alternative bodies to take on that role.

Elsewhere, the outline confirms that offline verification will involve the use of 2D barcodes containing a digital signature used in conjunction with dedicated verification software that will periodically fetch verified public keys. While it states that online verification “will rely on the UVCI [Unique Vaccination Certificate/assertion Identifier] and it will be incorporated in the next version of the specifications (V2)”.

A section on presentation formats confirms that 2D barcodes will be used — but also raises the possibility of “W3C Verifiable Credentials” being utilized, stating only that a decision “will be made later”.

Harry Halpin, a CEO and research scientist (and formerly a staff member at the W3C) — who has been critical of the lack of openness around the technical design of the Commission’s digital green pass, and who presented a paper last year critiquing immunity passport schemes that involved what he describes as “a stack of little-known standards, such as Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) from the World Wide Web Consortium (W3C)” — is concerned the Commission is considering incorporating what his paper describes as “questionable use of blockchain technology” into the digital green pass.

He argues that use of W3C Verifiable Credentials in immunity passports would be dangerous to privacy and security.

“Technologically there’s ways to prove test results digitally without involving any global identity at all,” he told us. “If you really just want to prove with medical authenticity that I have ‘A attribute’ — where this attribute is I have negative COVID-19 test in the last 72 hours or I’ve been immunized with a vaccine in the last year, whatever it is that you want to prove, there’s another form of identity… called attribute-based credentials. Which is a perfectly fine way to do it. Attribute-based credentials just prove attributes without revealing identity. You don’t need a global identity for any of these use-cases.”

“Maybe the metaphysical angle is that because of corona all my previously private health data should now be public but then just come out and say that — don’t hide it behind some blockchain nonsense,” he added.

Discussing the eHealth Network’s outline, security and privacy researcher Dr Lukasz Olejnik — who has also written about the privacy risks and wider ramifications of vaccine passports — said the document raises some questions such as who will be the source of trust and whether there’s a risk of function creep related to the proposed design.

“This technical document confirms that the user’s ID will be bound to the certificate. This may mean that the passport would mediate a proof of ID,” he told TechCrunch. “Considering today’s proposal of a regulation it is pertinent to wonder whether a function-creep-like expansion couldn’t lead to these passports becoming actual proofs of identity in the future.

“Other than that, the eHealth document is descriptive but contains no details as to the future solution. The source of trust in this system will be the key problem of interest,” Olejnik added. “It seems that we will need to wait longer for the details.”

During today’s briefing Reynders raised the spectre of future expansion from another angle — saying that while the digital pass would be a “temporary” instrument, and the legislation would provide for the system to be “suspended” at the end of the pandemic, it would also bake in the possibility of re-activation at a later point if necessary, such as in the event of another pandemic.

“We have the possibility to suspend the certificate when the WHO declares the pandemic over. So this is dedicated to COVID-19,” he said. “I’m saying ‘suspend’ but through a delegated act and with the European Parliament we could use this instrument if there were another pandemic. But basically we’re talking about a temporary solution with the Member States and with the European Parliament.”

“We don’t want to prolong that,” he added. “When it will be possible for the World Health Organization to say that we are at the end of the pandemic we’ll stop with such an instrument. And of course we are just thinking about the possibility to reactivate the instrument later — but I’m not hoping that — if we have a new pandemic in the future. But that will be with a dedicated act — always with the Parliament involved in the process.”

On the issue of function creep, Reynders conceded that European countries might seek to use the digital pass for other purposes, i.e. outside the Commission’s target of facilitating the free movement of EU people.

But he suggested it’s no different to Member States requiring masks be worn or a rapid test taken as they may already do in certain situations — while emphasizing any such uses would need to comply with wider EU laws and fundamental rights.  

“If there are other uses well it’s already the case you can perhaps use other things like masks that are also imposed. There are also test, self tests which are used by people. But if we go into using the certificate in other ways we have to see if that use is necessary proportional and non discriminatory and also compatible with EU legislation,” he said.

“Of course we will examine the situation on a case by case basis but I don’t think we necessarily need to draw a distinction between the certificate and other measures for example rapid antigen tests, masks and so forth. These are other tools that have been used… We need to make sure that any further use is proportional and non-discriminatory and obviously in line with the rules on free movement.” 

The EU’s digital COVID-19 pass has been in the active mix since January when the Commission said it was pushing for “an appropriate trust framework” to be agreed upon by the end of the month “to allow member states’ certificates to be rapidly useable in health systems across the EU and beyond.”

It followed up earlier this month when it announced it was coming with a legislative plan for the pass, emphasizing its hopes of facilitating safe cross-border travel this summer. Albeit, those hopes look more fragile now — given the slow pace of the EU’s vaccine rollout in the first quarter.

The Commission president also warned today that some Member States are on the cusp of a third wave of COVID-19.

The EU executive’s plan to speed full-steam ahead with a digital pass to verify COVID-19 status remains controversial — not least in light of the still highly limited access to vaccinations across the bloc which only underlines the risks of the tool being unfairly applied.

Civil liberties concerns can’t be disconnected from ‘vaccine passports’. Nor will they be swept away by an anodyne rebranding to a ‘digital pass’. But there are now additional questions stacking up around the Commission’s technology choices for the common instrument — and whether the architecture of the system will live up to Von der Leyen’s tweeted promise that the EU digital green pass “will respect data protection, security and privacy”.

For EU citizens to trust in that claim full transparency is essential. 

 

Uber changes driver classification following a legal defeat in the U.K., Facebook says it will crack down on rule-breaking Groups and Snap makes an e-commerce acquisition. This is your Daily Crunch for March 17, 2021.

The big story: Uber to classify UK drivers as workers

Following a Supreme Court ruling, Uber said it will classify all drivers in the United Kingdom as workers — a category between self-employed and employed that entitles those designated to a minimum wage and holiday pay.

That doesn’t mean the dispute is fully resolved, however. Uber said that it will calculate working time starting when drivers accept a trip, excluding the time after they’ve signed into the app and are waiting for a ride. A statement by the App Drivers and Couriers Union described the company’s new approach as “a day late and a dollar short, literally.”

The tech giants

In expanded crackdown, Facebook increases penalties for rule-breaking groups and their members — The changes follow what has been a steady, but slow and sometimes ineffective crackdown on Facebook Groups that produce and share harmful, polarizing or even dangerous content.

Snap acquires Fit Analytics, a fitting technology startup, to double down on fashion and e-commerce — Fit Analytics has built technology to help shoppers find the right-sized apparel and footwear from online retailers.

Apple Maps updated with COVID-19 vaccination locations in the US — To access this information through a voice command, users can ask Siri something like “where can I get a COVID vaccination?” which will direct them to Maps.

Startups, funding and venture capital

Incredibuild gets $140M to speed up games and other software development with distributed processing tech — Incredibuild is a private tech company, but it has been around since 2000, and it counts Epic, Microsoft and Nintendo as clients.

SoftBank-backed Indian insurance platform Policybazaar raises $75M — Policybazaar is among a handful of startups that is attempting to upend India’s insurance market, which is largely commanded by state and bank-backed insurers.

The Robinhood competitor landscape intensifies as Invstr raises $20M — Via social gamification, Invstr has set out to make the financial educational process fun.

Advice and analysis from Extra Crunch

Dear Sophie: What type of visa should we get to fundraise in Silicon Valley? — The latest edition of “Dear Sophie,” the advice column that answers immigration-related questions about working at technology companies.

How to recruit data scientists without paying top dollar — When it comes to building a data science team, many companies fail at the first step: creating a job posting.

Olo prices IPO sharply above its target, valuing company as high as $4.6B — We’re checking in on the price investors paid for a block of Olo shares before it began trading.

(Extra Crunch is our membership program, which helps founders and startup teams get ahead. You can sign up here.)

Everything else

The Voter Formation Project puts an experimental spin on reaching Black and brown first-time voters — This new group is a 501(c)3 laser-focused on reaching Black and brown first-time voters using every trick in the digital toolbox.

On Friday the EU will put startup-friendly legislation to member states — will they sign up? — The EU Startup Nations Standard aims to make the European Union the most attractive place to create a startup.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

Cymbio, a Tel Aviv-based startup focused on what it calls “brand-to-retailer connectivity,” announced today that it has raised $7 million in Series A funding.

CEO Roy Avidor, who founded the company with Mor Lavi and Gilad Zirkel, told me that the platform is designed to help brands sell their products on any e-commerce marketplace that they want. Whereas adding a new market might normally require a cost-benefit analysis (“How much money will it cost me to set up this retailer? How much sales will this retailer drive? Will the margins justify this?”), Avidor said Cymbio turns the process into a “no brainer” with immediate integration.

That’s because the platform automatically handles all the differences between marketplaces, whether that involves the taxonomy of the product pages or the background color of the product images, as well as inventory syncing, tracking and returns. It allows the brand to fulfill orders using drop shipping — so the brand stores and ships the products, rather than the marketplace, getting access to customer names and addresses in the process.

Avidor said that increasingly, brands realize “they need to be where the customers are.” That doesn’t mean they’ll sell on every single marketplace, but with Cymbio, “brand perception and visibility” are the main limitations, rather than time and money.

In 2020, The company says that its customer count increased 12x and now includes Steve Madden, Marchesa, Camper and Micro Kickboard. The company also says that it reduces the tiem to launch on a new marketplace by 91%, while increasing digital revenue for the average customer by 65%.

The company says the Series A will allow it to expand its sales and marketing team while continuing to develop the product — on the product front, Avidor said the team is working on “a no code integration where anyone can connect to anything quickly, no developers needed.”

The new funding was led by led by Vertex Ventures, with participation from Udian Investments, Payoneer founder Yuval Tal and Sapiens co-founder Ron Zuckerman.

“We believe deeply that Cymbio’s technology will fundamentally change the game for brands that sell online, making long, cumbersome integrations a thing of the past,” said Emanuel Timor, general part at Vertex Ventures Israel, in a statement.