The world has gotten a lot more serious about privacy and data protection, but in many cases business models that rely on personalization of one kind or another have struggled to keep up. Today, a startup out of Paris called Ravel Technologies is emerging from stealth with an approach it believes could be the missing link between those two. It’s built a tool based on homomorphic encryption to keep personally identifiable information (PII) private from end to end without needing to touch the data itself. It’s launching first with a tool to enable “zero-knowledge” advertising services, and another for financial services.
The company has been around for almost four years and was initially bootstrapped, hiring a team of academics and advisors including Fields Medal Recipient Cedric Villani. Now it’s disclosing that Airbus Ventures has led a seed round of an unspecified amount. It has not disclosed any customer names but Mehdi Sabeg, the CEO who co-founded the company, said that it’s in advanced discussions with companies across both products. It notes that French bank BNP Paribas is among those running a proof of concept process.
Homomorphic encryption, as others have described it before, is something of a “holy grail” in the world of security. First conceived of by academics, the technique involves extensive algorithmic encryption of an organization’s data that lets it stay encrypted even as that organization collaborates with third parties to process the data and deliver their own services based on it — as you might, for example, encounter in an advertising network.
The holy grail aspect comes in because while the idea sounds great in theory, in practice it requires enormous computational resources to run, so much so that up to now a lot of efforts to put homomorphic encryption into practice have fallen short.
That’s led other companies who are attempting to build their own approaches to use either modified versions of HE, or to apply it to smaller, well-defined sets of data — approaches that we’ve covered used by the likes of Enveil and Duality, two other HE-based startups that have attracted some interesting attention.
Ravel’s big breakthrough has been a new approach that not only allows it to implement fully homomorphic encryption (FHE) for the first time among all of the others, but to do it at scale, across any-sized data set. Sabeg said that the speed at which Ravel works on data is on “four orders of magnitude faster” than the other HE-based solutions that have been rolled out by others.
Sabeg added that Ravel has put in patent applications on its approach. In general terms, it’s based around a fully encrypted SQL database — the first of its kind, he said — that enables encrypted queries over large volumes of encrypted data.
The current climate for data protection and privacy has created the vacuum that Ravel is hoping to fill.
Today, especially in certain jurisdictions, there are gateways set up over how that data can be sourced and subsequently used, with users able to opt out and essentially remove all personalization, rendering useless a lot of the adtech and other tools that have been created around that concept. Sabeg noted that for companies that adopt its tech — and in the case of the zero-knowledge ad tool, it would be using an API to run the service, and an SDK at the publisher’s end to implement it; while in the case of the financial services tool it would be the financial platform, and, say, a third party tool to execute trades — while something like GDPR gates would still be in place, companies would still be able to run their regular advertising services since the data they were using would no longer be PII-related.
Similarly, in the financial exchanges application, Sabeg said that the aim is to ensure confidentiality and “remove market biases” that come in plaintext data that might, for instance, come up in bidding, which is something that has come up in the context of blockchain exchanges.
It was the emergence of GDPR, in fact, that first led Sabeg, a mathematician by training, to considering how one could apply the concept of HE to the model of online advertising and how DSPs work.
“GDPR was about to be implemented and all the ad customers were complaining about the constraints of it,” he said. “I found GDPR interesting. In its essence, I loved the values it was defending but could understand the problem the ad industry was seeing. I thought we could bring an efficient tech answer. Thought that HE could be used as de-identification tech. A industry could collect and process data while never having to use PII.”
We’ve covered a number of startups looking for ways to apply homomorphic encryption to build more privacy-first data services, but they are not the only ones in pursuit of this idea, in some cases because of how central advertising and other data-heavy services are to them.
Facebook/Meta last year went on a hiring spree to pick up a number of key homomorphic encryption research specialists, including Kristin Lauter, a longtime Microsoft employee, to head up its West Coast AI research, and it’s publishing research on the topic. “It shows the importance they are giving to that technology,” Sabeg said. Others like Google have also dedicated some research into the area, and Apple is also applying it in some of its own privacy tools.
“Given the impressive, major algorithmic breakthroughs achieved by Ravel’s team, Ravel Fully Homomorphic Encryption is orders of magnitude faster than state-of-the-art FHE schemes,” noted Villani in a statement. “With the continual increase of personal and industrial data being processed globally, privacy, and confidentiality protection are of paramount importance. Ravel’s breakthroughs bring an efficient and scalable answer to critical data privacy and security challenges.”