The world has become much more serious about privacy and data protection, but in many cases business models that rely on personalization of one kind or another are struggling to keep up. A startup from Paris called today Ravel Technologies comes out of stealth with an approach that he thinks could be the missing link between these two. It has built a tool based on homomorphic encryption to keep personally identifiable information (PII) private end-to-end without the need to touch the data itself. It first launched with a zero-knowledge ad activation tool and another for financial services.
The company has been around for almost four years and was initially launched employing a team of academics and advisers, including Fields Medal winner Cedric Villani. Airbus Ventures has now been revealed to have led a seed round of an undisclosed amount. No customer names were disclosed, but Mehdi Sabeg, the CEO who co-founded the company, said he was in advanced discussions with the companies about both products. He notes that French bank BNP Paribas is among those conducting a proof-of-concept process.
Homomorphic encryption, as others have described it before, is something of a “holy grail” in the security world. First conceived by academics, the technique involves extensive algorithmic encryption of an organization’s data, allowing it to remain encrypted even when that organization collaborates with third parties to process the data and provide its own services based on it – as it can to meet, for example, in an ad network.
The holy grail aspect comes about because while the idea sounds great in theory, in practice it requires massive computing resources to work, so much so that so far many efforts to implement homomorphic encryption in practice have failed.
This has led other companies trying to build their own approaches to either use modified versions of HE or apply it to smaller, well-defined data sets—approaches we’ve covered used by people like A quilt and Dualitytwo other HE-based start-ups that have attracted interesting attention.
Ravel’s big breakthrough is a new approach that not only allows him to implement fully homomorphic encryption (FHE) for the first time among all others, but also to do it at scale, on a dataset of arbitrary size. Sabeg said the speed at which Ravel processes data is “four orders of magnitude faster” than other HE-based solutions that have been introduced by others.
Sabeg added that Ravel has filed patent applications for his approach. Broadly speaking, it’s based on a fully encrypted SQL database — the first of its kind, he said — that allows encrypted queries for large volumes of encrypted data.
The current data protection and privacy climate has created the vacuum that Ravel hopes to fill.
Today, especially in certain jurisdictions, there are floodgates in place on how this data can be extracted and subsequently used, where users can opt out and essentially remove all personalization, rendering much of the ad technology and other tools useless. which are built around this concept. Sabeg noted that for companies that adopt his technology — and in the case of the zero-knowledge ad tool, he’ll use the API to run the service and the publisher’s SDK to implement it; whereas in the case of the financial services tool, it will be the financial platform and, say, a third-party tool for making transactions – while something like GDPR gates will still be in place, companies will still be able to manage their regular ad services as and the data they use will no longer be associated with PII.
Similarly, in the financial exchange app, Sabeg said the goal is to ensure privacy and “remove market bias” that comes in plain text data that can, for example, appear in bidding, something that appeared in the context of blockchain exchanges.
Indeed, the advent of GDPR first prompted Sabeg, a mathematician by training, to consider how the concept of HE could be applied to the online advertising model and how DSPs work.
“GDPR was about to come in and all the advertising clients were complaining about the limitations of that,” he said. “I found GDPR interesting. In essence, I liked the values it espoused, but I could understand the problem the advertising industry saw. I thought we could offer an effective technical response. I thought HE could be used as a de-identification technology. An industry can collect and process data without ever having to use PII.”
We’ve covered a number of startups looking at ways to implement homomorphic encryption to build more privacy-first data services, but they’re not the only ones pursuing the idea, in some cases because of how heavily ad-centric they are and other data services are for them.
Facebook/Meta last year was at a employment to take a number of key homomorphic cryptography research specialists, including Christine Lauter, a longtime Microsoft employee, to head up West Coast AI research, and it’s publishing research on the topic. “It shows the importance they place on this technology,” Sabeg said. Others like Google have too devoted some research in the area and Apple also implements it in some of your own privacy tools.
“Given the impressive major algorithmic breakthroughs achieved by the Ravel team, Ravel’s fully homomorphic encryption is orders of magnitude faster than state-of-the-art FHE schemes,” Villani noted in a statement. “With the continued growth of personal and industrial data processed globally, the protection of privacy and confidentiality is paramount. Ravel’s breakthroughs bring an efficient and scalable response to critical data privacy and security challenges.”