How Mumbai-based Protectt.ai uses deep-tech to protect digital assets from cyber threats
Founded by Manish Mimani and Mohanraj Selvaraj in 2020, Protectt.ai offers mobile app, device, and transaction security solutions. Currently, around 60 apps utilise its solutions in banking, insurance, NBFCs, fintech and stock exchange sectors.
In recent years, India has witnessed rapid digitisation, with almost 750 million smartphone users, with internet connectivity spreading far and wide to remote corners of the country. According to a report by app intelligence platform App Annie, in 2022, Indians downloaded over 28 billion apps.
With this comes the heightened risk posed by cybersecurity threats. As per a recent study by Appknox, about 75% of India's top 100 Android apps contain security risks, causing an alarming situation for mobile app security.
“Our in-house research suggests that more than 90% of apps in the BFSI sector are prone to reverse engineering, VPN detection, and code obfuscation. Therefore, It is now important, more than ever before, to secure mobile apps on an always-on, run-time basis,” says Manish Mimani, Founder and CEO of .
During their research into mobile application security, the founders realised the increased reliance on mobile applications was opening up new avenues for cyber threats and attacks.
Founded in 2020 by Mimani and Mohanraj Selvaraj, Protectt.ai is a deep-tech B2B mobile threat defence (MTD) cybersecurity company that offers mobile app, device, and transaction security solutions.
They introduced a mobile security platform that integrates with mobile apps and offers a low cost of ownership and scalability while providing run-time security to sensitive mobile apps to help enterprises move away from traditional cybersecurity frameworks.
The defence solutions
The Mumbai startup provides solutions, including AppProtectt, AppProtectt Lite, AppBind, MProtectt, and RealTime Protectt.
The startup uses advanced algorithms, data analysis, and behavioural analytics to identify and respond to real-time security risks in digital assets, mitigating cyber threats in any industry.
The AppProtectt solution is a lightweight software development kit (SDK) with over 50 mobile app security capabilities, while AppBind provides a secure mobile banking experience.
On the other hand, MProtectt enhances mobile device security to protect against malware and data leakage threats, and RealTime Protectt safeguards real-time online payments by providing fraud management features.
Plug and Play security for mobile apps
Protectt.ai provides comprehensive 360-degree security with over 50 cyber security features, including low-code integration, for rapid rollout.
The startup offers a dashboard, an analytics-driven framework for mobile apps, contextualising user behaviour based on key parameters, including total sessions, threat sessions, device count, and threat response.
It enables Runtime Application Self Protection (RASP) for advanced detection and mitigation of mobile threats, allowing companies to offload security and compliance concerns, focusing on developing their core business features.
The RASP technology safeguards applications from threats from unsecured networks, jailbroken devices, unsecured VPN, and proxy networks, and offers application security and prevents any potential exploitation.
“Our solution works on RASP technology, which allows it to work on a run-time basis. AppProtectt has anti-reverse engineering control preventing the app from decompiling. Further, if a malicious user is trying to tamper with the application at run-time, it will detect it and prevent the application from getting tampered with,” explains Mimani.
The run-time security actively secures apps running on users' devices. If it detects a threat, it warns users that the device or network is unsafe and the application cannot run.
The company also ensures compliance with RBI Digital Payment Security Control Guidelines for mobile banking apps, such as advanced measures like device binding, unsecured Wi-Fi security checks, anti-screen mirroring, anti-malware protection, MiTM prevention, app tampering, and reverse engineering prevention.
According to Protectt.ai, a case study of a private sector bank in India demonstrated the effectiveness of its solution, including reduced screen mirroring cases by 87%, blocked high-severity threats, and changed user behaviour to safe settings in 78% of cases, resulting in significant improvement in risk posture and user behaviour.
According to Grand View Research, the global mobile threat defence market was valued at $2.25 billion in 2022, expected to grow at a CAGR of 25.2% between 2023 and 2030.
At present, around 60 apps utilise Protectt.ai’s solutions in the banking, insurance, NBFCs, fintech, and stock exchange sectors. It plans to onboard more than 100 banks globally by 2025 on its platform.
Business model
Protectt.ai charges an annual subscription fee to its clients and depends on the number of users a company has, including an active user base subscription fee or per mobile app downloads.
The security solutions are offered on a pay-as-you-go model, eliminating licensing costs, making it easier for organisations to access and reducing the total cost of ownership.
To date, Protectt.ai has monitored more than two billion mobile sessions, secured over 250 million devices, and identified and acted on 20 million threats.
“We believe that mobile threat defence is a critical aspect for a digital-first economy like India and safeguarding users' data and privacy is of utmost importance,” Mimani says.
In FY23, the company registered a 500% growth in revenue, projected to grow by another 500% in FY24.
The startup competes with players such as US-based Zimperium, which provides real-time machine learning-based protection, and Boston-based LookOut, a data-centric cloud security platform.
Protectt.ai has offices in Gurugram, Mumbai, and Chennai, covering pan-India.
Future ahead
Protectt.ai plans to raise $10-12 million in pre-Series A funding round by FY24. It is in advanced talks for $3-5 million as the first step. It also aims to expand in the Middle East and the US by the third quarter of this financial year.
The company has plans to diversify its product portfolio by introducing a series of innovative products. To democratise access to mobile app security, the company plans to build a mobile app community with open-source offerings, which will include RootProtectt Rooted device protection and CodeProtectt for code obfuscation for the Android community. For mobile device users, MProtectt offers comprehensive mobile antivirus security.
“These offerings are aligned with the principles of collaboration and knowledge sharing, encouraging collective efforts to address mobile threats. Developers and organisations can take advantage of these resources to improve the security measures in their apps without the financial barriers associated with proprietary solutions,” says Mimani.
By FY25, The startup aims to enroll one lakh mobile app developers on its platform.
Edited by Suman Singh