Brazil’s banks try to outflank challengers by investing in a $15 million round for Quanto

Trying to outflank competition from neo banks and other potential challengers, two of Brazil’s largest financial services institutions, Bradesco and Itaú Unibanco, have invested in Quanto, a company developing technology to let retailers and other businesses access financial information and services.

Joining Brazil’s two largest banks are Kaszek Ventures, one of Latin America’s largest venture capital firms, and Coatue, the multi-billion dollar hedge fund. 

Bradesco joined the round through its InovaBra Ventures investment fund while Itaú invested directly and had its participation approved by Brazil’s Central Bank, according to a statement.

“Open banking changes the way we understand and consume financial services, but it’s quite exciting to see the Brazilian market embracing this new moment in such a positive way,” said Richard Taveira, Quanto’s chief executive, in a statement. “Brazil has the potential to lead the use of open banking worldwide, and this round is a testament to that.”

Brazil’s Central Bank is deeply invested in the prospect of opening up banking regulation to allow information and data sharing between payment processors and technology providers, retailers, and other service providers in the financial services value chain.

Quanto, which provides standardized bank data application programming interfaces that allow institutions to slash the time it takes to ccess bank account data.

“Open banking is an important evolution in the financial services market and we believe that Quanto can contribute in an impactful way in creating a more competitive market, focused on the customer experience,” said Rafael Padilha, Director at Bradesco Private Equity and Inovabra Ventures, in a statement.

The Quanto technology could enable financial product distribution through the same API platform as business to business services, the company said. Quanto claims that its services will make it easier for customers to access low-interest credit lines with a single sign-on model and to receive competitive interest rates by sharing banking data with multiple lenders in a single flow.

“Quanto provides the rail for banks and fintechs to compete, and consumers are the ones who win”, said Taveira.

Jeff Lawson on API startups, picking a market and getting dissed by VCs

Last week TechCrunch sat down virtually with Jeff Lawson, the CEO and co-founder of Twilio as part of our long-running Extra Crunch Live series. As I expected, the chat was a good use of time.

Why? Lawson was early on the idea that software companies could deliver their features not through a web app, but through an API . Back when Twilio was getting started, the world was still uncertain on the future of cloud. But Twilio was already skating past that puck toward a more distant target.

And his company has been largely proven right in its view of the future. While cloud software is now the de facto position for startups and legacy providers alike, API-powered startups are having one hell of a year according to founders and investors.

The growing wave of API -delivered software is not looking set to slow down, with Lawson telling TechCrunch during our chat that “the world is getting broken down into APIs,” as “every part of the stack of business that a developer might need to build is eventually turning into APIs that developers can use.”

So, expect more startups to ask you to snag an API key instead of signing up for a 12-month commitment. That said, don’t get too excited, yet, as Lawson was also clear during our chat that “not everything that can be broken down into an API will end up being a huge business.”

As Salesforce helped set the stage for SaaS startups in year’s past, Twilio’s $40 billion market cap today could prove a similar North Star for API startups.

A big thanks to the Extra Crunch crew for showing up and helping us ask some fun questions. I’ve snagged some favorite quotes below and embedded the YouTube clip of the whole chat. Let’s go!

Join Twilio’s Jeff Lawson for a live Q&A August 25 at 2:30 pm EDT/11:30 am PDT

As we race toward Disrupt 2020, we’re keeping the Extra Crunch Live train rolling with a big entry next week as Twilio CEO and co-founder Jeff Lawson joins us for a chat.

Lawson is well-known in the tech industry for helping institutionalize API -delivered digital services, a business model variant that has become increasingly popular in recent years. Twilio has become a giant in and of itself, worth more than $37 billion today after going public in 2016.

As always, we’ll take some questions from the audience, so bring your best material.

Considering Twilio, it’s position in the mind of API-focused startups everywhere is notable. You tend to hear API-powered startups mention Twilio and Stripe as the two companies that they are mimicking, albeit usually with a different focus: “We’re building the Twilio for X.”

The power of API-driven startups with usage-based pricing and nearly SaaS-like gross margins is something private investors have certainly noticed and are betting on.

But there’s more to Twilio and Lawson than just that one topic, so we’ll also spend time riffing on when is the right time for a private company to go public, how his life has changed since the IPO, and what advice he might have for the super-late-stage startups who can’t seem to get out of the wings and onto the public markets. And, why, odd duck amongst most of the tech-famous, he doesn’t appear to make many angel investments.

Details follow for Extra Crunch members. If you aren’t one yet, sign up today so you can join our conversation.

Details

The race to building a fully functional quantum stack

Quantum computers exploit the seemingly bizarre yet proven nature of the universe that until a particle interacts with another, its position, speed, color, spin and other quantum properties coexist simultaneously as a probability distribution over all possibilities in a state known as superposition. Quantum computers use isolated particles as their most basic building blocks, relying on any one of these quantum properties to represent the state of a quantum bit (or “qubit”). So while classical computer bits always exist in a mutually exclusive state of either 0 (low energy) or 1 (high energy), qubits in superposition coexist simultaneously in both states as 0 and 1.

Things get interesting at a larger scale, as QC systems are capable of isolating a group of entangled particles, which all share a single state of superposition. While a single qubit coexists in two states, a set of eight entangled qubits (or “8Q”), for example, simultaneously occupies all 28 (or 256) possible states, effectively processing all these states in parallel. It would take 57Q (representing 257 parallel states) for a QC to outperform even the world’s strongest classical supercomputer. A 64Q computer would surpass it by 100x (clearly achieving quantum advantage) and a 128Q computer would surpass it a quintillion times.

In the race to develop these computers, nature has inserted two major speed bumps. First, isolated quantum particles are highly unstable, and so quantum circuits must execute within extremely short periods of coherence. Second, measuring the output energy level of subatomic qubits requires extreme levels of accuracy that tiny deviations commonly thwart. Informed by university research, leading QC companies like IBM, Google, Honeywell and Rigetti develop quantum engineering and error-correction methods to overcome these challenges as they scale the number of qubits they can process.

Following the challenge to create working hardware, software must be developed to harvest the benefits of parallelism even though we cannot see what is happening inside a quantum circuit without losing superposition. When we measure the output value of a quantum circuit’s entangled qubits, the superposition collapses into just one of the many possible outcomes. Sometimes, though, the output yields clues that qubits weirdly interfered with themselves (that is, with their probabilistic counterparts) inside the circuit.

QC scientists at UC Berkeley, University of Toronto, University of Waterloo, UT Sydney and elsewhere are now developing a fundamentally new class of algorithms that detect the absence or presence of interference patterns in QC output to cleverly glean information about what happened inside.

The QC stack

A fully functional QC must, therefore, incorporate several layers of a novel technology stack, incorporating both hardware and software components. At the top of the stack sits the application software for solving problems in chemistry, logistics, etc. The application typically makes API calls to a software layer beneath it (loosely referred to as a “compiler”) that translates function calls into circuits to implement them. Beneath the compiler sits a classical computer that feeds circuit changes and inputs to the Quantum Processing Unit (QPU) beneath it. The QPU typically has an error-correction layer, an analog processing unit to transmit analog inputs to the quantum circuit and measure its analog outputs, and the quantum processor itself, which houses the isolated, entangled particles.

Google launches the final beta of Android 11

With the launch of Android 11 getting closer, Google today launched the third and final beta of its mobile operating system ahead of its general availability. Google had previously delayed the beta program by about a month because of the coronavirus pandemic.

Image Credits: Google

Since Android 11 had already reached platform stability with Beta 2, most of the changes here are fixes and optimizations. As a Google spokesperson noted, “this beta is focused on helping developers put the finishing touches on their apps as they prepare for Android 11, including the official API 30 SDK and build tools for Android Studio.”

The one exception is some updates to the Exposure Notification System contact-tracing API, which users can now use without turning on device location settings. Exposure Notification is an exception here, as all other Android apps need to have location settings on (and user permission to access it) to perform the kind of Bluetooth scanning Google is using for this API.

Otherwise, there are no surprises here, given that this has already been a pretty lengthy preview cycle. Mostly, Google really wants developers to make sure their apps are ready for the new version, which includes quite a few changes.

If you are brave enough, you can get the latest beta over the air as part of the Android Beta program. It’s available for Pixel 2, 3, 3a, 4 and (soon) 4a users.

UK reported to be ditching coronavirus contacts tracing in favor of ‘risk rating’ app

What’s going on with the UK’s coronavirus contacts tracing app? Reports in the national press today suggest a launch of the much delayed software will happen this month but also that the app will no longer be able to automatically carry out contacts tracing.

The Times reports that a repackaged version of the app will only provide users with information about infection levels in their local area. The newspaper also suggests the app will let users provide personal data in order to calculate a personal risk score.

The Mail also reports that the scaled back software will not be able to carry out automated contacts tracing.

We’ve reached out to the Department for Health and Social Care (DHSC) with questions and will update this report with any response. DHSC is the government department leading development of the software, after the NHS’s digital division handed the app off.

As the coronavirus pandemic spread around the world this year, digital contacts tracing has been looked to as a modern tool to COVID-19 by leveraging the near ubiquity of smartphones to try to understand individual infection risk based on device proximity.

In the UK, an earlier attempt to launch an NHS COVID-19 app to support efforts to contain the virus by automating exposure notifications using Bluetooth signals faltered after the government opted for a model that centralized exposure data. This triggered privacy concerns and meant it could not plug into an API offered by Apple and Google — whose tech supports decentralized coronavirus contacts tracing apps.

At the same time, multiple countries and regions in Europe have launched decentralized contacts tracing apps this year. These apps use Bluetooth signals as a proxy for calculating exposure risk — crunching data on device for privacy reasons — including, most recently, Northern Ireland, which is part of the UK.

However in the UK’s case, after initially heavily publicizing the forthcoming app — and urging the public to download it in its daily coronavirus briefings (despite the app not being available nationwide) —  the government appears to have stepped almost entirely away from digital contacts tracing, claiming the Apple -Google API does not provide enough data to accurately calculate exposure risk via Bluetooth.

Decentralized Bluetooth coronavirus contacts tracing apps that are up and running elsewhere Europe have reported total downloads and sometimes other bits of data. But there’s been no comprehensive assessment of how well they’re functioning as a COVID-fighting tool.

There have been some reports of bugs impacting operation in some cases, too. So it’s tricky to measure efficacy. Although the bald fact remains that having an app means there’s at least a chance it could identify contacts otherwise unknown to users, vs having no app and so no chance of that.

The Republic of Ireland is one of the European countries with a decentralized coronavirus contacts tracing app (which means it can interoperate with Northern Ireland’s app) — and it has defended how well the software is functioning, telling the BBC last month that 91 people had received a “close contact exposure alert” since launch. Although it’s not clear how many of them wouldn’t have been picked up via manual contacts tracing methods.

A government policy paper published at the end of last month which discussed the forthcoming DHSC app said it would allow citizens to: identify symptoms; order a test; and “feel supported” if they needed to self isolate. It would also let people scan a QR codes at venues they’ve visited “to aid contact tracing and help understand the spread of the virus”.

The government paper also claimed the app would let users “quickly identify when they have been exposed to people who have COVID-19 or locations that may have been the source of multiple infections” — but without providing details of how that would be achieved.

“Any services that require more information from a citizen will be provided only on the basis of explicit consent,” it added.

Ahead of the launch of this repackaged app it’s notable that DHSC disbanded an ethics committee which had been put in place to advise the NHS on the app. Once development was handed over to the government, the committee was thanked for its time and sent on its way.

Speaking to BBC Radio 4’s World at One program today, professor Lilian Edwards — who was a member of the ethics committee — expressed concern at the reports of the government’s latest plans for the app.

“Although the data collection is being presented as voluntary it’s completely non-privacy preserving,” she told the program, discussing The Times’ report which suggests users will be nudged to provide personal data with the carrot of a ‘personal risk score’. “It’s going to involve the collection of a lot of personal, sensitive data — perhaps your health status, your retirement status, your occupation etc.

“This seems, again, an odd approach given that we know one of the reasons why the previous app didn’t really take off was because there was rather a loss of public trust and confidence in it, because of the worries partly about privacy and about data collection — it not being this privacy-preserving decentralized approach.”

“To mix the two up seems a strange way to go forward to me in terms of restoring and embedding that trust and confidence that your data won’t be shared with people you don’t want it to be,” Edwards added. “Like maybe insurers. Or repurposed in ways that you don’t know about. So it seems rather contrary to the mission of restoring trust and confidence in the whole test and trace endeavour.”

Concerns have also been raised about another element of the government’s digital response to the coronavirus — after it rushed to ink contracts with a number of tech giants, including Palantir and Google, granting them access to NHS data.

It was far less keen to publish details of these contracts — requiring a legal challenge by Open Democracy, which is warning over the impact of “Silicon Valley thinking” applied to public health services.

In another concerning development, privacy experts warned recently that the UK’s test and trace program as a whole breaches national data protection laws, after it emerged last month that the government failed to carry out a legally required privacy impact assessment ahead of launch.

First US apps based on Google and Apple Exposure Notification System expected in ‘coming weeks’

Google Vice President of Engineering Dave Burke provided an update about the Exposure Notifications System (ENS) that Google developed in partnership with Apple as a way to help public health authorities supplement contact-tracing efforts with a connected solution that preserves privacy while alerting people of potential exposure to confirmed cases of COVID-19. In the update, Burke notes that the company expects “to see the first set of these apps roll out in the coming weeks” in the U.S., which may be a tacit response to some critics who have pointed out that we haven’t seen much in the way of actual products being built on the technology that was launched in May.

Burke writes that 20 states and territories across the U.S. are currently “exploring” apps that make use of the ENS system, and that together those represent nearly half (45%) of the overall American populace. He also shared recent updates and improvements made to both the Exposure Notification API as well as to its surrounding documentation and information that the companies have shared in order to answer questions from state health agencies, and hopefully make its use and privacy implications more transparent.

The ENS API now supports exposure notifications between countries, which Burke says is a feature added based on nations that have already launched apps based on the tech (that includes Canada, as of today, as well as some European nations). It’s also now better at using Bluetooth values specific to a wider range of devices to improve nearby device detection accuracy. He also says they’ve improved the reliability for both apps and debugging tools for those working on development, which should help public health authorities and their developer partners more easily build apps that actually use ENS.

Burke continues that there’s been feedback from developers that they’d like more detail about how ENS works under the covers, and so they’ve published public-facing guides that direct health authorities about test verification server creation, code revealing its underlying workings and information about what data is actually collected (in a de-identified manner) to allow for much more transparent debugging and verification of proper app functioning.

Google also explains why it requires that an Android device’s location setting be turned on to use Exposure Notifications — even though apps built using the API are explicitly forbidden from also collecting location data. Basically, it’s a legacy requirement that Google is removing in Android 11, which is set to be released soon. In the meantime, however, Burke says that even with location services turned off, no app that uses the ENS will actually be able to see or receive any location data.

Salt Security closes $20M Series A to help protect APIs

Today Salt Security, a startup that helps companies protect APIs, announced that it has closed a $20 million Series A. The Palo Alto-based company secured the new funds from Tenaya Capital, bringing its total capital raised to around $30 million.

The Salt round caught TechCrunch’s eye as it fits reasonably well into a growing trend of API-powered and focused startups raising capital in recent months. On the back of Plaid’s epic exit, and the continued success of Twilio, APIs appear to be a lucrative way for startups to build attractive revenue tallies that entice both investors and acquirers alike.

Notably Salt Security offers its API security service — the startup helps customers defend against API “attacks,” and find API-related “vulnerabilities,” per its website — as a SaaS application; the company did tell TechCrunch that it can also “integrate via API with other solutions in a customer’s environment,” for what it’s worth. Regardless, as Salt is a startup focused on the API economy, we wanted to note its funding event.

To get a handle on how the company managed to raise during a purportedly difficult time to attract new capital, TechCrunch dug in a little bit. Read on for growth notes, and some details on whether more startups are using APIs to power their businesses.

Growth

The short answer regarding how Salt managed to secure capital is growth, as far as TechCrunch can surmise: According to the firm, Salt “almost doubled [its] revenue in the first half of 2020 from the end of 2019 despite COVID-19 in addition to retaining our existing customers.” As the firm just raised a Series A, its 2019 end-of-year revenue tally likely wasn’t huge, but the company’s pace of topline expansion is precisely what private investors like to bet on.

Even better, Salt shared with TechCrunch that its gross margins have “significantly improved to over 90%” in response to a question regarding changes in the startup’s gross margin profile over the last 18 months. Salt also cited sharp demand for its product from larger companies in its notes to this publication.

But it’s smaller companies that we’re more interested in, given our API startup focus. TechCrunch asked Salt if it is seeing API-powered business models becoming more popular among growing tech companies. Via email, the startup said that it has “seen an increase in the use of third party APIs and more companies are opening new APIs for partners to share data” and that APIs are “definitely a growing business model not only for startups but also for established companies looking to innovate and grow their business.”

Good to know that we weren’t out to lunch when we noted the trend.

Wrapping, while researching Salt for this post TechCrunch noticed that the company’s website details an all-male leadership team. We raised the matter to the startup, which responded saying that “diversity and inclusion are core to [its] culture,” and that it views the matter as “critical to a healthy, productive, creative and growing team.” Salt also said that it has “plans to double in size by the end of year and this will create many opportunities for growing diversity within our executives and across our entire team.” We’ll take a peek at the same metric the next time we talk to the company.

You can now install the first beta of Android 11

After a series of developer previews, Google today released the first beta of Android 11 and with that, it is also making these pre-release versions available for over-the-air updates. This time around, the list of supported devices only includes the Pixel 2, 3, 3a and 4.

If you’re brave enough to try this early version (and I wouldn’t do so on your daily driver until a few more people have tested it), you can now enroll here. Like always, Google is also making OS images available for download and an updated emulator is available, too.

Google says the beta focuses on three key themes: people, controls and privacy.

Like in previous updates, Google once again worked on improving notifications — in this case, conversation notifications, which now appear in a dedicated section at the top of the pull-down shade. From there, you will be able to take actions right from inside the notification or ask the OS to remind you of this conversation at a later time. Also new is built-in support in the notification system for what are essentially chat bubbles, which messaging apps can now use to notify you even as you are working (or playing) in another app.

Another new feature is consolidated keyboard suggestions. With these, Autofill apps and Input Method Editors (think password managers and third-party keyboards), can now securely offer context-specific entries in the suggestion strip. Until now, enabling autofill for a password manager, for example, often involved delving into multiple settings and the whole experienced often felt like a bit of a hack.

For those users who rely on voice to control their phones, Android now uses a new on-device system that aims to understand what is on the screen and then automatically generates labels and access points for voice commands.

As for controls, Google is now letting you long-press the power button to bring up controls for your smart home devices (though companies that want to appear in this new menu need to make use of Google’s new API for this). In one of the next beta releases, Google will also enable media controls that will make it easier to switch the output device for their audio and video content.

In terms of privacy, Google is adding one-time permissions so that an app only gets access to your microphone, camera or location once, as well as auto-resets for permissions when you haven’t used an app for a while.

A few months ago, Google said that developers would need to get a user’s approval to access background location. That caused a bit of a stir among developers and now Google will keep its current policies in place until 2021 to give developers more time to update their apps.

In addition to these user-facing features, Google is also launching a series of updates aimed at Android developers. You can read more about them here.

Belvo scores $10M from Founders Fund and Kaszek to scale its API for financial services

Belvo, a Latin American fintech startup which launched just 12 months ago, has already snagged funding from two of the biggest names in North and South American venture capital.

The company is aiming to expand the reach of its service that connects mobile applications in Mexico and Colombia to a customer’s banking information and now has some deep-pocketed investors to support its efforts. 

If the business model sounds familiar, that’s because it is. Belvo is borrowing a page from the Plaid playbook. It’s a strategy that ultimately netted the U.S. startup and its investors $5.3 billion when it was acquired by Visa in January of this year.

Belvo and its backers, who funneled $10 million into the year-old company, want to replicate Plaid’s success and open up an entire new range of financial services companies in Latin America.  

The round was co-led by Silicon Valley’s Founders Fund and Argentina’s Kaszek. With the new arsenal of capital complimented by the Founders Fund’s network and Kaszek’s deep knowledge of the Latin American market, Belvo hopes to triple its current team of 25 that is spread across operations in Mexico City and Barcelona. 

Since its initial establishment in May 2019, the company has raised a total of $13 million from Y Combinator (W20) along with some of the biggest players in Latin America’s startup scene. Those investors include David Velez, the co-founder of Brazil’s multi-billion dollar lending startup, Nubank; MAYA Capital and Venture Friends. 

The company’s co-founders, Pablo Viguera and Oriol Tintoré are no stranger to startups themselves. Viguera served as COO at European payments app Verse, and is a former general manager of one of the big European neo-banks, Revolut. Tintoré is a former NASA aerospace engineer, and while working for his Stanford MBA, founded Capella Space, an information collection startup that went on to raise over $50 million. 

The company said it aims to work with leading fintechs in Latin America, spanning across verticals like the neobanks, credit providers and personal finance products Latin Americans use every day.

Belvo has built a developer-first API platform that can be used to access and interpret end-user financial data to build better, more efficient and more inclusive financial products in Latin America. Developers of popular neobank apps, credit providers and personal finance tools use Belvo’s API to connect bank accounts to their apps to unlock the power of open banking.

Viguera says the capital will be used to open a new office in Sao Paulo, and invest in new product and business development hires. Notably, Belvo is only one year old, having launched in January 2020 and operative in Mexico and Colombia. 

Co-founders Pablo Viguera and Oriol Tintoré are a former Revolut GM and former NASA aerospace engineer.

 

Belvo’s latest funding also marks another instance of a U.S.-Latin America investment teamup for a Latin American company.

Nuvocargo, a logistics startup that wants to bolster the Mexico – U.S. trade lane with its freight transportation technology, also recently raised a round co-led by Mexico’s ALLVP and Silicon Valley-based NFX. American investors may be starting to take note of the co-investment opportunity of putting capital into startups serving the Latin American market in partnership with successful new wave domestic funds like Mexico’s ALLVP and Argentina’s Kaszek.