最近一次融资 01
543 USD M [CO017, CI020, CV001] 尽调报告
Transmit Security
身份平台证据扎实,但公开财务披露仍难支撑当前估值
继续研究:Transmit Security 的企业产品和客户证据可信,但私募估值仍披露太薄、价格太高,单靠公开证据还难以舒服承销。
封面要素
公司概况
Transmit Security 是一家私有身份安全软件公司,2014 年由 Mickey Boodaei 和 Rakesh Loonkar 创立,总部在 Boston,运营根基深扎 Tel Aviv,平台战略围绕 Mosaic 展开。Mosaic 把客户身份与访问管理、身份编排、欺诈防控和身份核验合在一个企业级、基于微服务的平台里,主要卖给大型受监管企业。公开证据显示客户相关性很强,尤其在银行和保险领域;历史融资支持也异常充足。但当前财务透明度落后于公司的产品和客户证据。
- 成立时间
- 2014-01-01
- 创始人
- Mickey Boodaei, Rakesh Loonkar
- 创立地点
- Tel Aviv, Israel
- 总部
- Boston, MA, USA
- 产品
- Mosaic 是统一的 CIAM、身份编排、欺诈防控和身份核验平台,支持 B2C 与 B2B 部署中的通行密钥、认证、开户注册、风险评分、AML 或 PEP 筛查,以及客户旅程自动化。
- 客户
- 大型受监管企业,尤其是银行、保险公司、医疗机构、零售商和其他面向客户的品牌;它们需要在数字旅程中统一身份、欺诈和核验控制。
- 商业模式
- 企业 SaaS,采用定制合同销售,定价与月活用户或登录、ID 检查等事件量挂钩。
- 阶段
- Series A
- 融资情况
- 2021 年 6 月宣布 $543M Series A;保留的公开来源中未发现后续已披露定价轮。
执行摘要
主要优势
- 创始团队在身份安全和反欺诈上履历扎实,来自 Trusteer 及相邻网络安全公司。
- Mosaic 把 CIAM、编排、反欺诈和身份验证放进一个企业平台。
- 公开客户证据包括大型银行和保险公司部署,且披露了可量化 ROI 和 passkey 采用结果。
- 公司曾拿到异常大的 $543M Series A 轮,历史资本支持强于多数身份安全初创公司。
- 与 Microsoft、AWS、Google Cloud 的合作和 marketplace 布局,能帮它切入受监管客户的采购和集成流程。
主要风险
- 公开材料没有披露收入 / ARR、毛利率、NRR、烧钱速度和 runway,干净承销所需数据仍太不透明。
- 2021 年前后的 $2.2B–$2.7B 估值框架,相比当前上市身份安全可比公司偏贵,除非隐含收入高得多。
- 产品广度和编排深度可能抬高实施复杂度、单应用规则负担和定价摩擦。
- 供应商嵌进客户旅程之后,隐私、生物特征处理和留存义务会带来实质监管与合同风险敞口。
- 对 Microsoft 生态的依赖,以及旗舰金融客户案例集中,带来平台和叙事集中风险。
未决问题
- 当前 ARR 或收入桥、净留存、分模块毛利率和现金 runway。
- 客户集中度、续约韧性,以及来自 hyperscaler 或合作伙伴渠道的 bookings 占比。
- 当前股权结构、清算优先权、二级交易,以及 2021 年后是否有融资重置实际估值。
- 当前准确员工数,以及维持复杂受监管企业部署需要多少交付或支持成本。
目录
01公司概览
1.1 身份、产品范围与商业模式
Transmit Security 将自己定位为企业身份安全供应商,围绕客户身份、认证、欺诈防控和身份核验构建。官方产品页把 Mosaic 定位为单一 SaaS 原生平台,合并 CIAM、欺诈控制和身份核验,而不是只卖狭窄的认证点工具。公司称其成立于 2014 年,仍由原始联合创始人领导,服务高度受监管企业;这些企业需要让数字开户注册、登录、恢复和交易流程足够安全,同时不增加摩擦。定价面向企业、以报价为主:公开定价页宣传定制方案、MAU 或事件量定价,以及 99.99% uptime SLA,而不是自助式标价。上述组合支撑了以大客户 SaaS 和用量挂钩平台收入为核心的商业模式,专业部署和编排深度则构成差异化。公开规模叙事很有野心,但目前仍主要来自公司口径,未经过独立审计。[CO001, CO002, CO005, CO006, CO007, CO008]
Transmit Security 如何连接身份产品、客户旅程和变现。
[CO005, CO006, CO007, CO009, CO010, CO011]1.2 创始人、领导层与治理可见度
创始人连续性是公司叙事中的关键特征。官方页面和投资人材料持续将 Mickey Boodaei 与 Rakesh Loonkar 列为 2014 年联合创始人;截至报告日期,Mickey 仍担任 CEO,Rakesh 担任总裁。当前公开领导层还包括 CFO Mirit Barak、CLO Kiran Judge、CTO Shmulik Regev、首席客户官 Ashley Arbuckle、首席身份官 David Mahdi,以及区域商业负责人。这个阵容说明公司已从纯创始人作坊,成长为职能更完整的运营团队。即便如此,相比已融资本规模,治理披露仍偏薄:已审阅官方材料没有公布完整董事会名单、投资人控制权,或清晰的高管变动时间线。David Mahdi 在 2025 年末的分析师认可新闻中被公开认定为 CIO,但更广泛的接班、董事会委员会和治理机制仍是尽调事项,而不是已验证的公开事实。[CO002, CO003, CO004, CO015, CO016, CO032]
| 人员 | 职务 | 背景 / 证据 | 覆盖范围或 founder-market fit | 关键人物依赖 |
|---|---|---|---|---|
| Mickey Boodaei | CEO & Co-Founder | 官方领导层页面列名,投资者称其为 Trusteer / Imperva / Palo Alto Networks 老兵 | 创立愿景、产品方向、外部资本和市场叙事 | 高 — founder-CEO 仍是核心公开发言人 |
| Rakesh Loonkar | President & Co-Founder | 官方领导层页面和投资者简介列名,称其为连续网络安全创业者 | 创始人连续性、运营领导、客户身份战略 | 高 — 联合创始人连续性仍是公司可信度的一部分 |
| Mirit Barak | Chief Financial Officer | 官方领导层页面列示 | 财务、报告、资本规划、商业纪律 | 中 — 公开职责清楚,但缺少董事会层面财务披露 |
| Shmulik Regev | CTO | 官方领导层页面列示 | 技术架构、平台规模、工程战略 | 中 — 关键技术权威,但工程团队纵深细节未公开 |
| Ashley Arbuckle | Chief Customer Officer | 官方领导层页面列示 | 售后成功、实施质量、企业扩张 | 中 — 对部署很重的企业模式很重要 |
| David Mahdi | Chief Identity Officer / 后续被称为 CIO | 官方领导层页面加 2025 年 BusinessWire 引文确认其高级战略角色 | 面向分析师的思想领导和市场定位 | 中 — 角色可见,但职责演进需要尽调 |
这是公开面向外部的领导层快照,不是完整治理图;未发布董事会 roster 仍是尽调缺口。
[CO002, CO003, CO004, CO015, CO016, CO032]1.3 资本结构、投资人和估值证据
Transmit Security 是同代私有身份安全供应商中公开资本化最显眼的公司之一。支撑最强的融资事件是 2021 年 6 月 22 日 Series A:官方和独立报道均指向融资 $543 million,由 Insight Partners 与 General Atlantic 领投,Cyberstarts、Geodesic、SYN Ventures、Vintage 和 Artisanal Ventures 也在名单中。2021 年 9 月的一则公司更新又将 Citi Ventures 和 Goldman Sachs 加为同轮投资人。证据分歧出现在估值口径:TechCrunch 引用 $2.2 billion pre-money 估值,SYN Ventures 引用 $2.3 billion pre-money,Tracxn 记录该轮 $2.2 billion 估值,但没有完全调和 pre-money 与 post-money 的处理。已审阅来源未浮现后续定价轮、信贷额度或债务包,因此公开资本故事在 2021 年融资前后较清晰,此后则明显不清。[CO017, CO018, CO019, CO020, CO021, CO022]
| 利益相关方 | 角色 | 控制权 / 经济重要性 | 尽调索取项 |
|---|---|---|---|
| Mickey Boodaei & Rakesh Loonkar | 创始人 / 持续管理层 | 持续创始人控制影响可能很重要,但持股比例未披露 | 索取创始人持股、投票控制、归属状态和任何超级投票权 |
| Insight Partners | Series A 领投方 | 共同领投旗舰 2021 年融资;可能有重大治理和跟投影响力 | 索取董事席位、pro rata、清算优先权和信息权细节 |
| General Atlantic | Series A 领投方 | 与 Insight Partners 一起共同领投旗舰 2021 年融资 | 确认董事会代表、保留事项和任何成长型投资者 covenants |
| Cyberstarts / SYN / Vintage / Geodesic / Artisanal 等 | 2021 年具名 syndicate 投资者 | 支持性资本池,战略价值不一;单个经济权益未披露 | 索取精确轮次分配、持股比例和任何协调投资者权利 |
| Citi Ventures | 2021 年 9 月宣布的新增投资者 | 传递战略性金融服务验证信号 | 澄清投资是否伴随商业渠道承诺或采购路径 |
| Goldman Sachs | 2021 年 9 月宣布的新增投资者 | 为 cap table 增加另一个蓝筹金融机构 | 澄清投资是否带来分销、资金管理或企业销售杠杆 |
| Microsoft | 商业 / 合作伙伴利益相关方,而非股权持有人 | 即使未披露股权,passkey 和 Entra / Azure AD B2C 共售叙事也影响 GTM 可信度 | 确认实际合作伙伴来源 pipeline、attach rates 和联合参考客户 |
公开证据对具名参与方最强,而不是对经济条款最强;本表把已验证名称与仍属私密的所有权和控制机制分开。
[CO018, CO019, CO020, CO024, CO029]1.4 规模信号、客户证据与公开指标限制
公开证据能拼出有用但不完整的运营规模图景。官方编排和平台页面称,产品被美国前十大金融机构中的八家使用,每天编排数亿次客户交互,部分部署服务超过 1 亿客户的机构。第三方来源也在部署叙事中点名 Citi、UBS、MassMutual、Lowe’s 和 Santander 等大型机构或品牌。这些引用说明公司确有企业渗透,但公司没有公开披露规范的 live customer count、收入或 ARR。员工数同样只能部分支撑:Dealroom 列出 194 名员工,而官方页面只确认全球团队和分布式办公室。因此,本章把客户广度和产品成熟度视为方向上较强,同时明确保留关键商业指标缺口。[CO014, CO025, CO026, CO027, CO034, CO035]
| 指标 | 数值 / 状态 | 日期 | 置信度 | 缺口 / 备注 |
|---|---|---|---|---|
| 成立 | 2014 | 2014 | 高 | 官方 about 页面、领导层页面和投资者 portfolio 页面相互印证 |
| 总部 / 根基 | Boston 总部;Tel Aviv 创立和运营根基 | 2026-06-17 | 中 | 官网暗示全球办公室;HQ 表述主要来自投资者和市场数据来源 |
| 公开总融资 | $543M 融资 | 2021-06-22 | 高 | 支撑最强的融资事件;未发现后续公开定价轮 |
| 公开估值证据 | $2.2B 投前估值(TechCrunch)vs. $2.3B 投前估值(SYN);Tracxn 列示 $2.2B 估值 | 2021-06-22 | 中 | 各来源对估值分母的口径并未完全对齐 |
| 商业模式 | 企业 CIAM / 欺诈 / IDV 软件,按 MAU 或事件量定价 | 2026-06-17 | 中 | 报价制企业模式;没有公开标准价目表 |
| 收入 / ARR | 2026-06-17 | 低 | 已审阅官方来源未公开披露 | |
| 客户数量 | 2026-06-17 | 低 | 存在具名部署,但没有公开客户数量披露 | |
| 员工人数 | 194 名员工(Dealroom 估计) | 2026-06-17 | 低 | 官方页面确认全球团队,但没有权威员工数 |
| 债务 / 信贷 | 2026-06-17 | 低 | 已审阅来源未发现公开债务或信贷额度 |
Null 值标记截至运行日期无法公开支撑的指标;估值行保留来源冲突,而不是强行压成单一数字。
[CO001, CO006, CO007, CO017, CO022, CO023]可由公开资料支撑的成熟度指标,以及仍待披露的缺口。
[CO001, CO007, CO017, CO022, CO023, CO034]1.5 里程碑、负面信号和开放尽调缺口
公司的里程碑模式很直接:2014 年创立,2021 年初 BindID 迈出重要产品一步,2021 年中完成创纪录 Series A,当年稍晚加入蓝筹投资人,2025 年初公开 Microsoft 通行密钥合作伙伴叙事,并在 2025 年获得访问管理领域分析师认可。这些里程碑体现了品类野心和平台继续扩张,但负面证据同样重要。同行评测来源提到真实实施摩擦:规则构建可能需要逐应用处理,平台对非专家来说技术要求较高,定价被认为偏高端,工作流更复杂后可扩展性会变得棘手。这些点都不推翻公司的市场位置,但意味着买方和投资人应重点尽调部署负担、服务依赖和商业效率。最大未解问题仍是当前收入、客户数、员工数、董事会构成,以及 2021 年估值分母的精确口径。[CO028, CO029, CO030, CO031, CO039, CO040]
| 日期 | 事件 | 类型 | 金额 / 状态 | 参与方 | 含义 |
|---|---|---|---|---|---|
| 2014 | Transmit Security 成立 | 创立 | 公司成立 | Mickey Boodaei;Rakesh Loonkar | 官方和投资者来源中的创立身份一致 |
| 2021 年初 | BindID 作为无应用、无密码认证器推出 | 产品 | 发布 / 产品推出 | Transmit Security | 标志公司从编排根基进入更宽的无密码产品叙事 |
| 2021-06-22 | 创纪录 Series A 宣布 | 融资 | $543M 融资 | Insight Partners;General Atlantic;Cyberstarts;Geodesic;SYN Ventures;Vintage;Artisanal Ventures 等 | 让公司成为融资最重的私营身份供应商之一 |
| 2021-09-14 | Citi Ventures 和 Goldman Sachs 加入投资者名单 | 融资 | 新增投资者加入既有轮次 | Citi Ventures;Goldman Sachs | 旗舰融资后扩大了战略性金融机构支持 |
| 2025-01-23 | Microsoft passkey 合作叙事发布 | 合作 | Azure AD B2C / Entra External ID 联合定位 | Transmit Security;Microsoft | 传递围绕 passkey 和企业 CIAM 现代化的合作伙伴主导 GTM 重心 |
| 2025-11-18 | 安全行业媒体放大 Gartner 认可 | 规模 | 2025 Gartner Magic Quadrant for Access Management 领导者 | Transmit Security;Gartner;SecurityInformed | 外部可见度从公司自有渠道扩展出去 |
| 2025-11-19 | BusinessWire 认可新闻稿发布 | 规模 | 首次参与 Gartner Magic Quadrant 即获得 Leader 状态 | Transmit Security | 暗示 Mosaic 和访问管理战略的分析师市场合法性上升 |
| 2026-06-17 | 当前买方反馈仍指出复杂度和高端定价 | 负面 | 负面但可管理的产品运营信号 | PeerSpot 评测者;CyberSecurityO;StackInsight | 尽管市场势头存在,实施负担和商业效率仍是活跃尽调议题 |
时间线把当前状态的负面反馈保留为里程碑级尽调信号,因为已审阅公开来源未发现重大诉讼、裁员或监管事件。
[CO001, CO017, CO020, CO028, CO029, CO031]从创立到 2026 年评审反馈,可由公开资料支撑的里程碑。
[CO001, CO017, CO020, CO028, CO029, CO031]1.6 图表
02市场分析
2.1 市场边界与替代品
Transmit 自己的平台定位是界定市场边界的有用锚点:公司称 Mosaic 覆盖整个用户生命周期,把身份管理、身份核验、欺诈防控、编排和安全认证合在一起。这一点重要,因为与 Transmit 直接相关的市场并不是整个身份与访问管理宇宙。MarketsandMarkets 将 consumer IAM 定义为包含身份管理、PII 管理与分析、访问管理、欺诈检测和服务;Grand View 与 Meticulous 则发布更窄的 CIAM 市场估计。更广义的 IAM 品类更大,因为还包含员工身份和管理访问。身份核验与其相邻,但不完全包含其中,许多买家仍用密码加 OTP、联合登录、自建身份栈,或点状欺诈和 IDV 工具来解决问题。本章纳入的支出是面向客户的身份编排和认证,以及紧密相连的欺诈与身份核验层;排除的是通用员工 IAM 和无关企业安全工具。[CM001, CM002, CM003, CM004, CM005, CM016]
| 类别 | 包含支出 | 排除支出 | 买方 / 付款方 | 与 Transmit Security 的相关性 |
|---|---|---|---|---|
| 直接 CIAM / 客户身份编排 | 注册、登录、账号管理、同意、客户生命周期旅程 | 内部员工 IAM、通用 PAM、无关端点安全 | 数字产品 + 身份 / 安全 + 合规预算 | Mosaic 明确覆盖的核心类别 |
| 无密码认证 / passkey | FIDO / WebAuthn 登录、MFA 替代、生命周期和恢复控制 | 未连接客户旅程的独立硬件密钥项目 | 身份 / 安全团队;有时是产品增长负责人 | 关键采用切口,因为它触及欺诈、转化和支持成本 |
| 身份验证 | KYC、文件检查、入职和恢复中的加强身份核验 | 与客户账户旅程无关的后台 AML 平台 | 欺诈、风险、入职、合规预算 | 相邻类别,常被打包进客户旅程编排 |
| 账户旅程欺诈预防 | 账户接管防御、行为风险、交易或登录欺诈控制 | 卡网络欺诈平台和无关企业欺诈套件 | 欺诈 / 风险负责人,安全和产品共同赞助 | 相关,因为 MarketsandMarkets 和 Transmit 都把欺诈放入实际购买集合 |
| 更广义 IAM / 员工身份 | 员工 SSO、管理员访问、目录和员工治理 | 大多数消费者账户工作流 | CIO / CISO 内部 IT 预算 | 仅作背景市场;过宽,不能直接用作 TAM |
边界刻意收紧:Transmit 的实际市场包括 CIAM 以及紧密耦合的 passkey、验证和欺诈层,但排除大多数员工 IAM 和无关安全支出。
[CM001, CM002, CM003, CM004, CM005, CM016]2.2 多重测算口径与受证据约束的 TAM
证据不足以给 Transmit 的市场推出一个干净的单一 TAM。Grand View 估计 CIAM 在 2023 年为 USD 8.12B、到 2030 年为 USD 26.72B;Meticulous 估计 CIAM 在 2026 年为 USD 12.6B、到 2036 年为 USD 40.2B;The Business Research Company 则称 consumer IAM 在 2025 年已达 USD 41.75B,2030 年达到 USD 101.15B。这些数字相差太大,不能互换使用,因此最可辩护的做法是保留分歧并带入区间:低情形 USD 12.6B,工作中点约 USD 19B,广义定义下 2026 年左右直接品类支出的天花板约 USD 41.75B。Precedence 对更广义 IAM 的 2026 年估计 USD 25.89B,以及 Grand View 单独的身份核验市场估计,都补充说明完整数字身份旅程预算大于狭义 CIAM。对 Transmit 来说,近期机会不是整个更广义 IAM 栈,而是受监管、高流量客户旅程中的楔子:通行密钥、编排、身份核验和欺诈控制被一起采购。[CM008, CM009, CM010, CM011, CM012, CM013]
| 发布方 / 视角 | 范围 | 地域 | 基准年份 / 数值 | 预测年份 / 数值 | CAGR | 方法信号 | 置信度 | 局限 |
|---|---|---|---|---|---|---|---|---|
| Grand View Research | 客户身份与访问管理 | 全球 | 2023 / USD 8.12B | 2030 / USD 26.72B | 17.4% | 自上而下市场报告摘要 | 中 | 从 2023 年起算,可能排除部分相邻欺诈或 IDV 支出 |
| The Business Research Company | 消费者 IAM | 全球 | 2025 / USD 41.75B | 2030 / USD 101.15B | 19.3% | 自上而下市场报告摘要 | 中 | 边界比更窄的 CIAM 研究宽很多 |
| Meticulous Research | CIAM | 全球 | 2026 / USD 12.6B | 2036 / USD 40.2B | 12.2% | 自上而下市场报告摘要 | 中 | 与 BRCI 相比,预测期不同、范围更窄 |
| Precedence Research | 更广义 IAM 背景 | 全球 | 2026 / USD 25.89B | 2034 / USD 65.70B | 12.4% | 自上而下市场报告摘要 | 中 | 包含员工 / 内部 IAM;不是 Transmit 的直接 TAM |
| Grand View Research | 身份验证相邻市场 | 全球 | 2022 / USD 9.87B | 2030 / USD 33.93B | 16.7% | 自上而下市场报告摘要 | 中 | 相邻验证类别不应在窄 CIAM 内重复计算 |
| 作者基于证据约束的工作区间 | 直接 2026 CIAM TAM | 全球 | 低 / USD 12.6B | 基准 / ~USD 19B;高 / USD 41.75B | N/A | 三角校验窄口径和宽口径公开研究 | 低-中 | 可用作区间,而不是经审计的单点 TAM |
本表刻意保留公开边界的不兼容性,而不是强行制造假共识 TAM;Transmit 的实际 SAM 仍取决于行业组合、地域和部署模型,这些都未公开披露。
[CM008, CM009, CM010, CM011, CM012, CM013]实用的规模分层从更宽的 IAM 语境开始,收窄到直接 CIAM,再进一步收窄到与 Transmit 相关的受监管或高频客户旅程切口。
最后一层是作者估算,不是出版机构数据;纳入它是因为公开来源没有单独切出最贴近 Transmit 实际市场的 passkey + 欺诈 + 验证切口。
[CM011, CM015, CM016, CM017, CM040]公开市场规模估算给出的直接客户身份支出区间很宽,但有来源支撑;它不是一个共识 TAM。
基础值是用于可视化分歧的分析中点,不是引用的分析师预测。
[CM008, CM009, CM010, CM013, CM015]2.3 买方、用户和付款方分层
客户身份软件由机构购买,却由机构的终端客户使用,这让买方地图比多数安全品类更复杂。MarketsandMarkets 明确围绕关键利益相关方、购买标准、采用障碍和终端垂直行业来描述 consumer IAM。在企业部署中,Microsoft 文档显示通行密钥 rollout 由策略驱动、由管理员启用,因此 champion 通常是身份或安全领导。在消费者应用中,用户是登录的账户持有人,但买方和付款方是应用运营方的产品、安全、欺诈和合规职能。采用也按阶段推进:支持 WebAuthn 的设备和浏览器、MFA 注册、relying-party-domain 配置、通行密钥注册流程,然后是完整生命周期管理。最迫切的买方来自拥有大规模消费者账户和可衡量欺诈敞口的行业——银行与 fintech、电商与 marketplace、旅行与酒店、医疗与公共服务,以及其他拥有转化敏感认证漏斗的数字平台。当这些行业希望用一个控制平面覆盖登录、核验、欺诈、同意和客户生命周期编排,而不是拼接点产品时,Transmit 的相关性最强。[CM018, CM019, CM020, CM021, CM022, CM023]
| 细分市场 | 买方 / 推动者 | 终端用户 | 付款方 | 工作流 | 预算负责人 | 采用触发因素 |
|---|---|---|---|---|---|---|
| 银行 / 金融科技 | CISO、欺诈负责人、数字认证负责人 | 零售银行或支付客户 | 安全 + 欺诈 + 合规预算 | 登录、找回、支付认证 | 风险委员会 / 数字安全预算 | PSD2/SCA 压力、ATO 损失、深伪欺诈 |
| 电商 / 市场平台 | 产品增长 + 身份 / 安全 | 买家或卖家 | 产品 + 欺诈预算 | 注册、登录、结账、账号找回 | GM / 产品负责人,安全共同审批 | 转化摩擦、机器人 / ATO 损失、客服成本 |
| 旅游 / 酒店 | 数字产品 + 客户体验安全负责人 | 旅客或会员计划成员 | 数字体验预算 | 会员登录、预订、账号找回 | 客户平台预算 | 账号量高、会员欺诈、跨设备登录 |
| 医疗 / 公共服务 | CIO/CISO + 隐私官 | 患者或公民 | 合规 + 数字化转型预算 | 门户访问、注册、升级验证 | 合规牵头的数字项目 | 敏感数据、隐私监管、身份保障需求 |
| B2B SaaS / 消费者平台 | 身份平台负责人 + 产品安全 | 外部企业用户或消费者 | 平台工程 + 安全预算 | SSO、passkeys、委托管理、同意与生命周期 | 平台或基础设施预算 | 平台整合与无密码上线 |
不同垂直行业里,买方、用户和付款方并不相同;共同点是终端用户通常是客户,运营方则从数字产品、安全、欺诈或合规预算中付费。
[CM017, CM018, CM019, CM020, CM021, CM022]同一套买方、用户、付款方拆分,也意味着不同分群和风险层级会选择不同 passkey 政策;表格本身没有展示这一点。
[CM019, CM020, CM021, CM022, CM036, CM037]身份现代化通常沿着一条多步骤链条被采购:从风险触发,到 passkey 生命周期运营,再到客户结果。
[CM006, CM007, CM021, CM023, CM024, CM025]2.4 增长驱动、采用约束与开放缺口
需求上升的原因很具体,不是停留在理论层面。FIDO 称超过 150 亿个线上账户可利用通行密钥,Mobile ID World 报道认知提升和主要平台 rollout。欺诈压力也体现在硬货币损失上:FTC 称美国消费者 2024 年报告的欺诈损失超过 USD 12.5B,UK Finance 称 2023 年欺诈损失为 GBP 1.17B。Signicat 调查还显示,AI 已深度卷入身份欺诈,包括 deepfake。这些驱动与 GDPR、CCPA 和 PSD2 式认证要求交汇,使客户身份成为横跨风险、合规和增长的预算项。但可用不等于采用。USENIX 和 MDPI 都描述了恢复摩擦、技术问题、监管要求和用户感知问题导致 rollout 缓慢;Microsoft 还指出,管理员仍不能完全看到或控制同步通行密钥存放在哪里。因此需要保留这个矛盾:市场显然在扩张,但 Transmit 特定的精确 SOM、买方预算拆分,以及各细分通行密钥激活率仍披露不足,需要管理层尽调,而不是表格外推。[CM006, CM007, CM023, CM028, CM029, CM030]
| 驱动 / 约束 | 方向 | 时间 | 含义 | 尽调问题 |
|---|---|---|---|---|
| GDPR 与 CCPA 隐私义务 | 加速因素 | 已生效 | 身份、同意和数据处理变成有预算的合规要求 | Transmit 需求中,隐私驱动与欺诈驱动各占多少? |
| PSD2 式强客户认证 | 加速因素 | 欧盟支付已生效;对受监管行业仍然相关 | 客户认证 UX 和保障能力对银行及金融科技企业具备战略重要性 | 管线中有多少与支付和受监管的找回流程有关? |
| Passkey 平台可用性 | 加速因素 | 2024-2026 | 大型平台支持减少了推迟上线的技术借口 | 客户中有多少已在试点之外激活 passkeys? |
| AI 驱动的身份欺诈与深伪 | 加速因素 | 2024-2026 | 更强认证叠加欺诈控制变得更急迫 | 哪些垂直行业购买 Transmit,是为了欺诈结果,而不只是 CIAM 现代化? |
| 无密码带来的转化与支持成本 ROI | 加速因素 | 当前 | 产品和安全团队可以共同出资 | 买方是否看到登录成功率或支持成本下降的可量化改善? |
| 账号找回与生命周期摩擦 | 约束 | 当前 | 即使 passkeys 可用,企业与受监管场景的上线速度仍会被拖慢 | Transmit 如何处理找回、委托和跨设备兜底? |
| 同步 passkeys 的治理与设备可见性限制 | 约束 | 当前 | 高度受控环境中的接受度会下降 | 管理员能否审计凭证位于何处,以及如何吊销? |
| 细分渗透率与定价缺少公开数据 | 约束 | 持续 | 无法做干净的公开 SOM 建模,只能依赖管理层尽调 | 要求提供按垂直行业划分的胜率、ACV,以及按队列划分的 passkey 激活率 |
这组因素有意同时纳入外部市场驱动和内部尽调障碍;做估值时,采用速度比表面 TAM 更关键。
[CM006, CM007, CM023, CM024, CM025, CM026]03竞争对手
3.1 竞争格局与同业类别
Transmit 面对的不是一组干净的竞争对手。证据把市场分成五类。第一类是直接 CIAM 和编排同业:Okta/Auth0 与 Ping/ForgeRock,二者都能把客户身份加工作流工具卖进同一套企业评估。第二类是分发能力很强的既有厂商,如 Microsoft Entra 和 CyberArk;它们未必从同样的产品 DNA 出发,但能用更广的身份或安全套件吸收相邻支出。第三类是开发者优先的相邻玩家,如 Descope 和 Stytch,强调快速迁移、灵活 API,以及透明或半透明的用量定价。第四类是替代方案,如 Keycloak 和内部自建,可以覆盖核心登录、联合和用户管理需求,无需购买大型商业平台。第五类是更广义身份安全栈中的潜在进入者,它们能把客户访问交叉销售到既有账户。 这个分层重要,因为买家同时关注欺诈压力和编排时,Transmit 的胜场最清晰。公开和独立证据都指向一个统一栈,覆盖 CIAM、身份核验、欺诈和重通行密钥旅程。这比泛泛的“identity platform”更窄,也更值钱。反过来,只需要商品化登录、合作伙伴 SSO 或低摩擦 greenfield 开发者工具的买家,有很多可信替代方案。公开规模也偏向既有厂商:Okta 和 CyberArk 提供十亿美元收入锚点,Ping 服务超过半数 Fortune 100,Microsoft 的 bundle gravity 是小厂商无法匹配的。[CP001, CP004, CP005, CP006, CP008, CP017]
| 竞争对手 | 类型 | 规模 / 融资信号 | 目标客户 | 差异化 | 局限 / 方向 |
|---|---|---|---|---|---|
| Transmit Security | 直接同业 / 研究对象 | $543M Series A;大型企业银行与消费者规模信号 | 银行、金融科技、保险,以及其他高欺诈消费者旅程 | 在一个运行时中统一 CIAM + 欺诈 + 验证 + 编排 | 企业定价不透明;公开证据集小于最大型既有厂商 |
| Okta / Auth0 | 规模化直接既有厂商 | FY2026 收入 $2.919B;生态和开发者熟悉度 | 企业员工身份,加上客户身份建设者 | 可扩展性、应用生态、成熟打包、强开发者触达 | 企业定价需询价;模块蔓延,加上历史事故 / 可靠性包袱 |
| Ping Identity / ForgeRock | 直接既有厂商 / 编排权重高 | 覆盖超过半数 Fortune 100;合并后范围包括 CIAM + 员工身份 + 治理 | 需要混合部署或重标准身份的受监管企业 | 不绑定厂商的编排、混合部署、深度联邦身份能力 | 并购后平台统一仍是执行变量 |
| Microsoft Entra External ID | 捆绑权重高的既有厂商 | 装机基础庞大;External ID 前 50k MAU 免费 | 已标准化采用 Azure 和 Microsoft 365 的企业 | 捆绑杠杆、采购熟悉度、跨产品控制平面 | 外部身份迁移仍在演进;更深 CIAM 可能需要额外 SKU |
| Descope | 开发者优先的相邻玩家 | 数千家组织;从初创公司到 Fortune 500 的叙事 | B2B SaaS、产品团队、外部身份建设者 | 可视化工作流、快速迁移、强 B2B CIAM 构件 | 公开信任与规模证明仍弱于头部既有厂商 |
| Stytch | 开发者优先的替代品 | $90M Series B,估值 $1B;3,500+ 开发者 | 绿地产品团队和无密码优先建设者 | API 优先打法、透明免费层、低摩擦采用 | 大型受监管企业替换获胜的公开证据较少 |
| CyberArk | 相邻既有厂商 | 收入 $1.361B;ARR $1.44B;广泛的身份安全套件 | 购买平台化身份安全的大型企业 | 客户访问,加上 B2B、生命周期、治理和机器身份相邻能力 | 目前并不是最清晰的纯 CIAM 替代品 |
| Keycloak / 内部自建 | 现状替代品 | 开源软件加内部工程时间 | 优先考虑控制权、自托管或低现金支出的团队 | 无许可费、标准支持强、可广泛定制 | 运维负担、升级复杂度,以及较弱的封装欺诈能力 |
选取的 2026 年格局覆盖直接同业、既有厂商、开发者优先的相邻玩家,以及主要自托管替代品;各行比较的是威胁形态,不是经审计的市场份额。
[CP004, CP005, CP006, CP008, CP017, CP023]对评审范围内各厂商的公开产品宽度与分发或信任杠杆作序数映射。
坐标轴是依据保留的官方和独立证据,对宽度、分发和信任姿态给出的序数评分,而非发布过的市场份额或胜率数据集。
[CP006, CP008, CP017, CP023, CP024, CP028]3.2 能力、信任与买方匹配
能力宽度是 Transmit 仍具实质差异化的地方。官方产品证据和独立评测都显示,Mosaic 在一个运行时里合并 CIAM、编排、身份核验、通行密钥和欺诈控制。Ping 在编排开放性和混合灵活性上竞争最强:其公开材料强调 vendor-agnostic flows、多云与本地集成,以及把外部风险和核验服务接入 no-code 层的能力。Okta/Auth0 在成熟开发者扩展性和生态熟悉度上竞争最强;Microsoft 则把外部身份折叠进 Azure 和 Microsoft 365 买家已经熟悉的更广控制平面和定价模型。Descope 和 Stytch 把市场拉向相反方向,突出可视化工作流、SDK、API,以及更快的迁移或 rollout 路径。 信任姿态也不均衡。每家主要既有厂商都有公开企业采购界面,但释放的强项不同。Okta 和 Microsoft 直接暴露运营状态与事故历史,这对尽调有价值,也让可靠性集中风险可见。Ping 和 CyberArk 依靠企业广度、混合支持,以及相邻治理或机器身份能力。Descope 已经打包 trust-center 体验;而在已审阅证据中,Transmit 最强的公开信任信号来自金融服务适配、通行密钥准备度和重欺诈用例,而不是广泛的公开认证。实际结果是:在受监管、高欺诈的 B2C 旅程中,Transmit 看起来最强;开放性或 bundle 杠杆占主导时,Ping 和 Microsoft 更强;开发者主导或迁移速度主导的 motion 中,Descope 或 Stytch 更强。[CP001, CP002, CP003, CP012, CP015, CP016]
| 能力 | Transmit | Okta/Auth0 | Ping/ForgeRock | Microsoft Entra | Descope | Stytch | CyberArk | Keycloak/internal |
|---|---|---|---|---|---|---|---|---|
| 身份编排 / 旅程设计 | 强 | 中等 | 强 | 有限 | 强 | 有限 | 中等 | 有限 |
| 认证层内嵌欺诈 / 风险信号 | 强 | 中等 | 中等 | 有限 | 中等 | 有限 | 中等 | 有限 |
| Passkeys / 无密码广度 | 强 | 强 | 强 | 中等 | 强 | 强 | 中等 | 中等 |
| B2B / 租户 / 委托管理深度 | 中等 | 强 | 强 | 中等 | 强 | 中等 | 强 | 中等 |
| 混合 / 本地部署灵活性 | 有限 | 有限 | 强 | 中等 | 有限 | 有限 | 中等 | 强 |
| 相邻治理 / 机器身份覆盖 | 有限 | 中等 | 强 | 中等 | 有限 | 有限 | 强 | 有限 |
| 开发者自助 / 低摩擦采用 | 中等 | 强 | 中等 | 中等 | 强 | 强 | 有限 | 中等 |
单元格是基于已收集的产品、定价和独立对比证据做出的方向性判断;「强」不代表功能完全同等,只代表在所列购买标准上的相对公开强度。
[CP001, CP003, CP012, CP015, CP016, CP019]不同厂商各自适配不同买方画像;当欺诈压力让身份栈本身变成战略资产时,Transmit 最合适。
买方适配标签综合了保留证据中的目标分群、包装和部署姿态,应理解为方向性适配判断,而非经审计的客户结构数据。
[CP006, CP015, CP016, CP019, CP024, CP025]3.3 定价、分发与切换
商业结构是最清晰的竞争分界之一。Transmit、Ping 和企业版 Okta 客户身份包仍以报价为主;Microsoft、Auth0、Descope 和 Stytch 都至少公开部分用量或免费层锚点。其中 Microsoft 战略上最重要,因为其前 50,000 MAU 免费层嵌在更大的 bundle 故事里:买家必须考虑 Azure 或 Microsoft 365 内的增量 Entra 成本,而不只是标价。VendorBenchmark 明确认为,这会改变每一家独立身份供应商的谈判框架。Okta 仍重要,因为其身份覆盖和生态让它成为许多企业的默认 benchmark,但其打包方式也带来模块蔓延和续约压力风险。Auth0、Descope 和 Stytch 更透明、更开发者友好,即使企业折扣仍然重要,也会降低评估摩擦。 分发和切换成本则朝另一方向作用。Ping 触达超过半数 Fortune 100,Microsoft 拥有装机基础引力,二者都有强大的账户级入口。CyberArk 从相邻身份安全方向带来同样风险。公开证据对 Transmit 切换成本的支撑是方向性的,而非结论性的:一旦欺诈、核验和 CIAM 交织在一起,统一运行时应带来粘性,但公开来源没有提供续约 cohort 或 attach-rate 证据。因此,多宿主是现实的基准情形。买家可以用点工具、厂商中立编排或自托管替代方案保留谈判杠杆,尤其当其工作负载不足以支撑为欺诈感知编排支付溢价时。[CP007, CP009, CP013, CP017, CP020, CP022]
| 厂商 | 公开定价姿态 | 商业锚点 | GTM / 分销 | 切换或多归属含义 |
|---|---|---|---|---|
| Transmit Security | 无公开标价 | 企业报价;独立报道称最低合同额为六位数 | 面向欺诈较重的 B2C 账户直销企业客户 | 只有在欺诈、验证和 CIAM 交织后,粘性才可能较强 |
| Okta / Auth0 | 部分透明 | Okta 企业询价,加上 Auth0 MAU / 免费层阶梯 | 大型企业现场销售,加上强开发者漏斗 | 扩展模块和生态熟悉度抬高切换摩擦 |
| Ping / ForgeRock | 报价驱动 | 演示驱动的打包,配合伙伴和现场销售打法 | Fortune 100 企业触达和既有混合部署资产 | 开放性可降低重写风险,但平台深度仍会带来迁移成本 |
| Microsoft Entra External ID | 入口透明,真实总成本不透明 | 前 50k MAU 免费,加上 Azure/M365 捆绑经济性 | EA 驱动、Azure 消费牵引的分销 | 捆绑杠杆可能迫使独立厂商降价或丢份额 |
| Descope | 用量入口透明 | 免费起步、超量收费、高阶迁移和 FGA 上售 | 产品驱动,加上向 B2B SaaS 的企业扩张 | 快速迁移姿态降低试用摩擦,并保留买方选择权 |
| Stytch | 用量入口透明 | 10k MAU 免费,无价格悬崖,超过后按用量收费 | 开发者牵引的绿地打法 | 企业治理需求较轻时,易于试点或多归属 |
| CyberArk | 报价驱动的套件定价 | 围绕更广身份安全的平台销售 | 安全套件与渠道驱动的企业打法 | 相邻能力可赢得预算整合,但不总是干净的 CIAM 替换 |
| Keycloak / 内部自建 | 软件无许可费 | 现金成本低;人工和集成成本高 | 自助采用,加 SI / 内部工程 | 厂商支出低,但一旦深度定制,运维锁定高 |
本表比较公开定价可见度和上市路径,不比较实际合同价格。企业 CIAM 交易的准确生产定价仍是尽调缺口,因为多家厂商只披露部分锚点。
[CP007, CP009, CP013, CP017, CP020, CP022]几个公开规模和包装锚点解释了:即便 Transmit 产品看起来有差异化,买方仍能保持议价力。
[CP004, CP008, CP017, CP020, CP031]3.4 护城河耐久度与负面证据
护城河问题的核心,不是 Transmit 是否拥有有价值的产品功能,而是当身份变得更可组合时,这些功能是否仍然稀缺。最强的看多论点是,重欺诈客户旅程受益于认证、身份核验、编排和欺诈决策之间共享状态,单一运行时能在安全性和转化率上胜过拼接栈。最强的看空论点是,许多买家并不需要完整栈。欺诈较低时,基础 CIAM 可以来自 Auth0、Descope、Stytch、Microsoft,甚至 Keycloak,评估摩擦明显更低,且往往有公开免费层或既有 bundle 杠杆。 负面证据让这个担忧更尖锐。Okta 过去的支持系统 breach 和持续的状态事件说明,成熟既有厂商仍有平台和集中度风险。Microsoft 的 bundle 力量与 Keycloak 的开源可用性,为无差异登录压住价格伞。Ping 合并后的范围在战略上可信,但其集成路线图也意味着客户会继续追问重叠和可选性,而不是凭信念接受单一套件未来。CyberArk 随身份安全套件拓宽,又带来一个相邻威胁。承销结论是:只有当 Transmit 持续证明,在欺诈敏感旅程上结果优于更便宜或分发更深的替代方案时,其护城河才耐久。公开证据方向上支持该 thesis,但还没有赢率、实际定价或留存证据,足以把护城河称为闭式结论。[CP007, CP010, CP011, CP018, CP021, CP031]
| 护城河主张 | 支撑证据 | 威胁 / 替代品 | 严重性 | 尽调问题 |
|---|---|---|---|---|
| 统一 CIAM + 欺诈 + 验证运行时 | Transmit 产品功能面和 CIAM Compass 都强调一个运行时 | Auth0、Descope、Stytch 或 Keycloak 能以更低成本覆盖低欺诈 CIAM | 高 | 量化欺诈感知编排在多大频率上改变胜率,或减少点工具数量 |
| 企业银行 / 金融科技适配 | Transmit 融资新闻稿和独立评测都聚焦高欺诈金融用例 | Microsoft 和 Ping 仍可借捆绑或混合身份控制点进入同一批账户 | 高 | 要求提供在受监管消费者环境中对 Microsoft、Ping 和 Okta 的可背调获胜案例 |
| 工作流速度作为差异化 | Transmit、Ping 和 Descope 都营销可视化或无代码编排 | 编排本身正成为直接和相邻竞争对手的基本配置 | 中 | 要求提供按旅程衡量的部署时间优势,以及转化 / 欺诈提升 |
| 多模块采用带来的切换成本 | 多个模块上线后,统一运行时意味着粘性 | 公开证据未披露 Transmit 留存、附加率或扩张队列 | 高 | 获取队列留存和模块附加数据,验证经济锁定 |
| 既有厂商可靠性与信任缺口创造机会 | Okta 事故历史和持续状态事件显示,既有厂商信任并不完美 | 大型既有厂商仍保有规模、采购熟悉度,以及买方可能偏好的状态透明度 | 中 | 映射目标账户中的事故响应和可靠性预期,而不是假设买方已厌倦既有厂商 |
| 平台相邻风险目前仍可控 | CyberArk 范围广,但仍属相邻;Ping 集成仍在推进中 | 相邻能力可通过交叉销售、收购和捆绑压力快速加深 | 中 | 每次重大平台发布或并购后里程碑后,重新检查竞争威胁 |
严重性反映的是 Transmit 相对护城河的下行风险,而非厂商整体质量。若干行有意把产品差异化与经济证据拆开,因为公开证据对前者的支撑强于后者。
[CP007, CP018, CP022, CP023, CP030, CP031]3.5 图表
04财务
4.1 收入流、定价与收入质量
Transmit Security 现在披露的定价细节,足以建立粗略收入架构,尽管公司仍未披露实际定价、折扣和模块组合。公司显然在销售高客单价企业平台,而非自助式开发者 SKU:完整 Mosaic 套件标价从 $200,000 起,identity-only SKU 为 $100,000,fraud and threat detection 为 $100,000,identity verification 为 $50,000,计费与 MAU、登录量或 ID 检查次数挂钩。这种结构指向经常性订阅收入,但也意味着实际 ACV 会随部署架构和用量画像出现明显差异。 尚未得到支撑的是核心 CIAM 订阅、欺诈模块、身份核验,以及任何付费实施或支持服务之间的组合。公开来源没有披露 bookings 中有多少比例来自最大银行部署与较小企业账户,Microsoft 或其他合作伙伴是否影响 take rate,或专业服务与软件收入各占多少。因此,财务承销能确认标价质量,但不能确认实际收入质量。 [CI001, CI002, CI003, CI004, CI005, CI006]
| 来源 | 机制 | 计费单位 / 公开信号 | 当前状态 | 收入质量 | 尽调要求 |
|---|---|---|---|---|---|
| 客户身份 / 编排订阅 | CIAM 与编排的年度企业订阅 | 公开入门档以 100K MAUs 为基线 | 已明确商业化,并定位为核心 SKU | 经常性收入,但实际折扣不透明 | 提供身份 / 编排的 ARR 与订单拆分 |
| 欺诈检测与响应 | 年度订阅,与欺诈 / 威胁检测使用量挂钩 | 公开入门档以 10M 次登录为基线 | 已明确商业化,并有独立 SKU | 经常性但与事件挂钩;交付成本可能更波动 | 提供欺诈模块毛利率与附加率 |
| 身份验证 | 面向身份核验和类 KYC 场景的订阅 / 交易定价 | 以 100K 次 ID 检查为基线 | 已明确商业化,并有独立 SKU | 可能低于纯软件毛利率,因为使用量按次计费 | 提供验证供应商成本栈与转嫁经济性 |
| 实施 / 支持服务 | 无公开价格表;企业上线与支持承诺暗示存在 | 经济上重要,但未披露 | 可能显著影响毛利率和现金转化 | 提供服务收入占比、可计费费率与附加比例 | |
| 合作伙伴辅助采购 | 不是独立收入来源;影响软件销售和预算归属 | 已披露 Microsoft 承诺支出 / 生态杠杆 | 采购加速器,而非独立收入线 | 可提高赢单率,但公开层面的渠道经济性更模糊 | 提供渠道组合、云厂商转售条款与毛利影响 |
公开标价只覆盖入门档。收入结构、实际折扣和服务附加仍未披露,因此无支撑的单元格明确标为未知,而不是估算。
[CI001, CI002, CI003, CI004, CI005, CI006]| 产品 | 公开起步价 | 用量指标 | 采购信号 | 关键限制 |
|---|---|---|---|---|
| 完整 Mosaic 平台 | $200,000/year | 100K MAUs | 企业报价;Microsoft 承诺支出折扣被用于营销 | 仅为起点;未公开更高用量阶梯 |
| Mosaic for Identity 身份产品 | $100,000/year | 100K MAUs | 企业报价 | 未披露实际成交价或多年期折扣 |
| 欺诈和威胁检测 | $100,000/year | 10M logins | 企业报价 | 基于事件的计费会让经济性偏离纯席位 SaaS |
| Identity Verification | $50,000/year | 100K 次 ID 检查 | 企业报价 | 按次检查模式意味着直接暴露于可变成本 |
| B2B / Workforce Identity | 未公开列价 | 仅定制报价 | 仅走联系销售流程 | 未披露公开价格、服务费率表或打包政策 |
本表把公开入门档标价,与更大的未知区分开:谈判后的企业条款、更高用量档位、合作伙伴主导采购让利。
[CI001, CI002, CI003, CI004, CI005, CI006]公开定价说明企业客户活动如何转化为合同软件收入;身份验证和欺诈产品则增加与用量挂钩的收入单位。
这座桥只展示公开变现路径;它不意味着公司披露了收入结构或各模块收入确认时点。
[CI001, CI002, CI003, CI004, CI005, CI006]4.2 GTM Motion 与销售效率代理指标
Transmit 的公开证据指向直接企业销售、重解决方案工程的 go-to-market motion,并选择性借助伙伴杠杆。最强证据不是广泛客户数披露,而是一组很窄但体量很大的部署和引用故事:一家覆盖 2 亿客户和七个 app 的全球银行,一家美国领先银行提到欺诈减少 98%、一个月达成 time to value,Aflac 报告通行密钥采用率 32%、登录成功率 96%,并在约两个月内上线。这些都是扩张收入和高管销售的强 proof points,但不是典型 SaaS 效率指标。 Microsoft 合作文章补充了一个财务上重要的采购线索:Transmit 试图搭乘已承诺云支出和伙伴折扣,这可能压缩受监管企业漏斗顶部的销售摩擦。同时,评测反复指出产品需要专业能力来集成、集中管理规则和扩展。这种组合通常意味着更大的初始 deal size 和强 ROI 故事,但也意味着昂贵的售前、开户注册和客户成功 motion;公开来源从未用 CAC 或 payback 量化这些成本。 [CI008, CI009, CI010, CI011, CI012, CI013]
| 指标 / 代理值 | 公开数值 | 置信度 | 重要性 | 尽调要求 |
|---|---|---|---|---|
| 收入 / ARR 规模 | $33.4M 至 >$100M | 低 | 为 CAC、跑道和毛利吸收能力定背景 | 提供月度 ARR、收入和订单桥接表 |
| 员工规模 | 308 至 368 名员工 | 低 | 需要用来测算 opex 负载和人均收入 | 按职能提供完全负担口径 FTE 人数 |
| 隐含人均收入 | ~$91K 至 ~$326K,来自公开区间推导 | 低 | 区间极宽,说明披露薄弱,而非真实生产率 | 提供实际 FTE 人均收入和招聘计划 |
| 同业毛利率基准 | Okta 总毛利率 77% / 订阅毛利率 80% | 中 | 为规模化身份平台的软件化上限定框 | 按模块和服务提供 Transmit 毛利率 |
| 同业 S&M 负担基准 | Okta 销售与市场费用占收入 35% | 中 | 显示企业身份 GTM 可能多贵 | 提供 Transmit S&M、quota 产能和回本队列 |
| 公开 ROI / 部署代理值 | 银行 1 个月达到价值;Aflac 约 2 个月上线 | 中 | 说明即便定价较高,买方 ROI 门槛仍可能过关 | 提供实际 CAC 回本、部署成本和续约扩张数据 |
各行混合直接公开观察与明确标注的派生代理值。null 或宽区间说明承销需要的私有指标未公开披露。
[CI013, CI016, CI024, CI025, CI026, CI027]公开案例研究没有披露 CAC 或回本周期,但它们展示了 Transmit 用来证明高端企业定价合理性的经营结果。
这张图有意做成定性呈现,因为公开来源只给出结果代理指标,没有披露真实 CAC、CAC 回收期或续约经济性。
[CI008, CI011, CI012, CI013, CI014, CI015]4.3 成本结构与毛利率驱动
成本结构只能推断,但方向清晰。核心 CIAM 和编排模块看起来像软件业务,但 Transmit 并不是只卖极简认证 API。其产品集在核心登录流程上叠加欺诈评分、行为分析、身份核验和 active-active 多云韧性。每项功能都可能增加托管、模型推理、遥测或第三方核验费用,而纯 passwordless toolkit 不会承担这些成本。身份核验的公开标价明确按每 100,000 次 ID 检查计费,这进一步说明至少部分收入模型带有直接事件挂钩交付成本。 保留证据中最好的公开 benchmark 是 Okta 的 2026 10-K:总毛利率 77%,订阅毛利率 80%,销售与营销等于收入的 35%,且人工和第三方托管在订阅收入成本中仍占重要比例。这不能证明 Transmit 的毛利结构,但能框定一个合理的软件区间,同时提醒我们,云身份业务在交付和 go-to-market 上仍重投入。 [CI018, CI034, CI035, CI036, CI037]
Transmit 的现金需求可能不主要来自实物资本开支,而来自云可靠性、验证量和企业交付强度。
这张矩阵映射的是公开成本驱动因素,不是已披露费用科目金额。公开来源没有给出 Transmit 的实际托管账单、服务毛利率或验证转嫁成本。
[CI018, CI034, CI035, CI036, CI037, CI041]4.4 公开牵引力与私有指标缺口
公开牵引力比公开财务更容易证明。新闻和案例研究材料中点名或引用的客户包括大型金融机构和保险公司;FeaturedCustomers 称该平台支持的品牌每年负责超过 $2 trillion 商业交易;Business Wire 称美国前十大银行中的七家信任 Transmit;公开客户故事也显示极大规模的生产使用。难点在于,这些牵引力信号无法调和成可靠收入基数。保留数据库和估算网站给出的范围从 $33.4 million 收入,到 $60.8 million 收入,再到超过 $100 million ARR;员工数估计则从 308 到 368。 这个区间太宽,无法做干净承销,也没有已审计财务报表来锚定模型。SEC EDGAR 没有为 Transmit 本身提供明显 public-issuer 轨迹;保留的公司、评测和数据库来源也不披露毛利率、burn、runway、NRR、客户集中度或模块组合。因此,公开牵引力支撑商业相关性,但不能精确判断当前规模或效率。 [CI019, CI022, CI024, CI025, CI026, CI027]
| 缺失私有指标 | 重要性 | 最佳公开代理值 | 精确尽调路径 |
|---|---|---|---|
| 按模块和服务拆分的收入结构 | 没有结构,就无法判断定价质量和毛利组合 | 仅有公开标价和案例研究规模 | 要求提供产品线收入结构和前 10 大客户组合 |
| 按产品线拆分的毛利率 | 软件质量的核心承销指标 | Okta 同业基准加架构推断 | 要求按认证、欺诈、验证和服务提供月度毛利率 |
| CAC、回本和销售生产率 | 评估企业 GTM 动作效率必须看这些指标 | 仅有案例研究 ROI 和部署速度代理值 | 要求按渠道提供 CAC、quota 达成率和回本队列 |
| 现金余额、烧钱和跑道 | 评估融资依赖必须看这些指标 | 单次历史融资轮,加上无公开现金披露 | 要求董事会口径现金桥接和 12–24 个月运营计划 |
| 净留存和客户集中度 | 评估扩张质量和下行风险必须看这些指标 | 仅有具名 logo 和评论评分 | 要求 NRR / GRR、cohort 扩张和大客户暴露 |
| 更高用量定价阶梯和服务费率 | 模型化银行规模下实际 ACV 和 TCO 必须看这些指标 | 仅有 100K-MAU 基线;无公开专业服务费率表 | 要求标准订单、折扣区间和实施 SOW 惯例 |
本图表把每个无支撑指标转化为具体尽调要求,让公开数据缺失被明确呈现,而不是被静默假设掉。
[CI028, CI029, CI038, CI039, CI040]第三方公开规模估算分歧很大,只能判断方向,撑不起精确承保。
每个区间都反映公开数据集互相冲突,而不是管理层指引。这张图旨在展示不确定性,并不暗示区间内存在最佳估算。
[CI020, CI021, CI024, CI025, CI026, CI027]4.5 资本充足性与融资依赖
资本充足性是本章最难用公开证据承销的部分。历史事实很强:Transmit 在 bootstrap 之后,于 2021 年由 Insight Partners 和 General Atlantic 领投的单轮 Series A 中融资 $543 million。对一家私有身份供应商来说,这是一笔很大的资本基础;保留新闻和 Tracxn 也没有显示后续已披露融资轮。这些事实反驳了资产负债表明显脆弱的判断。 但这些事实没有回答投资人真正需要的前瞻问题:这笔资本还剩多少,当前 burn 画像如何,公司是否自由现金流为正,什么触发条件会迫使下一轮融资。没有保留公开来源给出现金余额、月 burn、runway 月数、债务或二级流动性细节。实际结论是,Transmit 公开上不像陷入困境,但 2021 年之后的融资依赖仍未解决,直到管理层提供当前现金桥和预测。 [CI020, CI021, CI023, CI039, CI040, CI042]
| 指标 | 公开证据 | 评估 | 含义 | 尽调要求 |
|---|---|---|---|---|
| 最近一次披露的股权融资 | $543M Series A 轮,2021-06-22 | 有充分交叉验证的历史事实 | 相对典型私有身份厂商,历史缓冲很大 | 提供当前股权结构表,以及 2021 年以来任何结构化融资 |
| 最近一次披露的估值 | 投前约 $2.2B / 交易口径约 $2.3B | 已交叉验证的区间,不是当前标记 | 只能作为过时基准;不是当前估值信号 | 提供最新董事会、409A 或融资标记 |
| 后续公开融资轮次 | 保留的公开来源中未发现 | 中等置信度的负面发现 | 可能意味着不需要融资、未披露,或存在非股权融资 | 确认债务、二级流动性或任何未披露一级资本 |
| 账上现金 | 公开不可得 | 无法承销跑道 | 提供月度现金桥接和当前流动性 | |
| 月度烧钱 / 跑道月数 | 公开不可得 | 融资依赖仍未解决 | 在基准 / 下行情景下提供总烧钱、净烧钱和跑道 |
本章刻意聚焦前瞻资本充足性,而不是复述完整历史融资时间线。无支撑的单元格保留 null,并转化为明确尽调问题。
[CI020, CI021, CI023, CI039, CI040]4.6 财务结论
Transmit Security 的公开财务图景质量有吸引力,但完整度偏弱。有吸引力的部分很直接:企业标价真实存在,在大型银行和保险公司的客户证据可信,案例研究显示可衡量的经济结果,应能支撑溢价 ACV 和扩张销售。薄弱部分同样重要:公开证据无法让投资人有信心测算当前收入、组合、毛利率、CAC、净留存、burn 或 runway。 因此,财务结论是有条件的,而不是看多或看空。公司已经规模化服务受监管企业,收入质量看起来优于早期 product-market-fit 故事;但披露质量明显低于承销所需。本章可以通过商业可行性门槛,但还达不到财务就绪门槛。管理层 data room 对收入组合、按模块毛利率、现金余额、burn 和下一轮触发条件的披露,是硬性尽调阻断点。 [CI028, CI029, CI039, CI040, CI041, CI042]
4.7 图表
05产品与技术
5.1 用工作流定义产品
Transmit Security 现在更像把 Mosaic 呈现为统一身份安全操作层,而不是点状 CIAM 产品。官方平台和文档界面持续把身份管理、欺诈防控和身份核验打包在一个品牌下,再把编排作为控制平面,用来决定在注册、登录、账户恢复、支付或其他高风险动作中应由哪项服务介入。这个框架重要,因为客户买的不只是登录 SDK;他们买的是一个工作流引擎,可在同一旅程中选择通行密钥、OTP、身份核验、设备智能和欺诈控制。 从具体用户工作流看,公开界面显示五项核心任务。第一,Mosaic 用通行密钥、OTP、移动生物识别、magic links 和社交登录处理基础认证。第二,它跨客户和业务场景管理身份与用户库。第三,它在认证前、中、后插入风险和欺诈控制。第四,它为开户注册和 step-up 事件执行身份核验。第五,它把这些思路延伸到机器和自动化访问,而不是把 API 和 agent 当成事后补丁。因此,产品宽到足以对银行和保险公司产生战略意义,也宽到让实施质量和治理与功能数量同等重要。[CE001, CE004, CE005, CE006, CE007, CE008]
| 用户任务 | 当前工作流信号 | Transmit 方案 | 可衡量收益 | 限制 |
|---|---|---|---|---|
| 客户注册 / onboarding | Journey 编排加身份验证 | 编排注册流程,并在信任度低时触发 IDV 或风险检查 | 可把 onboarding、欺诈和身份核验压进一条 journey | 没有覆盖广泛客户群的公开转化率或放弃率基准 |
| 登录和重新认证 | Passkeys、生物识别、OTP、magic links 和 fallback 逻辑 | 用编排优先选择低摩擦方式,只在风险要求时升级 | 官方故事称认证失败减少 30%+,支持电话减少 70% | 结果数字来自筛选后的官方故事,而非独立测量 |
| 大型银行无密码推出 | 全球银行案例,200M 用户、7 个应用 | Authentication Services 加 FIDO2 / passkeys,后续扩展至呼叫中心 / 风险 | 证明多应用规模和登录工具整合能力 | 具名客户仍匿名,架构细节稀疏 |
| 欺诈攻击响应 | Detection and Response,带行为分析和设备信号 | 用自适应评分和预置决策替换或整合旧规则引擎 | 官方银行故事称新账户欺诈降低 98%,一个月达到价值 | 没有公开 precision-recall 或模型治理细节 |
| 保险公司消费者 passkey UX | Aflac 在现有网站嵌入品牌化 passkeys | Developer SDK 加 passkey 安全层和 UI 定制 | 采用率 32%,登录成功率 96%,约 2 个月上线 | 单个旗舰案例无法证明所有行业都可复现 |
收益来自官方案例研究和合作伙伴内容;它们说明价值可信,但不能替代 cohort 级客户分析。
[CE002, CE007, CE025, CE026, CE027, CE029]Mosaic 的卖点是一个控制平面:风险变化时,它能在低摩擦认证和更高保证的证明或欺诈检查之间切换。
[CE002, CE007, CE008, CE009, CE029]5.2 模块地图与运行架构
公开文档中支撑最强的架构事实是,Mosaic API-first 且服务分离。Transmit 发布了清晰的服务拓扑:文档识别 identity management and journeys、fraud prevention 和 identity verification 等服务族;服务总览则列出 distinct Authentication、Identity Management、Detection and Response、Identity Verification 和 Identity Orchestration offerings。结果是一张更模块化、而非单体化的产品地图。SDK 和 API 文档也强化了这一点:它们为编排、风险、身份核验和 WebAuthn 描述了不同的服务端路径和模块。 开发者姿态也强于许多私有供应商的营销网站。公开文档发布 sandbox endpoint、分地区生产 host、受 RBAC 保护的 API 界面、mTLS 和 private-key-JWT 选项,以及按模块拆分的 SDK import。npm 包和 GitHub 版图说明,公司不只是声称自己是 API platform;它在公开维护 SDK、wrapper 和 training repo。需要注意的是,公司仍主要通过集成界面披露架构,而不是深度系统设计文档。投资人能看到服务边界和开发者工具,但看不到数据存储、模型管线或租户隔离设计背后的完整内部结构。[CE003, CE005, CE006, CE011, CE012, CE013]
| 模块 / SKU | 主要用户 / 买方 | 公开状态 / 成熟度 | 差异化信号 | 尽调缺口 |
|---|---|---|---|---|
| Identity Orchestration | 身份、安全和数字产品团队 | 核心公开支柱,有独立解决方案页和无代码 journey 构建器 | 围绕注册、登录、支付和 step-up 建立控制平面叙事 | 需要客户证据,证明编排如何跨多应用、多租户扩展 |
| 认证服务 / passkeys | 消费者和员工登录负责人 | 成熟,并在客户故事中反复出现 | 组合 passkeys、生物识别、magic links、OTP 和 fallback 编排 | 需要拆解旗舰案例之外的 fallback 比率和欺诈结果 |
| Identity Management / Organizations | CIAM 和 B2B 管理员 | 已写入 API 参考和服务概览 | 同一文档中心里统一 user-store,并提供 organizations/B2B 界面 | 需要更清晰的公开细节,说明租户隔离和管理员审计功能 |
| Identity Verification | Onboarding、KYC 和欺诈团队 | 有宽口径能力页,也有 API 和 SDK 参考 | 10,000+ 个 ID 模板、活体检测、deepfake 检测、数字凭证 | 需要独立准确率基准和误报率 |
| 欺诈预防 / 检测与响应 | 欺诈运营和风险团队 | 成熟,并有银行案例研究支撑 | 行为分析、设备信号、bot 检测和 passkey-hijack 防护 | 需要评分、可解释性和模型运营架构细节 |
| 机器和自动化 ITDR | 管理 API、bot 和 agent 的安全团队 | 较新的公开界面,有详细功能页但客户证据薄 | JIT identities、API inventory、shadow-agent 控制、运行时行为分析 | 需要真实客户背书、GA 日期和采用证据 |
各行区分了文档充分的成熟模块,与能力主张跑在公开采用证据前面的较新模块。
[CE001, CE005, CE006, CE007, CE008, CE009]| 层 / 组件 | 角色 | 公开依赖 / 接口 | 关键风险 | 主张支撑 |
|---|---|---|---|---|
| API-first 控制平面 | 产品功能的统一入口 | OpenAPI 文档、sandbox + regional hosts、custom domains | 公开文档暴露接口,不暴露内部租户或数据存储拓扑 | SE007 / SE008 |
| 旅程编排(ido / cis) | 协调注册、登录、恢复和 step-up | 无代码 builder,加 orchestration SDK imports 和 APIs | 工作流蔓延会带来实施和治理负担 | SE001 / SE002 / SE009 |
| 风险服务(risk / drs / risk-collect) | 收集设备和行为信号,并给出欺诈建议 | Fraud APIs 和 SDK modules,加银行案例中的决策故事 | 模型可解释性和调优深度未公开披露 | SE004 / SE007 / SE024 / SE017 |
| 身份验证(verify / idv) | 用文档和生物识别做身份核验,并按风险升级 | Verify service ID、SDK module 和能力页 | 准确率、地理覆盖和供应商依赖细节仍是公开缺口 | SE003 / SE007 / SE024 |
| 访问控制和集成安全 | 客户端认证、mTLS、RBAC、bearer tokens、自定义域名 | 针对不同 API 类别记录了多种认证模式 | 独立评论显示仍需要有经验的集成团队 | SE007 / SE020 / SE021 |
本表只使用公开记录的接口和评论意见;不推断隐藏内部技术栈。
[CE011, CE012, CE013, CE014, CE015, CE017]公开材料显示,Mosaic 是分层的编排和服务平台,而不是单一登录组件。
[CE003, CE005, CE006, CE011, CE013]passkey、编排和欺诈等较早产品面证据更多,新近的机器身份邻接方向证据较少。
[CE010, CE018, CE019, CE028, CE031, CE032]5.3 部署、集成、可靠性与支持
从部署角度看,Transmit 的公开细节足以显示企业化意图。文档列出 sandbox 和多个生产地理区域,并支持自定义域名;SLA 给出正式的 99.99% 可用性目标、24x7 运营表述、一小时 severity-1 响应目标,并提到具备冗余网络和电力的韧性设施。这套组合比纯营销 trust page 更强,因为它出现在合同和技术文档里,而不只是首页文案。它支撑了这样一个判断:Mosaic 旨在作为云服务接入生产客户旅程,而不是轻量工具包。 同时,部署容易度不应被过度销售。客户故事显示快速上线可行:Aflac 用 SDK 在约两个月内把通行密钥嵌入自家网站,官方案例研究也描述了超大规模银行 rollout。但独立评测反复指出,产品仍需要专业集成知识、审慎工作流设计,并且某些用例需要更好的文档。正确解读是:Transmit 已为拥有解决方案架构能力的团队做好企业级准备,但不是零摩擦 plug-and-play 开发者工具。这个缺口是核心尽调点,因为当身份逻辑在应用间扩散时,工作流能力可能变成实施负担。[CE012, CE014, CE015, CE021, CE022, CE023]
公开证据显示,Transmit 更依赖云交付、外部标准和客户集成成熟度,而不是已披露专有硬件或线下分销。
[CE012, CE014, CE017, CE024, CE033, CE037]5.4 差异化、路线图与能力成熟度
Transmit 最清晰的公开差异化是栈整合。官方和独立材料都把平台描述为一种尝试:把通常由多家供应商组成的身份栈,压进一个由编排牵引的系统里;核心 CIAM、自适应认证、身份核验和欺诈控制应协同工作,而不是采购后再粘合。这个定位在高欺诈受监管行业尤其可信,因为客户故事反复强调通行密钥、行为信号、设备智能和 step-up 核验的组合,而不是任何单一功能。官方 Microsoft 内容以及 Aflac 和银行案例研究都强化了这一点:Transmit 卖的是结果包,不是孤立组件。 对私有供应商而言,路线图证据也异常可见。公开 release-notes 网站显示,2026 年公司仍在交易监控、浏览器接管保护、治理、编排灵活性和风险分析上活跃迭代。结合公开 GitHub 活动和当前 SDK packaging,这说明背后是一个仍在运转的产品组织,而不是陈旧 brochureware 表面。较弱的领域是最新主张的成熟度披露,尤其是 machine-and-automation ITDR。功能页很详细,但相较较成熟的通行密钥和欺诈界面,该模块的公开客户证据、采用数量和独立验证仍偏薄。[CE010, CE016, CE018, CE019, CE025, CE026]
| 日期 / 信号 | 功能或里程碑 | 当前状态 | 含义 | 来源 |
|---|---|---|---|---|
| 2026-02-03 | 更清晰的风险分析和更简单的运营版本 | 已发布 | 显示 Mosaic 在分析清晰度和集成简化上持续推进 | 发布说明 |
| 2026-03-11 | Browser Takeover Protection 和更强治理更新 | 已发布 | 表明公司继续处理浏览器 / 会话滥用和管理控制 | 发布说明 |
| 2026-05-08 | Transaction Monitoring 和更广的欺诈可视性 | 已发布 | Mosaic 进一步进入登录后监控和欺诈运营工作流 | 发布说明 |
| 2026-05 至 2026-06 | GitHub 上的公开 SDK 和样例仓库已更新 | 活跃维护信号 | 开发者界面看起来仍在维护,并未废弃 | GitHub 组织 |
| 2026 当前公开形态 | Machine and Automation ITDR 有详细功能页营销,但公开证明有限 | 营销层面功能完整,采用披露证据偏轻 | 可能是有意义的邻近业务,但成熟度比通行密钥或欺诈更难承保 | ITDR 页面 + 缺少客户证明 |
公开路线图证据在发布说明或仓库活动能给出日期证明的地方最强;较新的模块成熟度主张仍缺少佐证。
[CE018, CE019, CE028, CE040]5.5 信任、安全、隐私与合规控制
信任故事在控制类别上较强,在完整透明度上较弱。积极的一面是,法律和标准证据真实存在。Transmit 发布隐私声明,清楚区分其何时作为 processor、何时作为 controller;其 SLA 也用企业条款描述变更管理流程、紧急维护和支持覆盖。公司的通行密钥叙事也与外部标准一致:FIDO、W3C、passkeys.dev、Microsoft 和 NIST 都描述了同一种抗钓鱼、公钥凭证模型,Transmit 正围绕该模型构建。上述证据不能证明每个实施细节,但说明产品与当前认证范式一致,而不是发明自有标准。 缺失部分同样重要。本次审阅的公开材料没有给出丰富的 trust-center 工件集,无法像部分更大同业一样覆盖独立认证、详细分处理方治理或事故历史披露。评测内容还显示,低代码叙事并没有完全抽象掉工作流治理和可用性问题。因此,投资人结论应保持平衡:平台看起来安全原生且符合标准,但在把每项控制主张视为已完全承销前,供应商尽调仍需要更深入的 trust-center 工件、实施引用和按模块证据。[CE021, CE022, CE023, CE033, CE034, CE035]
| 控制 / 标准 | 公开状态 | 范围 | 缺口 / 风险 | 尽调要求 |
|---|---|---|---|---|
| 隐私角色边界 | 已发布隐私声明 | 解释网站数据、客户数据、用户、Identity Network Profile 和部分服务改进流程中的 controller 与 processor 姿态 | IDV 服务改进内的 controller 边界仍需合同审查 | 要求按模块提供 DPA、controller/processor 矩阵和数据保留计划 |
| Passkey / 抗钓鱼对齐 | 外部标准支撑强 | FIDO、W3C、Microsoft、passkeys.dev 和 NIST 都把 passkeys 视为抗钓鱼的公钥凭证 | 符合标准本身并不能证明实现质量完美 | 要求威胁模型、账户恢复控制和 passkey 同步滥用缓解措施 |
| 可用性承诺 | 已发布合同目标 | SLA 写明 99.99% 可用性目标和 24x7 severity-1 响应处理 | 本次未审阅到公开事故历史或已实现 uptime 统计 | 要求过去 12 个月 uptime 报告和事后复盘 |
| 运营韧性 | 已发布流程表述 | SLA 提到韧性设施、冗余网络 / 电力和正式变更管理 | 未披露具体云拓扑或区域故障切换设计 | 要求覆盖租户隔离和区域故障切换的架构审查 |
| 独立信任材料 | 公开覆盖只有部分 | 有法律文档,但已审阅公开材料未出现丰富的信任中心材料包 | 子处理方、独立认证和事故披露深度在公开层面仍薄 | 要求 SOC 2 / ISO 报告、子处理方清单、渗透测试摘要和状态历史导出 |
本表区分明确公开的内容,以及仍需要私有尽调材料支撑的内容。
[CE021, CE022, CE023, CE033, CE034, CE035]5.6 图表
06客户
6.1 客户分层与公开买方地图
Transmit Security 的客户证据指向一个集中但高价值的买方地图。公司自有材料反复把银行、保险公司、零售商和其他大型数字品牌列为核心客户群;公开点名引用更明显偏向受监管金融服务和保险。实际买方通常是数字身份、欺诈、安全或客户平台团队,为面向消费者的登录、开户注册、账户恢复或交易旅程采购;终端用户是企业自己的客户,而不是内部员工。公开证据还显示,企业身份栈碎片化、消费者基数庞大且欺诈压力明显时,Transmit 更容易赢。没有公开的是付费客户总数、银行与非银行账户之间的拆分,或任何收入区间分层。因此,分层故事可以由用例和垂直行业支撑,但仍不能由已披露 logo 数、ACV cohort 或客户集中度表支撑。[CU001, CU002, CU005, CU006, CU022, CU034]
| 分层 | 买方 / 用户 / 付款方 | 核心任务 | 公开证明 | 战略价值 | 缺口 |
|---|---|---|---|---|---|
| 全球银行 | 买方:数字身份、欺诈、安全或客户平台负责人;用户:银行客户;付款方:企业 IT / 安全预算 | 无密码登录、降低欺诈、账户恢复,跨应用和渠道编排 | 最强公开证明:Citi、未具名全球银行、未具名美国领先银行、BRED | 价值最高、最可复用的参考分层 | 未披露银行客户数量或银行业 ARR 占比 |
| 保险公司 | 买方:数字平台 / IAM / 安全团队;用户:投保人和代理人;付款方:企业预算 | 安全的投保人登录、开户、MFA 现代化、重合规旅程 | NN、Cattolica 和 Aflac 提供具名证明 | 显示产品适配多渠道用户的高信任、受监管 CX | 未披露保险客户组数量、续约数据或保险收入结构 |
| 零售 / 消费金融品牌 | 买方:客户平台或安全团队;用户:购物者 / 借款人;付款方:企业数字预算 | 低摩擦认证和带欺诈感知的账户旅程 | America’s Car-Mart 案例和官方零售参考 | 证明产品不只适用于纯银行场景 | 具名非 FSI 证明相对金融服务证明偏薄 |
| 大型多应用企业 | 买方:中央身份架构团队;用户:跨大量应用的外部客户 | 统一碎片化认证栈和策略逻辑 | Citi 称其拥有数千个应用;官方简报强调跨渠道编排 | 支撑从单一旅程落地扩展到全企业架构 | 未公开披露模块挂载或扩张率 |
| 通行密钥优先企业 | 买方:推动登录现代化的安全和 CX 团队 | 用通行密钥和设备生物识别替代密码、硬件令牌和传统 MFA | 全球银行、BRED 和 Aflac 案例;FIDO Alliance 列出 BindID | 这是可衡量支持成本和 CX 改善的清晰切入口 | 未公开通行密钥采用如何转化为多模块 ARR |
| 伙伴协助型企业 | 买方:已使用 Microsoft 身份栈的企业;付款方:同一企业预算 | 借助 Microsoft 对齐的通行密钥和编排计划采购 Transmit | 面向 Microsoft 的 Transmit 博文提到承诺消费折扣和采购节省 | 渠道可缩短销售周期并扩大触达 | 伙伴来源管线、利润分成和续约所有权未披露 |
分层最好由垂直行业、买方职能和用例支撑,而不是由已披露客户数量或收入区间支撑。
[CU001, CU002, CU006, CU011, CU012, CU013]Transmit 通常先切入面向客户的身份痛点,再扩展到更广的欺诈、编排和跨渠道旅程。
[CU006, CU011, CU013, CU015, CU020, CU031]6.2 采用轨迹与公开规模信号
Transmit Security 的公开采用证据最强处,是部署快照,而不是单一已披露客户数 KPI。官方 brief 称平台服务许多全球最大银行、保险公司和零售商,合计关联超过 $2 trillion 年商业交易;后续公司发布的新闻语言又称美国前十大银行中的七家信任该平台。这些都是大规模信号,但不等同于已披露客户数。更好的证据来自具名部署和案例研究分母:一家全球银行在 160 多个国家、覆盖 2 亿客户账户使用 Transmit;一家未具名美国领先银行用欺诈栈在一个月试点中识别超过 12,000 个坏账户;NN 提到 1,800 万客户;Aflac 披露上线后通行密钥注册用户超过 265,000。这足以显示真实企业级采用,但不足以统一 active logos、每个 logo 的 live modules,或按 cohort 划分的收入留存。[CU001, CU002, CU003, CU004, CU007, CU008]
| 指标 / 里程碑 | 数值 | 来源 / 日期背景 | 置信度 | 含义 | 缺失分母 |
|---|---|---|---|---|---|
| 官方行业规模主张 | 全球多家最大银行、保险公司、零售商;年交易额 >$2T | 官方服务简报和关于页面 | 高 | 客户群包含体量很大的面向消费者企业 | 未披露 logo 数量或分层拆分 |
| 头部银行渗透主张 | 美国前 10 大银行中的 7 家 | Business Wire / Forrester 领导者公告 | 中 | 暗示 FSI 渗透率和参考质量较强 | 未给出具名名单,也未披露收入占比 |
| 全球银行部署范围 | 200M 客户账户;160+ 个国家;7 个应用 | Transmit 案例研究 PDF | 高 | 显示产品可在极大型企业规模上生产运行 | 详细案例研究中的客户仍未具名 |
| 美国领先银行欺诈试点 | 一个月内发现 12,000+ 个不良账户,而既有工具约发现 ~2,000 个 | Transmit 客户故事 | 中 | 证明可衡量的欺诈价值和快速见效 | 未披露试点后推广范围或合同规模 |
| BRED 实施速度 | 7 天集成 BindID | Transmit 客户故事 | 中 | 快速上线可降低企业部署摩擦 | 无持续使用或续约指标 |
| NN 客户触达 | 全球 18M+ 客户 | NN 案例研究 PDF / NN 主页 | 高 | 具名保险客户自身具备显著消费者规模 | 未显示 NN 有多少旅程运行在 Transmit 上 |
| Aflac 通行密钥采用 | 265,000+ 名投保人注册;32% 采用率;96% 登录成功率 | Aflac / Transmit 来源,2024 | 高 | 公开材料中最干净的现代采用和 CX 数据点之一 | 未披露上线后的留存、增购或跨模块挂载 |
这些数字证明企业部署规模和客户成效,但无法归并成一个客户总数 KPI。
[CU001, CU002, CU003, CU007, CU010, CU013]公开证据显示,路径从企业身份痛点走到生产上线,再走向更广的采购和平台扩张。
[CU010, CU013, CU020, CU021, CU031]6.3 具名客户证据:生产证据、活动演讲与 Logo 级信号
具名客户证据真实存在,但质量不均,这个差异很重要。Transmit 发布具体部署细节或客户引语的地方,生产级证据最强:Citi 讨论数千个 app 和长期 rollout 路径,BRED 披露七天 BindID 集成,NN 提到编排后采用改善,America’s Car-Mart 将认证与线上融资流程相连,Aflac 发布通行密钥采用和成功指标。活动演讲式营销证据低一层:Citi 的 Gartner 舞台 passwordless 讨论,以及面向 Microsoft 的通行密钥合作内容,都是企业严肃度的有用指标,但仍是经过策划的营销,而不是经审计客户报告。Logo 或行业级证据更弱一层:官方 brief 和首页反复提到头部银行、保险公司、零售商和年商业交易总额,却没有点名多数账户或证明续约。正确尽调姿态是:把公司视为在少数参考账户中拥有强生产证据,在更广行业中拥有更宽但更浅的证据,同时其 lighthouse 部署代表性仍存在重大披露缺口。[CU004, CU011, CU012, CU013, CU014, CU016]
| 客户 | 分层 | 部署 / 用例 | 生产或试点 | 成效 / 引述 | 局限 |
|---|---|---|---|---|---|
| Citi | 全球银行 | 覆盖数千个应用的模块化认证平台;Gartner IAM 上讨论无密码推广 | 生产部署,叠加活动演讲 | Citi 负责人称,原有认证栈碎片化,Transmit 可作为统一平台;讨论过面向 160 个国家 200M 客户的推广 | 公开证明在架构和关系深度上很强,但多数详细规模数字来自 Transmit 整理的材料,而不是客户 SEC 文件 |
| BRED Banque Populaire | 零售银行 | BindID 无密码登录,用于支付密钥环 / 无障碍银行服务 | 生产部署 | 7 天集成;无需用户名、密码或下载应用;银行提到支持电话量和欺诈风险下降 | 未公开披露留存、合同或用户数量 |
| Nationale-Nederlanden | 保险 / 银行 | 面向合规多渠道 CIAM 旅程的身份编排 | 生产部署 | NN 称客户体验和采用率改善;案例研究提到 18M+ 客户和 KuppingerCole 认可 | 成效证明在采用上偏定性,未披露直接 ROI 或续约条款 |
| America's Car-Mart | 消费金融 / 汽车零售 | 支撑数字市场和融资旅程的无密码与 MFA 服务 | 生产部署 | 案例研究把上线与全渠道购车、融资审批、支持请求下降和欺诈减少联系起来 | 公开证据主要由供应商撰写,缺少量化用户采用数据 |
| Aflac | 保险 | 面向投保人登录的通行密钥认证 | 生产部署 | 数天 / 第一周内 32% 采用率、96% 登录成功率、265K+ 注册,未报告登录失败 | 最强指标仍处在上线阶段,不是多年留存证据 |
这份列举有意把未具名银行故事排除在行集之外,即便其规模很大,因为本章必须区分具名证明和营销级证明。
[CU011, CU012, CU013, CU014, CU015, CU016]| 证据类别 | 这里包含什么 | 对生产证明的可靠性 | 能支撑什么 | 不能支撑什么 |
|---|---|---|---|---|
| 带指标的生产案例研究 | Aflac、全球银行 PDF、美国领先银行、BRED、NN | 高 | 真实部署、具体工作流、量化成效、隐含预算严肃性 | 全组合客户数量、续约或集中度 |
| 具名客户引述 / 架构演讲 | Citi 视频和 Gartner 推广讨论 | 中高 | 关系深度、企业架构问题、扩张意图 | 经审计 ROI、整个客户 logo 的部署广度或留存 |
| 面向伙伴的采购叙事 | Microsoft 通行密钥 / 承诺消费文章 | 中 | 渠道杠杆、采购摩擦下降、平台定位 | 具名客户部署数量或直接 ARR 影响 |
| 评价聚合网站情绪 | PeerSpot、G2、TrustRadius、FeaturedCustomers | 中 | 实施痛点、定价摩擦、总体满意方向 | 代表性留存指标或经验证的头部账户成效 |
| 行业 / logo 式营销主张 | 官方简报称头部银行、保险公司、零售商和 >$2T 交易额 | 中低 | 目标分层、野心和大致企业层级 | 具名部署、生产状态、合同期限或账户集中度 |
本表给出本章要求的明确区分:生产、活动演讲和仅 logo 证明。
[CU003, CU004, CU022, CU023, CU032, CU047]这张矩阵比较具名账户的证明成熟度,也凸显广度披露仍弱于部署质量。
[CU011, CU013, CU015, CU019, CU020, CU022]6.4 持久性、满意度与采购摩擦
到了持久性,公开客户叙事就弱很多。评测平台整体认可产品能力和客户支持,公开案例也反复强调呼叫中心来电下降、密码重置减少、欺诈降低、用户体验改善。Aflac 是当下最干净的证明点:passkey 采用率 32%,登录成功率 96%,发布时未报告登录失败。即便如此,Transmit 仍未披露 NRR、GRR、总 logo 流失、标准合同期限、续约节奏或按模块留存。负面证据也不是噪音:PeerSpot 和 G2 评测者认为规则构建仍有应用专属性,扩展取决于工作流复杂度,价格偏高,集成需要专业能力。TrustRadius 还补充了更新节奏和设置丢失等较小但值得注意的抱怨。这些不否定客户价值,但确实说明,扩张和持久性可能更依赖技术成熟的大型企业买方,而不是低摩擦自助销售动作。[CU020, CU024, CU025, CU026, CU027, CU028]
| 视角 | 公开数值 | 证据质量 | 暗示什么 | 耐久性缺口 / 尽调问题 |
|---|---|---|---|---|
| Aflac 通行密钥采用 | 32% 采用率;96% 登录成功率;未报告登录失败 | 高 | 用户快速接受了新的认证方式,且支持负担很小 | 索取 6 / 12 / 24 个月活跃使用、重新认证率和上线后的模块扩张 |
| BRED 支持负担代理指标 | 7 天 BindID 上线后支持电话量下降 | 中 | Transmit 可为客服团队降低登录摩擦 | 索取上线前后支持工单数量和续约状态 |
| 全球银行支持成本代理指标 | 与密码相关的呼叫中心电话显著减少;每年节省数千万 | 高 | 大型企业完成无密码迁移后可获得有意义的运营杠杆 | 索取经审计节省和合同经济性,而非供应商整理的区间 |
| 支持相关同业情绪 | 评价来源对支持和部署质量总体正面 | 中 | 客户满意度方向上看起来不错 | 索取续约和客户访谈数据,因为评价正面不等于留存 |
| 实施负担 | G2 和 PeerSpot 称集成需要专业能力和按应用构建规则 | 中 | 扩张可能最适合技术成熟的企业 | 索取专业服务占比、平均实施周期和各分层价值实现时间 |
| 定价摩擦 | PeerSpot 和 G2 称价格高 / 需要改善;CyberSecurityO 称其为高端定价 | 中 | 最高价值的受监管账户之外,采购可能更难 | 索取赢单 / 输单原因、折扣区间和竞品替换数据 |
| 公开 NRR / GRR / 流失 / 期限披露 | 低 | 这些耐久性指标在保留来源中未公开披露 | 索取 logo 流失、毛留存和净留存、期限长度以及头部客户续约时间表 |
数值为 null 的地方,指标确实未披露,并非作者遗漏。本表替代不可获得的公开 cohort 留存披露。
[CU008, CU020, CU024, CU025, CU026, CU027]6.5 扩张路径、渠道依赖与集中度风险
上行情景很直接:Transmit 可以在大型受监管企业内部,从登录扩到编排、欺诈、身份验证、恢复、呼叫中心流程和跨渠道安全。Microsoft 合作带来具体的采购切口,因为已承诺的云支出和合作伙伴折扣,能让已经标准化到 Azure AD B2C 或 Entra External ID 的企业更容易启动采购。下行同样清楚。公开证明集中在少数大型参考客户,其中很多是银行或保险公司;公司仍未披露客户数量,也未披露最大客户敞口。三个承保风险因此没有解决:第一,少数灯塔客户是否贡献了过高比例的 ARR;第二,Microsoft 和其他合作伙伴是否足以影响采购,从而削弱公司对客户关系的直接所有权;第三,实施复杂度是否把可服务基础收窄到拥有大型安全和身份团队的组织。Transmit 看起来有 land-and-expand 能力,但公开记录仍无法区分覆盖广度和客户集中度。[CU017, CU031, CU032, CU033, CU034, CU048]
| 扩张驱动因素 | 为什么重要 | 集中度 / 渠道风险 | 影响 | 尽调路径 |
|---|---|---|---|---|
| 从认证落地到编排和欺诈 | 具名案例通常从登录或无密码开始,再扩展到更广的旅程控制 | 公开来源未量化模块挂载或落地后的 ARR 扩张 | 高 | 索取按客群统计的模块渗透率和挂载率 |
| Microsoft 对齐采购 | 承诺消费折扣和 Azure / Entra 对齐可降低购买摩擦 | 伙伴影响力可能削弱公司对采购和续约的直接所有权 | 高 | 索取伙伴来源 ARR、利润率和续约所有权 |
| FSI 和保险深度 | 大型受监管 logo 可支撑高 ACV 和强参考 | 具名证明集中在银行和保险,抬高垂直集中度风险 | 高 | 索取按垂直行业划分的 ARR 和收入前 10 大客户 |
| 通行密钥和无密码切入口 | Aflac、BRED 和全球银行显示清晰的 CX 与支持成本收益 | 公开证据未显示通行密钥项目是否能稳定扩张为更广的平台支出 | 中 | 索取从通行密钥项目转向更广 Mosaic 采用的转化率 |
| 快速实施故事 | BRED 7 天上线,Aflac 约 2 个月上线,可加速初始交易 | 评价来源提醒,规则构建和集成复杂性仍可能拖慢更大的企业项目 | 中 | 索取按客户规模统计的中位部署周期和实施资源 |
| 未具名灯塔银行 | 巨型未具名银行故事证明规模化能力 | 如果少数参考账户推动叙事和收入基础,它们可能夸大广度 | 高 | 索取具名参考名单、集中度明细和独立客户访谈 |
扩张上行真实存在,但公开记录仍无法区分广泛平台渗透和少数旗舰受监管账户集中贡献。
[CU010, CU017, CU031, CU032, CU033, CU034]6.6 附录
07风险
7.1 监管、隐私与合同边界风险
Transmit Security 最难承保的硬风险,不是简单的功能竞争,而是三件事叠在一起:生物识别处理、客户多为重监管金融机构、合同条款把很大一部分下行情景留在供应商责任范围之外。隐私声明确认,用户可以上传政府 ID 和自拍照,Transmit 会处理从这些图像中提取的生物识别标识符。DPA 随后显示,默认情况下可能有大量敏感数据流经技术栈,包括设备信息、ID 文件细节、自拍照片、出生日期、网络或交互数据;默认留存期为九十天,除非客户另行选择。客户如果把治理配置得很紧,这可以管理;但一旦实施漂移、留存扩张,或备用方法引入比最初假设更多的数据采集,风险就会放大。监管预期也在变化:FTC 要求金融机构客户通过合同监控服务提供商,并在三十天内报告符合条件的违规事件;EBA 和 EDPB 材料则显示,SCA 和生物识别处理仍在演进,并未尘埃落定。合同上,可追回金额封顶在约十二个月已付费用,这与身份供应商可能卷入的欺诈、宕机或隐私损失场景规模明显不匹配。[CR001, CR003, CR004, CR005, CR006, CR008]
| 风险 | 司法辖区 / 触发因素 | 当前证据 | 可能性 | 影响 | 缓释成熟度 | 剩余暴露 | 投资含义 / 尽调路径 |
|---|---|---|---|---|---|---|---|
| IDV 和恢复流程中的生物识别隐私或留存配置错误 | GDPR / UK GDPR;客户使用身份证照片、自拍、生物识别标识符 | 隐私声明和 DPA 显示会处理生物识别、身份证件和设备数据,默认留存 90 天,除非客户覆盖设置 | 中高 | 关键 | 中 | 高 | 确认 DPIA 模板、按产品线设置的留存覆盖,以及是否有客户把生物识别流程集中处理而非留在本地设备 |
| 通过银行客户传导的 FTC Safeguards Rule 违规或供应商控制失效 | 美国金融机构客户;500+ 名消费者事件阈值 | FTC 要求通过合同监督服务提供商,并在 30 天内报告符合条件的事件 | 中 | 高 | 中 | 高 | 索取数据泄露预案映射、客户合同条款和过往通知事件历史 |
| EBA / PSD2 / SCA 规则漂移改变欺诈或用户摩擦假设 | EEA 银行和支付用例 | EBA 称 SCA 仍然具有实质重要性,规则细节还在演进,包括 180 天续期变化 | 中 | 高 | 中 | 中高 | 验证 EEA 通行密钥或 SCA 行为若按客群分化,路线图假设会怎样变化 |
| 跨境传输或分包处理方治理失效 | 为 EU / UK 数据使用美国或其他地区的分包处理方 | DPA 依赖 SCCs / UK Addendum 以及一组较宽的分包处理方,客户保留异议权 | 中 | 高 | 中 | 中高 | 审查分包处理方通知流程、区域托管选项和客户异议率 |
| 宕机、欺诈或隐私事件后的合同追偿错配 | 云服务协议和公开条款 | 责任上限按此前 12 个月费用计算,而不是按下游损失敞口计算 | 高 | 高 | 低 | 高 | 用预期损失对照供应商追偿能力,并追问是否有网络保险或赔偿叠加安排 |
| 地缘政治连续性或不可抗力扰动影响交付 | 以色列法律 / 运营连接点叠加区域动荡 | 条款把内乱和恐怖事件纳入不可抗力,State Department 仍在 2026 年提示以色列旅行风险 | 中低 | 高 | 中低 | 中高 | 要求披露区域 BCP 责任归属、follow-the-sun 支持覆盖和客户专项连续性测试 |
各行按当前剩余严重度排序,而不是按时间顺序排序。可能性和影响是分析师判断,依据截至 2026-06-17 的法律、监管和合同证据。
[CR001, CR004, CR005, CR006, CR008, CR009]7.2 运营可靠性、安全执行与控制平面复杂度
公司的产品承诺在运营上很激进。Transmit 卖的不是一个登录小组件;它主张在整个客户旅程中提供编排、passkey、欺诈预防、身份验证、设备智能和自适应决策。这种广度带来真实上行,但也扩大了故障面。Microsoft marketplace 页面明确承认,passkey 项目在注册、账号恢复、设备丢失场景和加强认证不足时仍有漏洞。Microsoft Learn 也说得很清楚:最知名的欺诈和 passkey 集成需要 Azure AD B2C 自定义策略和专用 Transmit 租户,这会把部署推向专家实施工作,而不是纯即开即用 SaaS。已发布 SLA 的目标可用性为 99.99%、一级严重事件一小时响应目标,体面但排除项很关键:第三方服务、客户系统、定制化、试用和 POC 都不在最干净的 uptime 承诺内。评测证据从另一侧强化了同一个运营主题:规则构建可能变成应用专属,工作流越复杂扩展越棘手,非技术用户体验仍需打磨。对于卖进大型银行的平台,这些不是表面问题,而是部署摩擦和运营负担风险。[CR011, CR012, CR013, CR019, CR021, CR022]
| 失效模式 | 可能性 | 影响 | 缓解成熟度 | 剩余敞口 | 未解决缺口 |
|---|---|---|---|---|---|
| 通行密钥回退、账户恢复或设备丢失漏洞,让攻击者绕过最强路径 | 中高 | 严重 | 中 | 高 | 需要按旅程阶段拆分的回退率、接管尝试和 step-up 成功率生产数据 |
| 定制策略集成复杂,拖慢部署或做出脆弱实现 | 高 | 高 | 中 | 高 | 需要按账户规模拆分的实施中位数、上线失败率和合作伙伴 / SI 依赖度 |
| 公开的 99.99% 目标夸大真实客户体验,因为排除项和依赖项占主导 | 中 | 高 | 中 | 中高 | 需要 SLA 抵扣历史、根因分布和第三方对 sev1 事件的贡献 |
| Sentinel 或客户 SIEM 摄取不完整时,监控盲区会浮现 | 中 | 中高 | 中 | 中 | 需要默认遥测覆盖、非 Microsoft 日志模式和事件检测滞后指标 |
| 工作流蔓延、单应用规则逻辑或非技术用户体验差,会抬高支持负担 | 中高 | 中高 | 中低 | 中高 | 需要管理员可用性路线图,以及大型环境能安全集中修改策略的证据 |
| 分包处理方或身份验证供应商服务退化,即便 Transmit 核心未宕机,也会冲击运行质量 | 中 | 高 | 中 | 中高 | 需要分包处理方 SLO、Veriff 类服务的故障切换逻辑,以及客户可见的事件拆分口径 |
本表把产品架构证据和评测反馈转成运营风险。缓解成熟度衡量的是:有多少硬公开证据证明该控制已在生产环境大规模跑通。
[CR011, CR012, CR013, CR019, CR021, CR022]Passkey、隐私和集成失败会传导成欺诈、支持负担、上线变慢、利润率压力和估值信心下降。
[CR001, CR015, CR019, CR022, CR023, CR024]7.3 合作伙伴、平台与子处理方依赖风险
Transmit 主打强互操作性,但公开证据也显示出有意义的依赖集中。最显眼的依赖是 Microsoft:marketplace 列表和集成教程把 Transmit 架在 Azure AD B2C 和 Entra External ID 之上,公司自己的合作伙伴博客也推广 Microsoft 已承诺支出采购和合作伙伴折扣。这形成了有用渠道,但也意味着 Transmit 的一部分 passkey 动作暴露在 Microsoft 产品路线图调整、打包变化和合作伙伴优先级决定之下。再往下看,DPA 披露了一个宽泛的第三方运营网络:AWS、Google Cloud、MongoDB Atlas、Cloudflare、Veriff、Salesforce 和外包支持提供商都处在交付路径的某个位置。多云和会话内故障切换能缓解部分单云宕机风险,但无法消除对子处理方性能、定价或合同可用性的依赖。公开客户证明也集中在少数超大型金融机构。一家银行部署覆盖 2 亿客户和 7 个应用;另一家声称一个月内 ROI 达 1300%、欺诈下降 98%。这些参考案例很强,但也意味着,即使只失去少数旗舰客户或渠道关系,也可能带来过大的叙事和商业影响。[CR007, CR025, CR026, CR027, CR028, CR031]
| 依赖 | 交易对手 / 层级 | 在技术栈中的角色 | 集中度 | 失效场景 | 严重度 | 缓解措施 | 剩余敞口 |
|---|---|---|---|---|---|---|---|
| 外部身份控制平面 | Microsoft Azure AD B2C / Entra External ID 身份栈 | 通行密钥旅程的渠道、集成底座和产品叙事 | 高 | Microsoft 路线图、打包方式或伙伴优先级变化,削弱 Transmit 主导的部署 | 高 | 维持非 Microsoft 参考打法,并把编排价值守在商品化连接器之上 | 高 |
| 云、数据库和路由底座 | AWS / GCP / MongoDB Atlas / Cloudflare 托管栈 | 托管、日志、存储和流量保护 | 中高 | 多供应商服务中断或成本变化,冲击可用性、延迟或毛利率 | 高 | 采用 active-active 架构、身份缓存和多元化云区域 | 中高 |
| 身份验证供应商层 | Veriff 和其他核验依赖 | 高风险旅程中的照片 ID 和自拍验证 | 中 | 供应商宕机、误报或价格冲击,损害开户和恢复经济性 | 高 | 保留产品化回退路径,并监控供应商 SLA 和误拒率 | 中高 |
| 旗舰客户证明集 | 超大型银行和标杆账户 | 商业证明、续约叙事和买方信心 | 高 | 某个标杆银行流失、缩小范围或停止为 ROI 主张背书 | 高 | 将公开证明集扩展到少数大型银行案例之外 | 高 |
| Microsoft 采购杠杆 | 承诺支出 / 伙伴折扣打法 | 漏斗顶部加速器和预算解锁 | 中 | 渠道经济性收紧,或客户预算不再把 Transmit 视为符合承诺支出资格 | 中高 | 分别跟踪有无 Microsoft 渠道协助时的 attach rate | 中 |
各行聚焦公开证据可见的依赖,而不是每个采购或实施伙伴。集中度为定性判断,反映各项依赖在企业线上部署中有多难替换。
[CR007, CR025, CR026, CR027, CR028, CR031]Transmit 的交付路径压在 Microsoft 身份渠道之上,也牵出一张已披露的依赖网:云、路由、监控、IDV、支持系统和银行背书。
[CR007, CR025, CR026, CR027, CR028, CR031]7.4 人员、执行与地缘政治敞口
人员风险不太在于具名创始人接班,而在于专业知识驻留在哪里,以及哪些法律或运营中心支撑交付。公开条款显示,Boston、Tel Aviv 和 Vancouver 实体之间存在拆分,非美国客户经由以色列实体承接。这本身不是问题,但意味着区域扰动可能带来法律、支持和执行后果。2026 年 6 月美国国务院旅行建议仍要求旅客因恐怖主义和内乱重新考虑前往以色列,并完全避开周边多个冲突地区。对于一个嵌入认证、欺诈响应和身份核验的供应商,连续性问题并不抽象:客户预期在高风险时期仍有 24x7 支持、协调一致的事件响应和不中断的上线推进。评测证据还给出第二个人员执行角度:编排深度和逐应用规则构建,提高了对稀缺解决方案工程人才和客户成功纪律的要求。如果自定义策略专家、欺诈运营专家或区域支持覆盖受限,部署周期和续约信心可能在关键宕机指标明显恶化之前就先下滑。[CR009, CR010, CR012, CR033, CR034, CR039]
| 角色 / 职能 | 依赖或缺口 | 可能性 | 影响 | 缓解措施 | 尽调路径 |
|---|---|---|---|---|---|
| 定制策略 / 旅程架构师 | Azure B2C 和通行密钥部署需要专门配置和规则设计 | 高 | 高 | 产品化可复用模板,减少每个应用的定制逻辑 | 询问每次部署的平均人员配置,以及专家搭建旅程与模板化旅程的比例 |
| 欺诈运营和身份风险专家 | 风险引擎价值取决于调校后的信任、放行、挑战和拒绝逻辑 | 中 | 高 | 固化可复用风险策略,并衡量误报 / 漏报漂移 | 要求提供告警精度和模型维护负担的 cohort 数据 |
| 24x7 支持和事件指挥官 | 企业银行预期全天候事件响应,标准 SaaS 服务台水平不够 | 中 | 高 | 公开的一小时 sev1 目标和多语种紧急联系人 | 询问实际 sev1 人员覆盖、on-call 饱和度和复盘治理 |
| 围绕以色列关联实体和人员的区域连续性 | 与 Tel Aviv 的法律和运营连接点,使区域动荡更容易扰动业务 | 中低 | 高 | 将支持和工程责任分散到多个区域 | 要求提供区域人头拆分、备份站点责任归属和近期 BCP 测试 |
| 客户成功和文档层 | 评测反馈称,非技术用户体验和文档仍需改进 | 中 | 中高 | 改进文档、策略集中化和管理员 UX | 询问按原因拆分的实施升级,以及每个活跃企业账户的客户成功人员配置 |
本登记表覆盖执行能力,而不是公开创始人履历。核心问题不是创始人离任,而是是否有足够专业人才,以高服务水平部署和运营复杂身份项目。
[CR010, CR012, CR023, CR024, CR033, CR034]7.5 财务模型与承保风险
财务风险不是 Transmit 缺少高端产品叙事,而是公开证据仍让投资者在有限实时透明度下承保一个复杂企业平台。定价页确认,公司按 MAU 或事件量货币化,并强调企业级 uptime 定位;评测页面仍称定价细节不公开,总成本会随支持层级、地区或数据驻留需求变化。这意味着,即便公司声称客户 ROI 很强,毛利质量和实际价格纪律仍不透明。历史资本基础很大——2021 年 Series A 以 $2.2 billion 投前估值融入 $543 million——但相对当前运行日期,这轮融资已经很旧;本文保留的来源也没有给出当前定价轮、公开 burn 曲线或按收入划分的客户集中度。同时,责任上限仍绑定尾随费用,而不是下游欺诈或监管损失规模。换句话说,Transmit 可能具备足以支撑高 ACV 的经济价值,但公开证据仍无法让外部投资者清楚测算,其中多少价值能转化为韧性利润率、分散的续约风险或下行保护。[CR008, CR011, CR029, CR030, CR032, CR035]
在纳入当前已发布缓释措施后,图中映射 12 类风险;合同表面、Microsoft 依赖和旗舰客户集中度仍是剩余风险最高的项目。
可能性和剩余严重性评级是基于引用证据的定性综合,不是精算概率。
[CR008, CR011, CR015, CR018, CR022, CR023]7.6 缓释因素、监测指标与论点破裂触发器
这里确实有真实缓释因素,而且重要。Transmit 公布了严肃的控制栈:99.99% 生产可用性目标、一级严重事件一小时响应目标、DPA 中的审计权、正式违规通知义务、多云连续性声明,以及具体数据返还或删除条款。Microsoft 和 CISA 材料也显示,公司卖进的是向抗钓鱼 MFA 转移的有利架构方向,而不是防守传统 SMS 或推送流程。但承保门槛应保持明确。投资者应监测:Microsoft 渠道是否仍是加速器而非瓶颈;客户证明是否延伸到少数旗舰银行之外;生物识别和留存实践是否始终受到严格治理;围绕复杂度的评测抱怨是否开始表现为上线变慢或参考质量变弱。论点破裂触发器应具体:重大隐私或 safeguards 相关执法事件;因排除项或依赖占主导而反复无法达到实际 99.99% 体验;Microsoft 明显降优先级;旗舰银行流失或重大项目未续约;或证据显示高端定价已无法抵消平台在生产中跑起来所需的部署和支持负担。[CR006, CR011, CR018, CR019, CR026, CR027]
| 风险 | 可监控触发因素 | 阈值 / 事件 | 行动含义 |
|---|---|---|---|
| 隐私 / 生物特征治理失效 | 涉及生物特征或 IDV 流程的监管询问、DPIA 例外或泄露通知 | 任何点名执法行动,或任何因客户身份数据而需要上报 FTC 或 EU 监管机构的事件 | 将风险评级实质性上调;继续承销前要求提供事件档案、整改计划和客户流失评估 |
| 可用性和依赖现实差于表面 SLA | sev1 频率、SLA 抵扣历史或第三方根因占比 | 连续两个季度出现重大 sev1 依赖事件,或因排除系统占主导,实际 uptime 明显低于 99.99% | 将可靠性护城河视为被高估,并下调扩张或续约假设 |
| Microsoft 生态依赖变成瓶颈 | 产品路线图、打包方式或伙伴身份恶化 | 失去承诺支出杠杆、面临弃用压力,或 Microsoft 带来的 win path 下滑 | 重新承销渠道杠杆,并假设 CAC 更高、销售周期更长 |
| 标杆客户集中度破裂 | 旗舰银行流失、缩小范围或拒绝担任标杆 | 任何被点名的大型银行流失,或明星 ROI 案例未能续约或扩张 | 提高集中度折价,并要求提供 cohort 级 gross retention / NRR 数据 |
| 溢价定价无法覆盖交付负担 | 实施时间拉长、支持负载上升或折扣加速 | 上线周期显著拉长,同时定价透明度和评测摩擦都恶化 | 除非管理层用 cohort economics 证明逆势,否则假设利润率承压、估值支撑下降 |
| 地缘政治连续性故障切换失败 | 区域扰动影响支持、发布或合同响应义务 | 任何因以色列关联连续性问题造成的多日中断,且未展示区域故障切换 | 将 BCP 视为不足,并要求提供逐区域运营地图和已测试的应急责任归属 |
阈值有意围绕投资主题,而不是法律定义。它们告诉投资者,何时应从例行监控转向主动重新承销或停止决策。
[CR006, CR008, CR011, CR015, CR018, CR026]7.7 附录
08估值
8.1 投资论点、反论点与建议
Transmit Security 仍有真实投资论点。公开定价显示,它卖的不是商品化开发者小组件,而是年合同起步达六位数的企业身份平台。客户证明也可信:公司公布了覆盖 2 亿客户和 7 个应用的全球银行部署,一个美国领先银行案例称 ROI 达 1300%、新账户欺诈下降 98%,Aflac passkey 项目则报告约两个月内采用率 32%、登录成功率 96%。Microsoft 合作表述还提供了另一个正面线索,因为已承诺支出折扣和采购杠杆,能缩短受监管客户的企业采购周期。 反论点在于,商业证明尚未转化为公开估值透明度。独立来源对当前规模仍分歧很大,从 2025 年收入 $33.4 million,到 ARR / 类收入规模超过 $100 million;同时,没有任何保留来源披露净留存、毛利率、burn、现金、债务或清算优先权。独立评测也提醒,平台扩展可能复杂,并缺少部分邮件 / SMS 集成灵活性。合在一起,证据支持新资金「继续研究」判断、中等信心、高风险评级,以及在任何仍依赖 2021 年融资且缺少新披露的估值标记上持「昂贵」立场。[CV008, CV009, CV010, CV011, CV012, CV019]
| 维度 | 评估 | 证据基础 | 决策含义 |
|---|---|---|---|
| 建议 | 新资金继续研究 | 商业证明真实存在,但公开估值支撑仍太弱,无法有信心承销新的入场。 | 没有管理层披露或价格显著下调前,不应按 2021 年估值投资。 |
| 置信度 | 中 | 产品证明很强,当前财务披露很弱。 | 如果管理层提供经审计或董事会级指标,置信度可快速提升。 |
| 风险评级 | 高 | 关键承销输入仍未披露:ARR、NRR、毛利率、烧钱速度、runway 和优先清算权结构。 | 在数据室补齐这些缺口前,应把该投资视为高不确定性。 |
| 估值立场 | 偏贵 | 公开可比公司和收入估算视角下,旧私募估值远高于当前证据能支撑的水平。 | 要么披露收入大幅更高,要么相对历史估值打折。 |
| 入场纪律 | 只有经常性收入约 $150M+ 且适用溢价倍数,或入场价格下调时,才有支撑 | 12x-15x 的溢价视角仍需要约 $147M-$180M 收入,才能支撑旧估值区间。 | 用阈值而不是品牌质量标题来组织谈判。 |
| 现有持有人读数 | 若无强制流动性需求,持有 / 监控 | 产品证明和客户质量保留上行空间,但披露不足仍限制退出确定性。 | 按溢价公开市场倍数给资产标价前,应推动披露。 |
本表是价格敏感的建议,不是泛泛的公司质量评分。阈值来自公开可比倍数,并应随管理层数据室指标更新。
[CV017, CV031, CV032, CV033, CV034, CV035]| 维度 | 正向论点 | 反向论点 | 什么会改变判断 |
|---|---|---|---|
| 商业证明 | 大型银行和保险公司标杆表明,产品已在有意义规模的生产环境中发挥作用。 | 案例研究证明有用性,但不证明当前收入基数或利润率质量。 | 披露头部客户 ARR、部署数量和续约扩张率。 |
| 定价权 | 公开标价从六位数年合同额起步,指向溢价 ACV。 | 标价看不到实际折扣、服务组合或分模块毛利率。 | 提供标准折扣区间和服务 attach rate。 |
| GTM 杠杆 | Microsoft 承诺支出和伙伴折扣措辞显示,其在受监管企业销售中有采购杠杆。 | 重集成的上线仍可能吃掉昂贵的解决方案工程和 onboarding 资源。 | 展示 CAC 回收期、实施周期和伙伴来源 bookings 占比。 |
| 独立客户反馈 | 评测整体正面,并显示产品适合企业。 | 独立评测者仍提到邮件 / SMS 集成缺口、按应用搭建规则,以及扩展复杂性。 | 展示集成缺口和实施负担在产品路线图上的关闭进展。 |
| 估值支撑 | SailPoint 的私有化和重新 IPO 表明,优质身份资产可以有好的退出。 | Transmit 缺少披露收入和达到招股书级别的透明度,而这些正是 SailPoint 具备可交易性的基础。 | 披露 ARR、留存、利润率和退出流程准备度。 |
正向论点在商业上可信,但反向论点在价格上仍更强,因为公开记录仍缺少当前规模和资本结构披露。
[CV008, CV009, CV010, CV011, CV012, CV019]商业验证和定价权支撑战略相关性,但披露缺口和倍数压缩又把建议拉回“继续研究”。
这条流程是定性框架,用来展示建议如何由产品验证、规模证据、可比倍数和剩余披露缺口拼出来。
[CV008, CV009, CV017, CV022, CV023, CV027]IC 风格记分卡,汇总 Transmit Security 估值判断背后的证据。
分数是基于保留证据集作出的 0-10 定性判断,目的是支撑 IC 讨论,而不是作为审计指标。
[CV019, CV022, CV023, CV027, CV039, CV040]8.2 历史融资锚点与价格纪律测试
正式估值锚点已经陈旧,但规模异常大。Transmit Security 最后一次披露的 primary financing 是 2021 年 6 月 22 日 Series A;官方和独立报道都指向 $543 million 融资额。Business Wire 和 TechCrunch 都将该事件表述为约 $2.2 billion 投前估值,后续公司更新还把 Citi Ventures 和 Goldman Sachs 列为同一轮融资的新增投资者。PitchBook 仍把最新交易类型标为 Series A、状态为私营;Tracxn 仍只列出这单 $543 million 融资和与 2021 年相关的 $2.2 billion 估值日期。Dealroom 继续把公司归为独角兽,但只落在 $1 billion 到 $2.5 billion 的宽泛区间内,而不是新的定价轮。 这给投资者留下一个棘手的价格纪律问题。没有公开证据表明公司已上调估值、接受 down round、披露债务、完成正式二级交易,或给出能重置估值的审计收入。由于 2021 年估值是在软件倍数更高的时期敲定,应把它视为历史参考点,而不是当前公允价值。缺少 cap table 细节同样重要:没有优先权栈、二级交易和 runway 数据,投资者无法判断历史估值在出售时到底有多少会归属于新的优先股投资者,或归属于普通股等价持有人。[CV001, CV002, CV003, CV004, CV005, CV006]
8.3 可比视角与市场倍数现实
最好的公开锚点不是私有数据库标记,而是已披露的身份公司可比对象。Okta 2026 年 6 月公开数据指向约 6.1x EV / revenue,收入约 $3 billion,同比增长 11%。CyberArk 更贵,2025 年收入 $1.361 billion,ARR 为 $1.44 billion,2026 年 6 月市值约 $20.6 billion;即使使用市值而非企业价值,也意味着十几倍中段收入倍数,反映的是高端安全平台画像,而不是普通 CIAM 供应商。行业报告进一步拉宽视角:Windsor Drake 2026 年研究显示,上市网络安全收入倍数中位数接近 7.8x,表现最佳的 cyber 公司接近 11.9x;其 IAM 报告则突出 SailPoint 约 10x 的上市身份参考点,以及 Okta 的中个位数倍数。 Transmit Security 自身公开收入证据很难舒服地落进这些区间。按保留的第三方区间 $33.4 million 到超过 $100 million 计算,$2.2 billion 标记意味着约 22x 到 66x 收入,$2.7 billion 标记意味着约 27x 到 81x。这些水平高于当前公开 CIAM,甚至高于许多高端软件公司,除非隐藏收入远高于公开估计。正确的读法不是 Transmit 缺少战略价值,而是证明责任现在落在管理层身上:它需要展示远高于当前公开记录支持的规模。[CV014, CV016, CV017, CV023, CV024, CV025]
| 可比对象 | 指标或事件 | 估值参照 | 为什么相关 | 局限 |
|---|---|---|---|---|
| Transmit Security 已披露融资轮 | 2021 Series A / 最后披露价格点 | 融资 $543M,对应约 $2.2B pre-money | 当前股东预期的历史锚点。 | 周期高点的私募估值;不是新的价格发现。 |
| Okta(上市) | 2026 年 6 月 EV / revenue | 约 6.1x EV/revenue,收入约 $3B | 最接近的公开 CIAM 基准,有披露规模和利润率。 | 更成熟、增长更慢的上市公司。 |
| CyberArk(上市) | 2026 年 6 月市值 / 收入背景 | 市值约 $20.6B,收入约 $1.30B;2025 年收入 $1.361B,ARR $1.44B | 溢价身份安全平台基准,也是公开市场高质量信号的上沿。 | 不是纯 CIAM;市值不是企业价值。 |
| SailPoint 私有化 | 2022 年财务赞助方交易 | 交易价值约 $6.9B | 显示 PE 仍愿意持有有规模的身份资产。 | 产品组合和 2022 年市场背景不同。 |
| SailPoint 重新 IPO | 2025 年 2 月重返公开市场 | $1.38B IPO 后市值约 $12.8B | 身份厂商一旦披露公开市场级指标,可获得的估值上行由此可见。 | 披露收入基数大得多,也有公开申报透明度。 |
| Transmit 公开估算压力测试 | 当前第三方规模区间与历史估值标记 | 在 $33.4M 到 >$100M 区间内,对 $2.2B-$2.7B 估值标记隐含约 22x-81x 收入倍数 | 直接检验旧估值标记是否贴合当前公开证据。 | 采用第三方估算区间,而非管理层披露。 |
这组可比样本有意取局部而非穷尽:它把最相关的公开身份领域可比公司、发起方交易,以及可从公开来源抓取的 Transmit 直接压力测试锚点放在一起。
[CV001, CV006, CV023, CV024, CV025, CV026]在选定的 2026 年公开可比倍数锚点下,支撑旧私募估值所需的收入规模。
数值是用保留的公开倍数参考做算术门槛校验,并非管理层指引。它们显示,要撑住过时私募估值,公司需要达到怎样的规模。
[CV023, CV027, CV031, CV032, CV033, CV034]8.4 牛市、基准与熊市情景
可以构建一个可辩护的牛市情景,但条件很强。要让旧的私有估值标记成立,Transmit 需要隐藏经常性收入达到高端可比视角所要求的至少数亿美元门槛,还要证明增长质量、留存和毛利率足以让买方愿意支付战略或 IPO 溢价。在 12x 到 15x 区间下,$2.2 billion 到 $2.7 billion 的标记需要约 $147 million 到 $225 million 收入,这些门槛明显高于当前公开估计来源显示的水平。 因此,新投资者的基准情景不是「2021 年融资错了」,而是「2021 年融资尚未被证明」。如果实际经常性收入只是刚刚超过当前公开上沿、略高于 $100 million,那么即便用 7.8x 到 10.2x 的市场视角,公允价值仍低于旧标记。熊市情景更严厉:如果真实规模更接近低端 $33.4 million 公开估计,当前公开倍数只意味着数亿美元企业价值和严重下调。由于已披露融资锚点与今天公开证据之间差距太大,情景分析应被视为门槛框架,而不是精确模型。[CV017, CV027, CV028, CV031, CV032, CV033]
| 场景 | 明确假设 | 估值逻辑 | 概率信号 | 读数 |
|---|---|---|---|---|
| 牛市 | 管理层证明经常性收入约 $180M 或更高,留存扎实,并具备可信的 IPO 或战略退出准备度。 | 按 12x-15x 收入计算,旧的 $2.2B-$2.7B 区间变得可支撑,且可能有温和上行。 | 没有新披露时概率低。 | 只有隐藏规模显著高于当前公开估算,2021 年估值才守得住。 |
| 基准 | 管理层证明收入高于当前公开估算上限,但低于明确溢价阈值;利润率和留存透明度好坏参半。 | 按约 7.8x-10.2x 视角,除非规模远高于公开估算,否则公允价值很可能仍低于旧私募区间。 | 缺少数据室证据时,这是最可能情形。 | 新资金应谈折价或暂缓。 |
| 熊市 | 真实规模更接近公开估算低端,或 down-round / 不利二级交易重置价格发现。 | 按 $33.4M-$60M 规模、约 6.1x-7.8x 计算,价值会压缩到数亿美元低段。 | 如果披露不及预期,风险很实质。 | 对新买方而言,陈旧的 2021 年估值会造成经济误导。 |
场景按阈值搭建,因为当前 ARR 和利润率数据没有公开披露。它们用于框定披露需要证明什么,而不是编造隐藏指标。
[CV017, CV027, CV028, CV031, CV032, CV033]公开证据拉出一个很宽的区间:一端是隐含倍数,另一端是要证明历史私募估值合理所需的收入门槛。
低 / 高值是刻意给出的区间,来自第三方公开收入信号和公开可比倍数;不应误读为公司披露的指引。
[CV017, CV031, CV032, CV033, CV034, CV035]8.5 退出准备度、终止触发器与最终尽调索取项
披露质量够强时,身份资产可以实现不错退出。SailPoint 清楚展示了这种模式:Thoma Bravo 在 2022 年以约 $6.9 billion 将其私有化;到 2025 年 2 月,公司在披露此前九个月 $621 million 收入后,能够以 $12.8 billion 市值重返公开市场。Transmit 在公开层面还没有呈现这种准备度。PitchBook 仍显示私营状态和 2021 年最新交易;保留来源集也没有浮现 S-1、F-1 或其他附带已披露财务的活跃 IPO 流程。 这不意味着公司坏了;而是尽调瓶颈只能靠管理层披露解决。如果新融资或二级交易显示估值较旧标记大幅折让,如果当前 ARR 明显低于公开可比对象隐含门槛,如果留存或毛利率显示软件经济性偏弱,或隐藏优先权栈让 headline valuation 在经济上误导,论点就会破裂。因此,最终尽调索取项很直接:管理层必须提供 ARR 与收入桥、cohort 留存、按模块和服务拆分的毛利率、现金 / runway 桥,以及当前清算 waterfall。没有这些,fresh investor 不应在接近历史标记的价格承保公司。[CV027, CV028, CV029, CV037, CV038, CV040]
| 触发因素 | 阈值或事件 | 重要性 | 行动含义 |
|---|---|---|---|
| 收入支撑失效 | 经核验的经常性收入明显低于约 $100M,或增长质量偏弱。 | 在当前公开倍数区间下,历史估值标记无法再自圆其说。 | 不要按接近旧私募估值来承销。 |
| 价格发现不利 | 下轮融资、折价二级交易或结构化融资把价值重置到 2021 年锚点以下。 | 新价格发现会取代陈旧的历史叙事。 | 按新观察到的交易重新切估值。 |
| 股权结构包袱 | 优先股堆栈、债务或清算瀑布比预期更苛刻。 | 账面估值未必能转化成普通股等价经济收益。 | 投资前先完整建模完全摊薄与清算情景。 |
| 实施负担恶化 | 独立客户证据显示扩张慢、增购弱或集成疲劳。 | 如果部署强度压低利润率和留存,高 ACV 的吸引力会下降。 | 下调增长质量假设和可比倍数。 |
| 缺少退出路径证据 | 现金需求上升时,没有申报进展、投行流程或战略兴趣浮现。 | 估值支撑转弱的同时,持有期和流动性风险上升。 | 从可跟踪持有转为回避 / 下调估值立场。 |
这些是尽调阶段的否决触发因素,不只是经营 KPI。任一因素都足以让新投资人的高估值论点失效。
[CV019, CV021, CV037, CV038, CV040, CV041]| 议题 | 缺失证据 | 重要性 | 尽调路径 |
|---|---|---|---|
| 当前 ARR 与收入桥 | 2024 年以来的月度或季度经常性收入、GAAP 收入与订单桥。 | 必须用真实规模替代第三方估算区间。 | 索取董事会材料、财务包和最新管理账。 |
| 留存质量 | 按客户分群拆分的 NRR、GRR、cohort 扩张和流失。 | 高身份领域倍数需要可持续增购支撑,而不只是客户品牌质量。 | 索取客户 cohort 表和前 20 大账户历史。 |
| 按产品和服务拆分的毛利率 | CIAM、欺诈、验证和实施 / 服务的毛利率拆分。 | 决定六位数定价能否转化为软件式经济性。 | 索取毛利率瀑布,以及托管成本 / 第三方成本明细。 |
| 流动性与现金 runway | 账面现金、burn、现金 runway、债务和融资触发条件。 | 2021 年大额融资并不证明当前资产负债表安全。 | 索取现金桥、债务明细和下行情景经营计划。 |
| 股权结构与优先权 | 优先股堆栈、清算优先权、二级交易、SAFEs / 票据和员工期权包袱。 | 账面估值可能高估新投资人或普通股等价持有人的真实价值。 | 索取股权结构表、章程、附函,以及最近一次 409A / 董事会估值。 |
| 退出流程准备度 | 投行材料、审计准备度、董事会讨论,以及任何 IPO / 战略接触状态。 | 没有退出路径时,高私募估值更难变现。 | 索取达到申报准备度或战略流程准备的路线图。 |
每项索要都是把建议从继续研究推向买入,甚至以高置信度进入中性跟踪的直接阻塞点。
[CV005, CV037, CV038, CV040, CV041, CV042]8.6 附录
免责声明
本尽调报告是截至 2026-06-17 的公开证据快照,不构成投资建议。作出任何投资决定前,还应补充管理层材料、客户访谈、法律审查、财务报表和技术尽调。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | Transmit Security was founded in 2014. | 高 | SO002, SO003, SO014 |
| CO002 | Transmit Security was founded by Mickey Boodaei and Rakesh Loonkar. | 高 | SO002, SO003, SO014 |
| CO003 | Mickey Boodaei is CEO and co-founder of Transmit Security as of the run date. | 中 | SO003 |
| CO004 | Rakesh Loonkar is President and co-founder of Transmit Security as of the run date. | 中 | SO003 |
| CO005 | Mosaic is positioned as a unified enterprise-grade platform spanning customer identity, fraud prevention, and identity verification. | 高 | SO004, SO005 |
| CO006 | Transmit Security sells enterprise identity-security software rather than a consumer self-serve product. | 中 | SO004, SO006, SO017 |
| CO007 | Transmit Security publicly offers customized pricing based on MAUs or event volume and advertises a 99.99% uptime SLA. | 中 | SO006 |
| CO008 | Transmit Security says it serves large banks, insurers, healthcare providers, retailers, and other leading brands. | 高 | SO001, SO002 |
| CO009 | Mosaic is described as a SaaS-native and microservices-based CIAM platform for both B2C and B2B use cases. | 中 | SO004 |
| CO010 | Identity orchestration is described as a no-code drag-and-drop system that offloads customer identity logic from applications. | 高 | SO005, SO012 |
| CO011 | Transmit Security identity verification combines document checks, biometrics, and AML/PEP screening with broad ID coverage. | 高 | SO005, SO013 |
| CO012 | Transmit Security says its platform offers active-active multi-cloud presence across GCP and AWS. | 中 | SO004 |
| CO013 | Transmit Security says some deployments support organizations serving more than 100 million customers each. | 中 | SO004 |
| CO014 | Official materials describe Transmit Security as a global team with offices around the world. | 高 | SO002, SO007 |
| CO015 | Public leadership materials list Kiran Judge, Mirit Barak, Ashley Arbuckle, Eldan Ben-Haim, David Mahdi, Shmulik Regev, and regional sales leaders alongside the founders. | 中 | SO003 |
| CO016 | Reviewed official materials do not publish a full board roster or detailed governance structure. | 高 | SO002, SO003 |
| CO017 | Transmit Security announced a $543 million Series A on June 22, 2021. | 高 | SO009, SO018, SO019 |
| CO018 | Insight Partners and General Atlantic led the June 2021 financing. | 高 | SO009, SO018, SO019 |
| CO019 | Cyberstarts, Geodesic, SYN Ventures, Vintage, and Artisanal Ventures were also named in the 2021 financing syndicate. | 高 | SO009, SO018, SO019 |
| CO020 | Transmit Security announced on September 14, 2021 that Citi Ventures and Goldman Sachs had joined the funding round as additional investors. | 高 | SO010, SO018 |
| CO021 | Public coverage described the 2021 financing as the largest Series A in cybersecurity history and one of the highest valuations for a bootstrapped company. | 高 | SO009, SO014, SO019 |
| CO022 | TechCrunch reported that the 2021 financing carried a $2.2 billion pre-money valuation. | 中 | SO019 |
| CO023 | SYN Ventures reported that the 2021 financing brought a $2.3 billion pre-money valuation. | 中 | SO014 |
| CO024 | Tracxn reports $543 million raised from one Series A round and records a $2.2 billion valuation for June 22, 2021. | 中 | SO018 |
| CO025 | Dealroom lists Boston as the company headquarters, Tel Aviv as the founding location, and tags the business as B2B SaaS with a subscription model. | 中 | SO017 |
| CO026 | SYN Ventures lists Boston and Tel Aviv and says customers such as CitiBank, UBS, and MassMutual use the FlexID orchestration platform. | 中 | SO014 |
| CO027 | TechCrunch reported in June 2021 that BindID had been adopted by Lowe’s, Santander, and UBS and was handling more than 9,000 authentication requests per second. | 中 | SO019 |
| CO028 | SYN Ventures says Transmit Security introduced BindID in early 2021 as the first passwordless authenticator that does not require users to install an app. | 中 | SO014 |
| CO029 | Transmit Security and Microsoft publicly positioned Mosaic with Azure AD B2C and Entra External ID for passkey deployment in January 2025. | 中 | SO011 |
| CO030 | Transmit Security claims deployments using Mosaic with Microsoft identity surfaces can deliver 30%+ lower authentication failures, 95% credential-stuffing detection, 30% faster logins, and 98% positive customer feedback. | 中 | SO011 |
| CO031 | Transmit Security was publicly reported as a Leader in the 2025 Gartner Magic Quadrant for Access Management and among five leaders in that edition. | 高 | SO020, SO021 |
| CO032 | Business Wire identified David Mahdi as CIO at Transmit Security in the November 2025 Gartner-recognition release. | 中 | SO020 |
| CO033 | KuppingerCole tracks Transmit Security as a vendor spanning CIAM, fraud prevention, identity threat detection and response, and zero trust categories. | 中 | SO022 |
| CO034 | Dealroom lists 194 employees for Transmit Security. | 低 | SO017 |
| CO035 | Reviewed official pages do not publish a canonical current employee count. | 高 | SO002, SO007 |
| CO036 | Reviewed public official sources do not disclose revenue or ARR. | 高 | SO001, SO002, SO006 |
| CO037 | Reviewed public official sources do not disclose a total customer count. | 高 | SO001, SO002, SO012 |
| CO038 | No public debt or credit facility was identified in the reviewed sources. | 中 | SO009, SO010, SO017, SO018 |
| CO039 | Review sources describe Transmit Security as capable but note implementation complexity, premium pricing, and technical dependence as real buyer considerations. | 中 | SO023, SO024, SO025 |
| CO040 | PeerSpot reviewers say rule building can be application-specific and that non-technical users can struggle with the product. | 中 | SO023 |
| CO041 | CyberSecurityO says Transmit Security carries premium pricing and can be complex for organizations without identity-orchestration experience. | 中 | SO024 |
| CO042 | Transmit Security says its orchestration product is used by eight of the top ten U.S. financial organizations and orchestrates hundreds of millions of customer interactions daily. | 中 | SO012 |
| CO043 | Transmit Security said in September 2021 that its customers included six of the seven largest financial institutions in the U.S. and two of the largest U.S. merchants. | 中 | SO010 |
| CO044 | BusinessWire and SecurityInformed both describe Mosaic as unifying customer identity, authentication, fraud prevention, and identity validation in one AI-driven architecture. | 高 | SO020, SO021 |
| CO045 | Transmit Security offers stock options as part of employee benefits according to its careers page. | 中 | SO007 |
| CO046 | The product appears strongest where orchestration depth matters, but that same depth likely increases deployment and services burden for some buyers. | 中 | SO023, SO024, SO025 |
| CO047 | The company is best characterized as a late-stage private growth cybersecurity software company rather than an early-stage startup or public issuer. | 中 | SO009, SO017, SO020 |
| CO048 | Transmit Security maintains a structured partner program with separate onboarding for new partners and a portal for existing partners, but the public page does not list named partners. | 中 | SO008 |
| CO049 | The public pricing page highlights a 99.99% uptime SLA and no-code orchestration as core enterprise offer components. | 中 | SO006 |
| CO050 | Transmit Security says its identity verification flows can combine more than 150 data sources to automate onboarding and regulatory checks. | 中 | SO013 |
| CM001 | MarketsandMarkets classifies consumer IAM solutions to include identity administration, PII management and analytics, access management, fraud detection, plus related services. | 中 | SM008 |
| CM002 | Transmit says its Mosaic platform combines identity management, fraud prevention, identity verification, orchestration, and authentication across the user lifecycle. | 中 | SM029 |
| CM003 | Broader IAM is materially larger than direct CIAM because it includes workforce and administrative access use cases excluded from customer-identity TAM. | 中 | SM011 |
| CM004 | Identity verification is adjacent to CIAM and is forecast as its own market, so it should not be fully counted inside direct CIAM TAM. | 中 | SM012 |
| CM005 | Status-quo substitutes for Transmit's target jobs include passwords plus OTP, social or federated sign-in, self-operated identity stacks, and point fraud or IDV tools. | 中 | SM014, SM015, SM021 |
| CM006 | PSD2 made customer-authentication design a regulatory issue for banks and payment firms by embedding strong-customer-authentication obligations into the EU payments framework. | 中 | SM004, SM021 |
| CM007 | GDPR and CCPA make consent, personal-data handling, and customer-data controls part of the buyer problem, expanding CIAM beyond login alone. | 高 | SM005, SM006 |
| CM008 | Grand View estimated the global CIAM market at USD 8.12B in 2023 and USD 26.72B by 2030, a 17.4% CAGR. | 中 | SM007 |
| CM009 | The Business Research Company says consumer IAM reached USD 41.75B in 2025 and is expected to reach USD 101.15B by 2030 at a 19.3% CAGR. | 中 | SM009 |
| CM010 | Meticulous Research says CIAM was USD 11.7B in 2025, USD 12.6B in 2026, and approximately USD 40.2B by 2036 at a 12.2% CAGR. | 中 | SM010 |
| CM011 | Precedence Research places the broader IAM market at USD 25.89B in 2026, materially above direct CIAM estimates because workforce and administrative identity are included. | 中 | SM011 |
| CM012 | Grand View projects the adjacent identity-verification market to reach USD 33.93B by 2030 from USD 9.87B in 2022 at a 16.7% CAGR. | 中 | SM012 |
| CM013 | Published CIAM baselines conflict materially: one widely circulated study puts the market at USD 41.75B in 2025 while another puts it at USD 12.6B in 2026, so they cannot be treated as the same boundary. | 中 | SM009, SM010 |
| CM014 | The spread across CIAM estimates is largely boundary-driven because some studies bundle fraud detection, analytics, and broader identity-stack services while others use a narrower CIAM definition. | 中 | SM008, SM009, SM010, SM011 |
| CM015 | A defensible evidence-constrained 2026 direct-CIAM TAM band is low USD 12.6B, base about USD 19B, and high USD 41.75B rather than a single headline number. | 中 | SM007, SM009, SM010 |
| CM016 | Transmit's commercially relevant budget overlaps direct CIAM with identity verification and fraud-prevention layers across the customer lifecycle. | 中 | SM008, SM012, SM029 |
| CM017 | Near-term SAM is narrower than TAM because the strongest triggers cluster in regulated or high-volume digital sectors such as banking, fintech, e-commerce, travel, healthcare, and public services. | 中 | SM004, SM017, SM018, SM021 |
| CM018 | MarketsandMarkets frames consumer IAM demand around buyer behavior, key stakeholders, buying criteria, adoption barriers, and end-use vertical unmet needs. | 中 | SM008 |
| CM019 | Enterprise passkey deployment is policy-driven and admin-enabled, so the budget owner or champion is usually identity or security leadership rather than the end user. | 高 | SM019, SM020, SM028 |
| CM020 | In consumer applications, the user is the customer signing in, but the buyer and payer are the app operator's product, security, and compliance organizations. | 中 | SM021, SM029 |
| CM021 | Consumer passkey rollout requires WebAuthn-capable browsers or devices, MFA before registration, a relying-party domain, and credential-management flows. | 高 | SM002, SM021 |
| CM022 | Microsoft recommends device-bound passkeys for admins and highly privileged users and synced passkeys for most other users, implying segmentation by risk tier and governance needs. | 中 | SM028 |
| CM023 | Fraud-loss pressure is large enough to support budget allocation: the FTC said U.S. consumers reported more than USD 12.5B lost to fraud in 2024, while UK Finance reported GBP 1.17B lost in 2023. | 高 | SM016, SM018 |
| CM024 | FIDO cites passkey implementation outcomes including 98% lower mobile account-takeover fraud, 70% higher sign-in conversion, and 81% fewer login-related help-desk incidents as adoption rises. | 中 | SM001 |
| CM025 | Google positions passkeys as improving conversion and security while removing SMS or app-OTP prompts from sign-in flows. | 中 | SM014 |
| CM026 | Ping says passwordless authentication can reduce helpdesk calls by up to 33%, adding an IT-operations savings case to the fraud and security ROI story. | 中 | SM013 |
| CM027 | Adoption often progresses from password-plus-MFA to passkey-for-MFA and then to full passwordless sign-in with lifecycle management. | 高 | SM020, SM021, SM028 |
| CM028 | FIDO said more than 15 billion online accounts could leverage passkeys by December 2024, more than doubling year over year. | 中 | SM022 |
| CM029 | Mobile ID World reported passkey awareness rose from a 2022 baseline of 39%, Microsoft targeted more than one billion users, and Amazon created 175 million passkeys. | 中 | SM025 |
| CM030 | Signicat says 42.5% of detected fraud involves AI and that such fraud has a 29% success rate, while deepfakes now dominate eID fraud in its survey set. | 中 | SM017 |
| CM031 | The FTC said consumers reported losing more than USD 12.5B to fraud in 2024, up 25% from the prior year. | 中 | SM016 |
| CM032 | FTC Consumer Sentinel received 6.5 million consumer reports in 2024 across 29 categories, showing broad fraud and identity pressure beyond a single scam vector. | 中 | SM027 |
| CM033 | UK Finance said GBP 1.17B was lost to fraud in 2023 across 2.97 million cases, underscoring persistent payments and identity abuse pressure. | 中 | SM018 |
| CM034 | USENIX researchers found passkey deployment and adoption have been slow despite wide OS and browser support, with barriers including account recovery, friction, technical issues, regulatory requirements, and security culture. | 中 | SM023 |
| CM035 | MDPI's 2025 literature review likewise says passkeys have not replaced passwords and highlights recovery, sharing or delegation, user-perception, and technical issues as adoption barriers. | 中 | SM024 |
| CM036 | Microsoft says administrators cannot yet fully see or control which devices hold a synced passkey, reflecting an industry-wide visibility and governance limitation. | 中 | SM028 |
| CM037 | Microsoft says synced passkeys reduce recoverability and reissuance costs compared with device-bound credentials, making them attractive for broad user populations. | 中 | SM028 |
| CM038 | For regulated or high-assurance environments, Microsoft recommends device-bound passkeys and can enforce attestation, meaning compliance can slow or narrow consumer-friendly rollouts. | 中 | SM021, SM028 |
| CM039 | Passkey availability is not the same as passkey adoption: FIDO's 15-billion-account scale coexists with academic evidence of slow enterprise and user rollout. | 中 | SM022, SM023, SM024 |
| CM040 | No public source in this packet cleanly isolates Transmit's actual SAM or SOM by segment, region, and deployment model, so any investor model still needs management-provided conversion, pricing, and vertical-mix data. | 低 | |
| CM041 | MarketsandMarkets explicitly includes fraud detection inside consumer IAM solution scope, but broader fraud-prevention spend still exceeds what most CIAM-only studies count. | 中 | SM008, SM017 |
| CM042 | Transmit describes Mosaic as a microservices-based CIAM platform for B2C and B2B that covers onboarding, lifecycle, consent, authentication, fraud prevention, and identity verification from one solution. | 中 | SM029 |
| CP001 | Transmit's Mosaic platform combines identity management, fraud prevention, identity verification, and orchestration in one product surface. | 高 | SP001, SP003 |
| CP002 | Transmit says Mosaic is built for orchestration and AI, using drag-and-drop tools and natural-language prompts to design customer journeys. | 中 | SP001 |
| CP003 | Transmit publicly supports B2B and B2C CIAM plus OTP, passkeys, biometrics, magic links, and social login. | 中 | SP001 |
| CP004 | Transmit raised a $543 million Series A at a $2.2 billion pre-money valuation in 2021. | 高 | SP002, SP003 |
| CP005 | Transmit's funding announcement says large enterprises standardize on the platform and cites customers including six of the seven largest financial institutions in the United States. | 中 | SP002 |
| CP006 | CIAM Compass says Transmit is best suited to fintech, banking, and high-fraud-pressure B2C deployments that want unified CIAM, fraud detection, and orchestration. | 中 | SP003 |
| CP007 | CIAM Compass flags enterprise-only opaque pricing, six-figure annual minimums, no public FedRAMP attestation, and a smaller customer base than the biggest incumbents as Transmit limitations. | 中 | SP003 |
| CP008 | Okta reported $2.919 billion of fiscal 2026 revenue, underscoring incumbent scale in identity. | 中 | SP004 |
| CP009 | Okta's customer identity packaging starts from an enterprise base platform and routes buyers to inquire for pricing rather than publishing a simple self-serve schedule. | 中 | SP005 |
| CP010 | Okta's public status feed shows multiple 2025-2026 disruptions affecting custom domains, SMS MFA delivery, preview logins, and admin-console workflows. | 中 | SP006 |
| CP011 | Okta disclosed that its 2023 support-system incident affected all Workforce Identity Cloud and Customer Identity Solution customers except FedRAMP High and DoD IL4 environments, while Auth0 support case management was not impacted. | 中 | SP007 |
| CP012 | Auth0 positions itself as an extensible developer platform that can connect any application stack and serve B2B, B2C, and B2E use cases. | 中 | SP008 |
| CP013 | Auth0 publishes a free tier, enterprise add-ons, passkeys support, and MAU-oriented pricing that scales to very large deployments. | 中 | SP009 |
| CP014 | Auth0 maintains a public status page that reported 99.99% uptime over the past 12 months when reviewed on 2026-06-17. | 中 | SP010 |
| CP015 | Ping's orchestration layer uses drag-and-drop flows, prebuilt connectors, and AI assistance to ship identity journeys in minutes rather than months. | 中 | SP011 |
| CP016 | Ping describes its orchestration as vendor-agnostic across CIAM, workforce, B2B, multi-cloud, and on-prem environments. | 中 | SP011 |
| CP017 | Ping routes pricing through a demo-led enterprise sales motion and says it serves over half of the Fortune 100. | 中 | SP012 |
| CP018 | Ping says the ForgeRock combination preserves both platforms while adding unified administration, identity lifecycle management, governance, and DaVinci cross-sell over time. | 中 | SP013 |
| CP019 | Microsoft Entra External ID now houses Azure AD B2B collaboration for external identities, and Azure AD External Identities P1/P2 stopped being available for new purchases in May 2025 pending a future migration path. | 高 | SP014, SP015 |
| CP020 | Microsoft Entra External ID is free for the first 50,000 monthly active users and then shifts to consumption-style pricing plus add-ons such as SMS authentication and identity governance. | 高 | SP014, SP015 |
| CP021 | Microsoft publishes a public service-health surface for cloud reliability and outage monitoring. | 中 | SP016 |
| CP022 | VendorBenchmark argues that Microsoft's IAM bundling makes the true incremental cost of Entra a cost-allocation exercise rather than a clean per-user comparison. | 中 | SP017 |
| CP023 | MajorKey says Entra is the most widely deployed identity platform by user count inside Microsoft estates, but customer and non-human identity use cases can require extra products and deeper integration raises lock-in risk. | 中 | SP018 |
| CP024 | Descope says it powers authentication for thousands of organizations from startups to the Fortune 500 using workflows, SDKs, and APIs for customers, partners, and AI agents. | 中 | SP019 |
| CP025 | Descope publicly combines passwordless flows, adaptive MFA, B2B SSO and SCIM, fine-grained authorization, and orchestration across more than 50 third-party tools. | 中 | SP019 |
| CP026 | Descope starts with free pricing and then layers usage overages, zero-downtime SSO migration, SCIM, fine-grained authorization, and custom discounts in higher tiers. | 中 | SP020 |
| CP027 | Descope maintains a dedicated trust center for enterprise procurement review. | 低 | SP021 |
| CP028 | Stytch raised a $90 million Series B at a $1 billion valuation and said more than 3,500 developers were building on the platform, including some Fortune 500 users. | 中 | SP022 |
| CP029 | Stytch's pricing model includes a free tier with 10,000 MAUs, five SSO or SCIM connections, and no hard caps or pricing cliffs. | 中 | SP023 |
| CP030 | CyberArk's identity platform spans passwordless access, customer access, B2B identity, flows, lifecycle management, governance, and machine identity rather than only CIAM. | 中 | SP024 |
| CP031 | CyberArk reported $1.361 billion of 2025 revenue and $1.440 billion of ARR, reflecting scaled adjacent identity-security gravity. | 中 | SP025 |
| CP032 | Keycloak offers open-source self-hosted IAM with SSO, identity brokering, social login, user federation, and fine-grained authorization. | 中 | SP026 |
| CP033 | Keycloak's documentation shows meaningful installation, server administration, customization, and provider-development work, so self-hosting trades license savings for operational burden. | 中 | SP026, SP027 |
| CP034 | MajorKey argues that integrating multiple identity products can outperform a single-suite approach when governance and ownership are strong. | 中 | SP018 |
| CP035 | MajorKey says Okta remains the default evaluation anchor for workforce access and app integrations, but hybrid and on-prem environments still add AD-agent complexity and latency. | 中 | SP018 |
| CP036 | MajorKey describes Ping as a strong fit for regulated and hybrid deployments because of flexible federation and deployment choices, even though integration complexity remains a real consideration. | 中 | SP018 |
| CP037 | VendorBenchmark says Okta renewals often suffer from module expansion and that buyers frequently uncover duplicated or unused functionality before renewal. | 中 | SP017 |
| CP038 | Transmit's clearest differentiation is that authentication, identity verification, and fraud signals can run in one runtime instead of being stitched across separate vendors. | 高 | SP001, SP003 |
| CP039 | If a buyer only needs CIAM without embedded fraud control, lower-friction alternatives from Auth0, Descope, Stytch, Microsoft, or Keycloak reduce Transmit's advantage. | 中 | SP003, SP009, SP015, SP020, SP023, SP026 |
| CP040 | Public status and incident pages across Okta, Auth0, and Microsoft show that prudent buyers should plan contingency and at least some multi-homing rather than assume flawless uptime from any one control plane. | 中 | SP006, SP010, SP016 |
| CP041 | CyberArk is better understood as an adjacent platform and likely entrant into customer-access budgets than as a like-for-like Transmit replacement today. | 中 | SP024, SP025 |
| CP042 | Because Ping offers openness and Microsoft offers bundle gravity, Transmit's moat depends more on superior fraud-heavy journey outcomes than on undifferentiated login features. | 中 | SP003, SP011, SP015, SP018 |
| CI001 | Transmit Security publicly prices Mosaic as a custom-quoted enterprise offering built around MAU or event-volume billing and bundled enterprise support. | 高 | SI001, SI024 |
| CI002 | Full Mosaic Platform starts at $200,000 per year for 100,000 MAUs. | 高 | SI001, SI024 |
| CI003 | Mosaic for Identity starts at $100,000 per year for 100,000 MAUs. | 中 | SI001, SI024 |
| CI004 | Mosaic for Identity Fraud and Threat Detection and Response starts at $100,000 per year for 10 million logins. | 中 | SI001, SI024 |
| CI005 | Mosaic for Identity Verification starts at $50,000 per year for 100,000 ID checks. | 中 | SI001, SI024 |
| CI006 | Transmit says final pricing depends on use case, volume, and deployment architecture, with a tailored quote promised within 24 hours. | 中 | SI001, SI024 |
| CI007 | Transmit positions Mosaic as one platform spanning identity management, fraud prevention, and identity verification. | 高 | SI002, SI003 |
| CI008 | Transmit's public partner messaging and Microsoft co-selling article imply channel-assisted enterprise selling rather than a purely self-serve funnel. | 中 | SI004, SI008 |
| CI009 | An official case study describes a global bank deployment serving 200 million clients across seven applications. | 高 | SI006, SI015 |
| CI010 | The same global-bank case says tool consolidation improved efficiency, cut costs, and reduced call-center volume. | 中 | SI006 |
| CI011 | Transmit's leading-US-bank case says its fraud tooling reduced new-account fraud by 98% and detected 10 times as many attacks as legacy tools. | 高 | SI005, SI026 |
| CI012 | The same bank case says false positives fell by 90%. | 高 | SI005, SI026 |
| CI013 | The same bank case says operational costs fell by 80% and time to value was about one month. | 高 | SI005, SI026 |
| CI014 | Aflac reported more than 265,000 enrollments and 32% passkey adoption after launching its Transmit-powered experience. | 高 | SI007, SI020 |
| CI015 | Aflac reported a 96% passkey login success rate and no reported login failures. | 高 | SI007, SI020 |
| CI016 | Aflac's Transmit deployment reportedly went from day one to launch in about two months with no reported need for technical assistance from passkey users. | 高 | SI007, SI020 |
| CI017 | Transmit's Microsoft-partner article markets modeled benefits including 30% fewer authentication failures, 70% fewer support calls, 95% credential-stuffing detection, and 30% faster login times. | 中 | SI008 |
| CI018 | Transmit says Mosaic operates active-active across Azure, Google Cloud, and AWS with identity caching and in-session failover. | 中 | SI008 |
| CI019 | Official and customer-proof sources say Transmit serves banks, insurers, retailers, and other brands responsible for more than $2 trillion in annual commerce. | 中 | SI015, SI020 |
| CI020 | Transmit Security raised $543 million in a single Series A round on 2021-06-22 led by Insight Partners and General Atlantic. | 高 | SI012, SI018, SI019 |
| CI021 | The 2021 round valuation was reported at roughly $2.2 billion pre-money by SecurityWeek and Forbes, while VentureBeat framed the transaction at a $2.3 billion valuation. | 中 | SI017, SI018, SI019 |
| CI022 | Independent news coverage named HSBC, UBS, Santander, Lowe's, Citibank, and MassMutual among public or cited customer references around the funding period. | 中 | SI017, SI019 |
| CI023 | Public coverage describes Transmit as bootstrapped before the 2021 round and says proceeds were intended to expand globally. | 中 | SI017, SI018, SI019 |
| CI024 | GetLatka estimated 2025 revenue at $33.4 million and employee count at about 308. | 低 | SI010 |
| CI025 | PitchBook's public profile preview listed 317 total employees as of 2025 and a latest deal amount of $543 million. | 中 | SI011 |
| CI026 | Growjo estimated Transmit at $60.8 million annual revenue, $2.7 billion valuation, 368 employees, and -2% employee growth. | 低 | SI022 |
| CI027 | Cybersecurity Brands / SIG claimed Transmit exceeded $100 million in ARR and grew revenue 40% year over year after funding. | 低 | SI023 |
| CI028 | Public estimates place Transmit in a very wide range of $33.4 million to more than $100 million revenue and roughly 308 to 368 employees, which is too dispersed for clean underwriting. | 中 | SI010, SI011, SI022, SI023 |
| CI029 | No retained public source provides audited Transmit revenue, gross margin, cash, or runway disclosures, and SEC EDGAR search offers no obvious issuer filing trail to rely on. | 中 | SI010, SI011, SI025 |
| CI030 | G2 reviewers rated the product 4.8 out of 5 but explicitly cited high price and meaningful integration and maintenance knowledge requirements. | 中 | SI013 |
| CI031 | PeerSpot reviews say pricing competitiveness needs attention, rule-building is per application, and scalability depends on workflow complexity. | 中 | SI014 |
| CI032 | CyberSecurityO characterizes Transmit as premium-priced, implementation-heavy, and less naturally suited to lower-assurance or more developer-self-serve use cases. | 中 | SI016 |
| CI033 | FeaturedCustomers lists 16 testimonials, 7 case studies, 4 customer videos, and a 4.8/5 rating from 1,240 reference ratings for Transmit. | 中 | SI015 |
| CI034 | Okta's 2026 annual report shows 77% total gross margin and 80% subscription gross margin for a scaled identity-software peer. | 中 | SI021 |
| CI035 | Okta's 2026 annual report shows sales and marketing as its largest operating expense at $1.018 billion, or 35% of revenue. | 中 | SI021 |
| CI036 | Okta attributed subscription cost growth to labor, third-party hosting, and software costs, illustrating that cloud identity platforms still bear meaningful delivery COGS. | 中 | SI021 |
| CI037 | Transmit's module design implies the core authentication and orchestration SKU is software-like, while fraud scoring, identity verification, and active-active multi-cloud resilience add event-driven and infrastructure costs. | 中 | SI001, SI008, SI021 |
| CI038 | CheckThat notes that public pricing reveals no volume tiers above 100,000 MAUs and no public professional-services or training price card, so first-year TCO cannot be modeled from public evidence alone. | 中 | SI024 |
| CI039 | No retained public source discloses Transmit's cash balance, monthly burn, gross margin, net retention, customer concentration, or runway months. | 中 | SI001, SI003, SI010, SI011, SI012, SI025 |
| CI040 | Tracxn's funding ledger shows only one publicly disclosed financing round, so any post-2021 debt, secondary liquidity, or next-round trigger remains a private-data question. | 中 | SI012 |
| CI041 | Across G2, PeerSpot, and CyberSecurityO, the recurring downside pattern is not product irrelevance but premium pricing and integration intensity, implying heavy solution-engineering and customer-success investment. | 中 | SI013, SI014, SI016 |
| CI042 | Business Wire says Transmit is trusted by 7 of the top 10 U.S. banks and Fortune 500s, reinforcing enterprise concentration and likely high-touch support expectations. | 中 | SI020 |
| CE001 | Transmit positions Mosaic as a single platform spanning identity management, fraud prevention, and identity verification across the user lifecycle. | 中 | SE001, SE006 |
| CE002 | Transmit says Mosaic orchestration uses drag-and-drop tools and natural-language prompts to design registration, login, and payment journeys. | 中 | SE001 |
| CE003 | Transmit describes Mosaic as a microservices-based CIAM platform for both B2C and B2B use cases. | 中 | SE001 |
| CE004 | Transmit's documentation says the platform serves customer, business, and workforce identity contexts from one docs surface. | 中 | SE006, SE008 |
| CE005 | The API reference groups product capabilities into backend authentication, OIDC and hosted auth, identity management, fraud prevention, identity verification, organizations, and platform administration. | 中 | SE008 |
| CE006 | The platform-services overview defines distinct service families for detection and response, identity verification, identity management, authentication, and identity orchestration. | 中 | SE011 |
| CE007 | Transmit publicly documents authentication options including OTP, passkeys, mobile biometrics, magic links, and social login. | 中 | SE001 |
| CE008 | Transmit says Identity Verification supports more than 10,000 ID templates plus biometric matching, liveness checks, synthetic-ID detection, deepfake detection, and digital credentials. | 中 | SE003 |
| CE009 | Transmit says Fraud Prevention uses behavioral analysis, anomaly detection, device fingerprinting, bot detection, social-engineering protection, and dynamic risk-based validation. | 中 | SE004 |
| CE010 | Transmit says Machine and Automation ITDR covers AI agents, APIs, bots, backend workloads, runtime behavior analysis, and just-in-time identity issuance. | 中 | SE005 |
| CE011 | Transmit's API documentation says Mosaic is built with an API-first approach. | 中 | SE007 |
| CE012 | Transmit documents one sandbox host and four region-specific production hosts: US, EU, Canada, and Australia. | 中 | SE007, SE009 |
| CE013 | Transmit's API topology separates service IDs such as cis for identity management and journeys, risk for fraud prevention, and verify for identity verification. | 中 | SE007, SE024 |
| CE014 | Transmit documents multiple auth patterns including PKCE, client secret, private-key JWT, mTLS, and bearer-token access. | 中 | SE007 |
| CE015 | Transmit says client-role-based access controls protect backend authentication, hosted auth, and identity-management APIs. | 中 | SE007 |
| CE016 | Transmit's SDK installation docs and npm package both point to a version-2 platform web SDK distributed through npm. | 中 | SE009, SE024 |
| CE017 | Transmit's SDK docs emphasize tree-shaking and module-specific imports for orchestration, risk, identity verification, and WebAuthn. | 中 | SE009, SE024 |
| CE018 | Transmit's public GitHub organization showed recently updated SDK and sample repositories in May and June 2026, including iOS authentication and identity-verification packages plus Express and React wrappers. | 中 | SE022 |
| CE019 | Transmit's Training-Passkeys repository publishes a full integration branch plus starter and solution branches with local demo instructions. | 中 | SE023 |
| CE020 | The platform-services overview says Identity Management provides a scalable user store and Authentication provides a single service with multiple methods for low-friction secure experiences. | 中 | SE011 |
| CE021 | Transmit's SLA states a 99.99% target availability for production tenants. | 中 | SE013 |
| CE022 | Transmit's SLA says cloud services are designed for 24x7x365 operation and deployed in resilient computing facilities with redundant network connections and power. | 中 | SE013 |
| CE023 | Transmit's SLA gives severity-1 service-down incidents a one-hour response objective with 24x7 coverage. | 中 | SE013 |
| CE024 | Transmit's docs let customers use custom domains while preserving the same endpoint paths and region-specific server paths. | 中 | SE007, SE009 |
| CE025 | Transmit says Aflac embedded passkey authentication with developer-friendly SDKs, launched in about two months, and kept the branded journey inside its own website. | 中 | SE015 |
| CE026 | Transmit says a global bank serving 200 million clients across seven applications moved to FIDO2 Web Authentication and passkeys using Transmit Authentication Services. | 中 | SE016 |
| CE027 | Transmit says one large U.S. bank using Detection and Response achieved 98% lower new-account fraud, 90% fewer false positives, 80% lower labor, and one-month time to value. | 中 | SE017 |
| CE028 | Transmit's 2026 release notes show February risk-analysis and integration simplification updates, March browser-takeover and governance updates, and May transaction-monitoring releases. | 中 | SE010 |
| CE029 | Transmit's Microsoft-partnership article says passkey deployments with Azure AD B2C or Entra External ID can reduce authentication failures by 30%+, credential-related support calls by 70%, and credential-stuffing attacks by 95%. | 中 | SE014, SE015 |
| CE030 | Transmit says Aflac reached 32% passkey adoption within days and 96% passkey login success, with no passkey logins failing or requiring technical assistance at the time described. | 中 | SE015 |
| CE031 | CIAM Compass argues Transmit fits high-fraud enterprise B2C deployments because combining CIAM, fraud detection, and orchestration can remove a three-vendor stack. | 中 | SE018 |
| CE032 | CyberSecurityO describes BindID passwordless authentication plus Mosaic identity security as a unified stack for high-stakes customer authentication use cases. | 中 | SE019 |
| CE033 | Microsoft, FIDO, W3C, passkeys.dev, and NIST sources all describe passkeys as FIDO2 or public-key-credential based and phishing-resistant. | 高 | SE025, SE026, SE027, SE028, SE029 |
| CE034 | Transmit's privacy statement says it is usually a processor for user data customers send into the platform while remaining the controller for website-visitor and customer-business data. | 中 | SE012 |
| CE035 | Transmit's privacy statement says Identity Network Profile reuse and some service-improvement uses of identity-verification data make Transmit a controller in limited product flows. | 中 | SE012 |
| CE036 | NIST guidance requires phishing-resistant options at AAL2, and the passkey standards sources explain why public-key credential flows satisfy that design goal better than shared-secret passwords. | 高 | SE025, SE026, SE027, SE028, SE029 |
| CE037 | Independent review sources say the no-code and orchestration narrative still comes with meaningful implementation friction, including app-specific rule building, documentation gaps, and workflow-complexity scaling limits. | 中 | SE020, SE021 |
| CE038 | PeerSpot reviewers still describe Transmit as stable and suitable for large organizations even while noting complexity and pricing concerns. | 中 | SE020 |
| CE039 | A G2 banking reviewer called Transmit a modern public-cloud architecture while another review said integration and maintenance require notable knowledge and high spend. | 中 | SE021 |
| CE040 | Public evidence supports a broad, actively developed identity-and-fraud platform with strong passkey and developer-surface proof, but not a fully transparent trust-center or low-level deployment disclosure set. | 中 | SE007, SE010, SE012, SE013, SE020, SE021, SE022, SE024 |
| CU001 | Transmit Security’s official materials say it serves many of the world’s largest banks, insurers, retailers, and other leading brands. | 高 | SU002, SU003, SU004, SU005 |
| CU002 | Transmit Security’s official materials say those brands are collectively responsible for more than $2 trillion in annual commerce. | 高 | SU004, SU005 |
| CU003 | Business Wire says Transmit is trusted by seven of the top ten U.S. banks and Fortune 500s. | 中 | SU018 |
| CU004 | FeaturedCustomers lists 16 testimonials, 7 case studies, 4 customer videos, and a 4.8 out of 5 reference score for Transmit Security. | 中 | SU019 |
| CU005 | No retained public source discloses a current total customer-count or active-logo count for Transmit Security. | 中 | SU001, SU002, SU003, SU004, SU005 |
| CU006 | Transmit’s homepage and about materials position Mosaic as a customer-facing identity, fraud-prevention, and identity-verification platform for enterprise digital journeys. | 高 | SU001, SU002 |
| CU007 | The detailed global-bank case study says the deployment supports 200 million client accounts across more than 160 countries and jurisdictions. | 中 | SU007 |
| CU008 | The global-bank case study says eliminating hard tokens and simplifying login cut maintenance costs by tens of millions of dollars annually. | 中 | SU007 |
| CU009 | The shorter global-bank customer story says the bank reduced call-center volume and extended Transmit into call-center and risk-based authentication. | 中 | SU006 |
| CU010 | Transmit’s leading U.S. bank story says Transmit found more than 12,000 fraudulent accounts in a one-month trial versus roughly 2,000 found by incumbent tools, while reducing new-account fraud by 98%, false positives by 90%, and operational costs by 80%. | 中 | SU008 |
| CU011 | Citi Ventures executive Arvind Purushotham said Citi had several thousand apps and a fragmented authentication and authorization system before working with Transmit Security. | 中 | SU009 |
| CU012 | Transmit’s Citi partnership page says Citi is a long-term customer and continues to expand implementation of Transmit Security services. | 中 | SU009 |
| CU013 | Transmit’s BRED story says BRED launched a BindID-based service in seven days with no usernames, passwords, or app download. | 中 | SU010 |
| CU014 | Transmit’s BRED story says the rollout decreased operating costs, support-call volume, and fraud risk. | 中 | SU010 |
| CU015 | NN’s case-study PDF describes NN as a Dutch financial-services company with about 15,000 employees and more than 18 million customers globally. | 高 | SU012, SU028 |
| CU016 | NN’s case-study PDF says Transmit improved customer experience and adoption rates after orchestration. | 中 | SU012 |
| CU017 | NN’s Transmit materials say PwC Advisory helped NN evaluate and select a new identity vendor. | 高 | SU011, SU012 |
| CU018 | Transmit’s Cattolica story says the insurer replaced a legacy authentication architecture with orchestration, passwordless, and MFA services. | 中 | SU013 |
| CU019 | Transmit’s America’s Car-Mart story says the customer operated 154 dealerships across 12 states and used Passwordless and MFA Services to support digital shopping and financing. | 高 | SU014, SU025 |
| CU020 | Transmit’s Aflac sources say passkey adoption reached 32%, login success reached 96%, and more than 265,000 policyholders enrolled. | 高 | SU015, SU016 |
| CU021 | Transmit’s Aflac blog says the project took about two months from day one to launch and required no technical assistance from passkey users at publication time. | 中 | SU015 |
| CU022 | Official briefs and the homepage make broad bank, insurer, retailer, and commerce-scale claims without naming most customer logos or deployment depths. | 高 | SU002, SU003, SU004, SU005 |
| CU023 | FeaturedCustomers surfaces Transmit references and case-study counts, but much of the underlying testimonial content is summarized or partially locked rather than being a direct customer filing or audited disclosure. | 中 | SU019 |
| CU024 | No retained public source discloses Transmit Security’s NRR, GRR, logo churn, renewal rate, or standard contract length. | 中 | SU001, SU002, SU020, SU021, SU022, SU023, SU024 |
| CU025 | PeerSpot says rule-building should be centralized for all applications, implying current workflow design can still be application-specific. | 中 | SU020, SU021 |
| CU026 | PeerSpot says scalability depends on workflow complexity and can be tricky to manage. | 中 | SU020, SU021 |
| CU027 | PeerSpot and G2 say pricing could be more competitive or is very high. | 中 | SU021, SU022 |
| CU028 | G2 reviewers say integrating and maintaining the platform requires notable knowledge up front. | 中 | SU022 |
| CU029 | TrustRadius reviews say updates were not happening as often for one reviewer and that some settings had been lost and had to be re-entered before being resolved. | 中 | SU023 |
| CU030 | CyberSecurityO says Transmit is premium priced, has a smaller customer base than Auth0 or Okta, and can be complex for organizations without identity-orchestration experience. | 中 | SU024 |
| CU031 | Transmit’s Microsoft-oriented passkey article says committed Microsoft spend can be used for instant procurement and partner discounts. | 中 | SU017 |
| CU032 | The same Microsoft-oriented article claims Azure / Entra plus Transmit can deliver 30% or greater reductions in authentication failures, 70% lower credential-related support calls, and 30% faster login times. | 中 | SU017 |
| CU033 | The FIDO Alliance showcase describes BindID as an app-less biometric authenticator that is easy to deploy into any channel. | 中 | SU030 |
| CU034 | The retained named-customer set is concentrated in regulated financial services and insurance, with America’s Car-Mart as the clearest non-FSI named deployment. | 中 | SU009, SU010, SU011, SU012, SU013, SU014, SU015, SU016 |
| CU035 | Citigroup’s company facts page says Citi serves clients in more than 180 countries and jurisdictions and has 19,000 institutional clients. | 中 | SU026 |
| CU036 | BRED’s official site says the bank has more than 300 branches and a dedicated mobile app, consistent with a mass-market retail-banking deployment context. | 中 | SU027 |
| CU037 | NN Group’s homepage says the company is active in 10 countries and serves approximately 18 million customers. | 中 | SU028 |
| CU038 | Cattolica’s official site confirms it remains a consumer-facing insurance brand with multiple retail product lines. | 中 | SU029 |
| CU039 | America’s Car-Mart’s site emphasizes pre-qualification, payments, and a customer account center, consistent with a live digital customer-account use case. | 中 | SU025 |
| CU040 | Business Wire’s Forrester-leader release says customer interviews praised Transmit Security’s competence and dependability. | 中 | SU018 |
| CU041 | The global-bank case-study PDF says the customer wanted one true omnichannel, multi-device passwordless login experience without extra apps or hard tokens. | 中 | SU007 |
| CU042 | NN’s case-study PDF says Transmit centralized apps, channels, customer journeys, and policies in one hub with drag-and-drop workflow building. | 中 | SU012 |
| CU043 | Transmit’s Cattolica story says the insurer needed customer, employee, and agent authentication that could be implemented quickly. | 中 | SU013 |
| CU044 | Transmit’s America’s Car-Mart story says improved contact-information verification reduced fraud and support requests. | 中 | SU014 |
| CU045 | Transmit’s Aflac blog says the company reached its early passkey adoption without promotional campaigning, relying on the in-product option and prompts. | 中 | SU015 |
| CU046 | Business Wire says more than 265,000 Aflac policyholders enrolled in the new passkey experience. | 中 | SU016 |
| CU047 | The content-hub index and official case-study surfaces are curated marketing assets rather than audited customer ledgers. | 中 | SU019, SU006, SU011, SU013, SU014, SU015 |
| CU048 | No retained public source discloses what share of ARR comes from top customers, banking verticals, or partner-sourced channels such as Microsoft. | 中 | SU001, SU002, SU017, SU020, SU021, SU022, SU024 |
| CR001 | Transmit Security's privacy statement says users may be required to upload a government-issued ID and a selfie and that the service stores biometric identifiers derived from those images on customer instructions. | 中 | SR001 |
| CR002 | The privacy statement says customer-controlled automated decisions should be addressed to the customer, signaling that Transmit frames itself as processor infrastructure inside customer decision flows. | 中 | SR001 |
| CR003 | Transmit says it will never use or share biometric information for advertising or marketing and retains such data only for compliance and protection reasons within legal limits. | 中 | SR001 |
| CR004 | Transmit's cloud-services DPA is dated 2025-11-14 and explicitly incorporates EU GDPR, UK GDPR, the UK Addendum, and EU Standard Contractual Clauses for transfers involving the United States. | 中 | SR002 |
| CR005 | The DPA appendix says optional personal-data fields can include ID-document details, selfie photos, device information, date of birth, and other interaction or network data, with a default 90-day retention period unless customers specify otherwise. | 中 | SR002 |
| CR006 | The DPA says Transmit must notify customers without undue delay of personal-data breaches, allow audits no more than once every 12 months, and return or destroy end-user personal data on request subject to legal retention requirements. | 中 | SR002 |
| CR007 | Transmit's DPA lists AWS, MongoDB Atlas, Google Cloud Platform, Cloudflare, Movate, Veriff, and Salesforce among the subprocessors or subcontractors used to deliver the platform. | 中 | SR002 |
| CR008 | Transmit's cloud-services agreement and public terms of service both cap aggregate liability at the amounts paid for the applicable order or purchase order during the preceding twelve months. | 高 | SR004, SR005 |
| CR009 | Transmit's cloud-services agreement and terms of service both treat acts of government, civil unrest, and acts of terror as force-majeure events. | 高 | SR004, SR005 |
| CR010 | Transmit's published terms route customers in North America, Latin America, and Japan through a Boston entity, customers outside those regions through a Tel Aviv entity, and Canadian customers through a Vancouver entity. | 中 | SR005 |
| CR011 | Transmit's published cloud SLA targets 99.99% availability for production tenants, and its pricing page separately markets enterprise-grade 99.99% uptime support. | 高 | SR003, SR006 |
| CR012 | The same cloud SLA says severity-one incidents have a within-one-hour response objective on a 24x7 basis, but those response times are goals rather than a performance guarantee. | 中 | SR003 |
| CR013 | Transmit's cloud SLA excludes third-party services, customer systems, customizations, beta versions, POCs, free services, and trial services from the core enterprise uptime commitment. | 中 | SR003 |
| CR014 | The FTC Safeguards Rule guidance says covered financial institutions must maintain a written security program, implement MFA and encryption, and contractually monitor service providers handling customer information. | 高 | SR014, SR016 |
| CR015 | FTC guidance says notification events under the Safeguards Rule must be reported to the FTC within 30 days after discovery when at least 500 consumers' unencrypted information was unauthorizedly acquired. | 高 | SR014, SR015 |
| CR016 | The joint EBA-ECB payment-fraud release says card-payment fraud was 17 times higher when the recipient was outside the EEA, where strong customer authentication is not legally required and often not used. | 中 | SR017 |
| CR017 | The same EBA-ECB release says total EEA payment fraud rose to €4.2 billion in 2024 even though strong customer authentication remained effective against targeted card-fraud patterns. | 中 | SR017 |
| CR018 | The EBA's final RTS amendment extends the renewal frequency for strong customer authentication on the relevant account-access exemption from every 90 days to every 180 days. | 高 | SR018, SR019 |
| CR019 | CISA says phishing-resistant MFA is the gold standard and that app push without number matching, SMS, and voice methods remain materially more vulnerable to phishing, SS7, SIM-swap, or push-fatigue attacks. | 高 | SR020, SR021 |
| CR020 | The EDPB says biometric-authentication designs are more privacy-compatible when templates stay on the user's device under the individual's sole control and are deleted shortly after matching. | 高 | SR022, SR023 |
| CR021 | Transmit's platform-services overview says its fraud engine analyzes device, network, behavioral-biometrics, and transactional data with AI and machine learning. | 中 | SR007 |
| CR022 | Transmit's Microsoft marketplace listing says passkey journeys still have vulnerabilities around registration, account recovery, lost or stolen devices, and insufficient step-up authentication. | 中 | SR009 |
| CR023 | Microsoft Learn says the Transmit Detection and Response integration for Azure AD B2C is available only for custom policies. | 中 | SR012 |
| CR024 | Microsoft Learn says the Transmit passkey integration for Azure AD B2C requires a Transmit tenant, a registered application, and custom-policy configuration. | 中 | SR013 |
| CR025 | Transmit's Sentinel connector says customer logins and access attempts can be centralized into Microsoft Sentinel for monitoring and threat detection. | 中 | SR011 |
| CR026 | Transmit's Microsoft passkey blog says the company runs an active-active multi-cloud architecture across Microsoft Azure, Google Cloud Platform, and Amazon Web Services, with in-session failover and identity caching for continuity. | 中 | SR028 |
| CR027 | Transmit's Microsoft passkey blog says Microsoft committed spend and partner discounts can be used to procure Mosaic. | 中 | SR028 |
| CR028 | Transmit's Microsoft marketplace and Mosaic marketplace pages position the offering explicitly on top of Azure AD B2C and Entra External ID rather than as a stand-alone hyperscaler-independent control plane. | 高 | SR009, SR010 |
| CR029 | Business Wire and TechCrunch both reported that Transmit raised a $543 million Series A on 2021-06-22 at a $2.2 billion pre-money valuation. | 高 | SR029, SR030 |
| CR030 | Business Wire said the 2021 Series A was led by Insight Partners and General Atlantic, with Cyberstarts, Geodesic, SYN Ventures, Vintage, and Artisanal Ventures also participating. | 中 | SR029 |
| CR031 | Transmit's global-bank case study says one banking customer served 200 million clients across seven separate applications before consolidating the login experience. | 中 | SR032 |
| CR032 | Transmit's leading-U.S.-bank case study says one bank achieved a 98% reduction in new-account fraud, one-month time to value, and 1300% ROI. | 中 | SR031 |
| CR033 | PeerSpot reviewers said rule-building can require per-application work and that scalability becomes tricky as workflow complexity and user volume grow. | 中 | SR024 |
| CR034 | PeerSpot reviewers also said pricing competitiveness needs attention and that documentation or interfaces could be more accessible for non-technical users. | 中 | SR024 |
| CR035 | The archived G2 page shows a 4.8 out of 5 review rating while also stating that pricing details are not publicly available on the listing. | 中 | SR025 |
| CR036 | StackInsight says total cost can vary with data-residency requirements and support levels, which increases pricing complexity beyond a simple license rate card. | 低 | SR026 |
| CR037 | Transmit's platform page says Mosaic bundles identity management, fraud prevention, and identity verification across the user lifecycle. | 高 | SR008, SR010 |
| CR038 | Transmit's pricing page says commercial packaging is based on monthly active users or event volume rather than a simple seat-based model. | 中 | SR006 |
| CR039 | The U.S. State Department says travelers should reconsider travel to Israel due to terrorism and civil unrest and avoid multiple nearby conflict zones. | 中 | SR027 |
| CR040 | Transmit's Microsoft passkey blog says the company is the only Microsoft partner offering identity orchestration for these passkey journeys. | 中 | SR028 |
| CR041 | The DPA says customers may object to new subprocessors within ten business days if the objection is reasonably founded on data-protection concerns. | 中 | SR002 |
| CR042 | Transmit's public materials show that continuity claims depend on Microsoft ecosystem hooks, multi-cloud infrastructure, and third-party identity-verification or support vendors rather than a fully self-contained stack. | 中 | SR002, SR009, SR011, SR028 |
| CR043 | Transmit's public case studies concentrate performance proof in a small number of very large financial institutions, which makes reference-account durability more important than a disclosed broad SMB base would be. | 中 | SR031, SR032 |
| CR044 | Public sources reviewed do not disclose current customer revenue concentration, live incident-history metrics, or regional headcount split, so those remain management diligence asks rather than verified public facts. | 中 | SR024, SR025, SR026, SR029, SR030 |
| CV001 | Transmit Security's last disclosed primary financing was a $543 million Series A announced on 2021-06-22. | 高 | SV001, SV002, SV003, SV012 |
| CV002 | Business Wire and TechCrunch both frame that 2021 financing at about a $2.2 billion pre-money valuation. | 高 | SV002, SV003 |
| CV003 | Insight Partners and General Atlantic were the lead investors named on the 2021 Series A. | 高 | SV001, SV002, SV012 |
| CV004 | Transmit later disclosed Citi Ventures and Goldman Sachs as additional investors in the same record-setting financing. | 高 | SV004, SV012 |
| CV005 | PitchBook still lists Transmit Security as private, with latest deal type Series A, latest deal amount $543 million, and 317 employees. | 中 | SV011 |
| CV006 | Tracxn still lists only one funding round for Transmit Security and ties a $2.2 billion valuation to 2021-06-22. | 中 | SV012 |
| CV007 | Dealroom currently frames Transmit Security as a unicorn with a valuation band of $1 billion to $2.5 billion and about 312 staff. | 中 | SV013 |
| CV008 | Transmit Security publicly advertises annual entry pricing of about $200,000 for the full Mosaic platform, $100,000 for Mosaic for Identity, $100,000 for fraud and threat detection, and $50,000 for identity verification. | 中 | SV005 |
| CV009 | Transmit says Microsoft committed-spend discounts can be used in the joint passkey and CIAM motion. | 中 | SV006 |
| CV010 | A published Transmit case study describes a global bank deployment supporting more than 200 million customers across seven mobile and web apps. | 中 | SV007 |
| CV011 | Transmit says a leading U.S. bank achieved 1300% ROI and a 98% reduction in new-account fraud after deployment. | 中 | SV008 |
| CV012 | Transmit says Aflac reached 32% passkey adoption and 96% login success in roughly two months. | 中 | SV009 |
| CV013 | FeaturedCustomers says Transmit supports brands collectively responsible for more than $2 trillion in annual commerce. | 中 | SV016 |
| CV014 | GetLatka reports that Transmit Security reached $33.4 million of revenue in 2025. | 低 | SV010 |
| CV015 | GetLatka reports that Transmit Security employed about 308 people as of 2026. | 低 | SV010 |
| CV016 | SIG says Transmit Security exceeded $100 million in annual recurring revenue and grew revenue 40% year-over-year in the first half of its post-funding period. | 低 | SV030 |
| CV017 | Taken together, retained third-party public-scale signals span at least $33.4 million to more than $100 million of revenue or ARR-like scale. | 低 | SV010, SV030 |
| CV018 | Retained public headcount signals cluster in a narrow band of roughly 308 to 317 employees. | 中 | SV010, SV011, SV013 |
| CV019 | Gartner Peer Insights shows Transmit Security at 4.5 out of 5 based on 28 ratings. | 中 | SV014 |
| CV020 | A Gartner review excerpt says the buyer could not use its preferred mail service provider and that available mail and SMS providers were lacking. | 中 | SV014 |
| CV021 | PeerSpot reviewers say rule-building can be application-specific and that scalability becomes tricky as workflow complexity and user counts increase. | 中 | SV015 |
| CV022 | Independent review evidence implies that Transmit's flexibility comes with implementation and governance overhead that can pressure deployment cost and speed. | 中 | SV014, SV015 |
| CV023 | Okta reported fiscal 2026 revenue growth of 11% year-over-year and positive free-cash-flow guidance in its March 2026 results release. | 中 | SV017 |
| CV024 | Multiples.vc shows Okta at about 6.1x EV/revenue in June 2026 on roughly $3 billion of revenue and about $18 billion of enterprise value. | 高 | SV017, SV019 |
| CV025 | CyberArk reported $1.361 billion of full-year 2025 revenue and $1.440 billion of ARR, up 36% and 23% year-over-year respectively. | 中 | SV020 |
| CV026 | CompaniesMarketCap shows CyberArk at roughly a $20.6 billion market capitalization on about $1.30 billion of trailing revenue in June 2026, a rough mid-teens market-cap-to-revenue signal. | 中 | SV021, SV022 |
| CV027 | Windsor Drake's 2026 valuation reports place public cybersecurity median revenue multiples around 7.8x and top-performing cyber bands around 11.9x, with IAM-specific identity names such as Okta and SailPoint sitting around mid-single-digit to low-double-digit ranges. | 中 | SV024, SV025 |
| CV028 | Thoma Bravo completed its acquisition of SailPoint in August 2022 in an all-cash transaction valued at approximately $6.9 billion. | 高 | SV026, SV027 |
| CV029 | SailPoint's February 2025 IPO priced at $23 per share, raised $1.38 billion, and implied a $12.8 billion market value. | 中 | SV028 |
| CV030 | The same February 2025 SailPoint IPO reporting says the company had $621 million of revenue for the nine months ended 2024-10-31 and 2,645 employees as of that date. | 中 | SV028 |
| CV031 | A $2.2 billion Transmit valuation would require about $360.7 million of revenue at Okta's 6.1x EV/revenue multiple. | 中 | SV019 |
| CV032 | A $2.7 billion Transmit valuation would require about $442.6 million of revenue at Okta's 6.1x EV/revenue multiple. | 中 | SV019 |
| CV033 | A $2.2 billion Transmit valuation would require about $215.7 million of revenue at a 10.2x identity-premium multiple and about $146.7 million at a 15x strategic-premium lens. | 中 | SV024 |
| CV034 | A $2.7 billion Transmit valuation would require about $264.7 million of revenue at a 10.2x identity-premium multiple and about $180.0 million at a 15x strategic-premium lens. | 中 | SV024 |
| CV035 | Against a public revenue band of $33.4 million to more than $100 million, a $2.2 billion Transmit mark implies roughly 22x to 65.9x revenue. | 低 | SV010, SV030 |
| CV036 | Against the same public revenue band, a $2.7 billion Transmit mark implies roughly 27x to 80.8x revenue. | 低 | SV010, SV030 |
| CV037 | No retained public source discloses Transmit Security's current NRR, GRR, gross margin, burn, cash, debt, or liquidation-preference stack. | 中 | SV001, SV005, SV010, SV011, SV012, SV013, SV029 |
| CV038 | No retained source surfaces an active S-1, F-1, or other public-listing process for Transmit Security, and PitchBook still labels the company private. | 中 | SV011, SV029 |
| CV039 | The strongest premium-valuation thesis is that Transmit already serves very large regulated enterprises with six-figure list pricing, visible ROI proof, and partner-assisted procurement leverage. | 中 | SV005, SV006, SV007, SV008, SV009, SV016 |
| CV040 | The strongest anti-thesis is that a stale 2021 mark now rests on public revenue evidence that is far below what current public identity multiples would require. | 中 | SV010, SV019, SV024, SV030 |
| CV041 | For new money, the most defensible current recommendation is research-more and effectively avoid paying near the old private mark until management proves materially higher recurring revenue and healthy software economics. | 中 | SV010, SV019, SV024, SV030 |
| CV042 | The critical diligence blockers are a current ARR and revenue bridge, retention metrics, gross margin by module and services, cash and runway, and the liquidation waterfall or other cap-table overhangs. | 中 | SV011, SV029 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | Transmit Security | Home | Transmit Security | The world’s largest banks, insurers, healthcare providers, retailers and other leading brands rely on Transmit Security for smooth experiences that protect customers from fraud on every device and channel. |
| SO002 | Transmit Security | About | Transmit Security | Transmit Security was founded in 2014. |
| SO003 | Transmit Security | Leadership | Transmit Security | Transmit Security was co-founded by serial entrepreneurs and investors, Mickey Boodaei and Rakesh Loonkar in 2014. |
| SO004 | Transmit Security | Platform | Transmit Security | The only platform to offer active-active multi-cloud global presence that runs simultaneously in GCP and AWS. |
| SO005 | Transmit Security | Transmit Security Platform Services Overview | |
| SO006 | Transmit Security | Pricing | Transmit Security | Flexible pricing based on Monthly Active Users (MAUs) or event volume — no hidden fees. |
| SO007 | Transmit Security | Careers | Transmit Security | |
| SO008 | Transmit Security | Partners | Transmit Security | |
| SO009 | Transmit Security | Transmit Security Raises $543M in Record-Breaking Funding to Rid the World of Passwords | We are incredibly excited to share that Transmit Security has raised $543M in funding led by Insight Partners and General Atlantic. |
| SO010 | Transmit Security | Citi Ventures and Goldman Sachs Join as Additional Investors in Transmit Security’s Record-Breaking Funding | Citi Ventures and Goldman Sachs have joined as additional investors in our $543M round of funding. |
| SO011 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | Transmit Security is the only Microsoft partner that offers everything you’ll need to protect passkeys every step of the way. |
| SO012 | Transmit Security | Transmit Security Identity Orchestration | Used by eight of the top ten financial organizations in the US. |
| SO013 | Transmit Security | Transmit Security Identity Verification | |
| SO014 | SYN Ventures | Transmit Security - SYN Ventures | Venture Capital for Cybersecurity Innovators | Organizations such as CitiBank, UBS, and MassMutual are transforming their entire identity infrastructure based on the FlexID orchestration platform. |
| SO015 | General Atlantic | Transmit Security | General Atlantic | |
| SO016 | Insight Partners | Transmit Security | Investment | Insight Partners | |
| SO017 | Dealroom.co | Transmit Security company information, funding & investors | Dealroom.co | |
| SO018 | Tracxn | Transmit Security - Funding Rounds & List of Investors - Tracxn | Transmit Security has raised a total of $543M from 1 Series A round on Jun 22, 2021. |
| SO019 | TechCrunch | Transmit Security raises $543M Series A to kill off the password | Transmit Security said it has a pre-money valuation of $2.2 billion. |
| SO020 | Business Wire | Transmit Security Recognized as a Leader in the 2025 Gartner Magic Quadrant for Access Management | Transmit Security, the innovator in identity first security, authentication, orchestration and fraud prevention, today announced it has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Access Management. |
| SO021 | SecurityInformed.com | Transmit Security Leads 2025 Gartner Magic Quadrant | Security News | Transmit Security named a Leader in 2025 Gartner Magic Quadrant for Access Management. |
| SO022 | KuppingerCole Analysts | Transmit Security | KuppingerCole Analysts | |
| SO023 | PeerSpot | Transmit Security reviews 2026 | The main improvement needed is that with the tool, you have to build rules for each and every application. |
| SO024 | CyberSecurityO | Transmit Security Review 2026: Passwordless CIAM | Premium pricing reflecting enterprise and financial services target market. |
| SO025 | Stack Insight | 2026'S Transmit Security Review | In-Depth CIAM Analysis | |
| SM001 | FIDO Alliance | FIDO Passkeys: Passwordless Authentication | A passkey is a FIDO authentication credential based on FIDO standards, that allows a user to sign in to apps and websites with the same process that they use to unlock their device. |
| SM002 | World Wide Web Consortium | Web Authentication: An API for accessing Public Key Credentials | |
| SM003 | National Institute of Standards and Technology | NIST Special Publication 800-63B | This guideline focuses on the authentication of subjects who interact with government information systems over networks. |
| SM004 | EUR-Lex | Directive (EU) 2015/2366 on payment services in the internal market | |
| SM005 | California Office of the Attorney General | California Consumer Privacy Act (CCPA) | The California Consumer Privacy Act of 2018 gives consumers more control over the personal information that businesses collect about them. |
| SM006 | European Commission | Legal framework of EU data protection | EU data protection legislation is comprised of the General Data Protection Regulation (GDPR), the Law Enforcement Directive, and the Data Protection Regulation for EU institutions. |
| SM007 | Grand View Research | Customer Identity And Access Management Market Report, 2030 | The global customer identity and access management market size was estimated at USD 8.12 billion in 2023 and is projected to reach USD 26.72 billion by 2030, growing at a CAGR of 17.4% from 2024 to 2030. |
| SM008 | MarketsandMarkets | Consumer IAM Market Report 2025 - 2030, By Solutions, Geo, Tech | The global market for consumer IAM categorized by solutions (identity administration, PII management & analytics, access management, fraud detection) & services. |
| SM009 | The Business Research Company | Global Consumer Identity and Access Management Market Report 2026 | Consumer Identity and Access Management market size has reached to $41.75 billion in 2025 and is expected to grow to $101.15 billion in 2030 at a compound annual growth rate (CAGR) of 19.3%. |
| SM010 | Meticulous Research | Consumer Identity and Access Management (CIAM) Market - Global Opportunity Analysis and Industry Forecast (2026-2036) | The global consumer identity and access management (CIAM) market was valued at USD 11.7 billion in 2025. The market is expected to reach approximately USD 40.2 billion by 2036 from USD 12.6 billion in 2026, growing at a CAGR of 12.2% from 2026 to 2036. |
| SM011 | Precedence Research | Identity and Access Management Market Size to Hit USD 65.70 Bn by 2034 | The global identity and access management market size is accounted at USD 22.99 billion in 2025 and predicted to increase from USD 25.89 billion in 2026 to approximately USD 65.70 billion by 2034. |
| SM012 | Grand View Research | Identity Verification Market Size, Share & Trends Report 2030 | The global identity verification market size was estimated at USD 9.87 billion in 2022 and is anticipated to reach USD 33.93 billion by 2030, growing at a CAGR of 16.7% from 2023 to 2030. |
| SM013 | Ping Identity | Passwordless Authentication | Passwordless authentication can reduce helpdesk calls by up to 33%, saving organizations thousands in support costs annually. |
| SM014 | Google for Developers | Passkeys | Passkeys are a safer and easier alternative to passwords. |
| SM015 | passkeys.dev | What are passkeys? | Passkeys are a replacement for passwords. |
| SM016 | Federal Trade Commission | New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024 | Consumers reported losing more than $12.5 billion to fraud in 2024, which represents a 25% increase over the prior year. |
| SM017 | Signicat | Battle Against AI-driven Identity Fraud Study | 42.5% of detected fraud involves AI, with a 29% success rate. |
| SM018 | UK Finance | Annual Fraud Report 2024 | £1.17 billion was lost to fraud in 2023. |
| SM019 | Microsoft Learn | How to enable passkeys (FIDO2) in Microsoft Entra ID | Passkeys (FIDO2) provide a seamless way for workers to authenticate without entering a username or password. |
| SM020 | Microsoft Learn | Passwordless authentication with Microsoft Entra ID | Microsoft Entra ID enables integration with the following passwordless authentication protocols. |
| SM021 | Microsoft Learn | Sign in with passkeys in Microsoft Entra External ID | Passkeys let your customers sign in with face, fingerprint, PIN, or a security key, instead of remembering passwords or entering one-time codes. |
| SM022 | FIDO Alliance | Passkey Adoption Doubles in 2024: More than 15 Billion Online Accounts Can Leverage Passkeys | More than 15 billion online accounts can use passkeys for faster, safer sign-ins – more than double than this time last year. |
| SM023 | USENIX Security Symposium | Why Aren't We Using Passkeys? Obstacles Companies Face Deploying FIDO2 Passwordless Authentication | We highlight key barriers to adoption, including account recovery, friction, technical issues, regulatory requirements, and security culture. |
| SM024 | MDPI | Challenges and Potential Improvements for Passkey Adoption—A Literature Review with a User-Centric Perspective | Despite their benefits, passkeys have still not replaced passwords as the standard, and they see a somewhat slow adoption among users. |
| SM025 | Mobile ID World | Global Passkey Adoption Surges as Major Tech Companies Report Significant Implementation Success | The adoption of passkeys as an authentication method has shown substantial growth throughout 2023 and 2024, with public awareness increasing significantly from its 2022 baseline of 39 percent. |
| SM026 | Apple Support | About the security of passkeys | Passkeys are a replacement for passwords that are designed to provide websites and apps a passwordless sign-in experience that is both more convenient and more secure. |
| SM027 | Federal Trade Commission | Consumer Sentinel Network Data Book 2024 | During 2024, Sentinel received 6.5 million consumer reports, which the FTC has sorted into 29 top categories. |
| SM028 | Microsoft Learn | Passkey FAQs - Microsoft Entra ID | Today, administrators can't see or control exactly which devices hold a copy of a synced passkey. |
| SM029 | Transmit Security | Platform | Transmit Security | One platform for best-of-breed identity management, fraud prevention, identity verification. |
| SP001 | Transmit Security | Mosaic Platform | Transmit Security | Mosaic by Transmit Security is the only identity platform built from the ground up for orchestration and AI. |
| SP002 | Business Wire | Transmit Security Raises $543 Million in Series A Funding to Rid the World of Passwords | Transmit Security ... has raised $543 million in Series A funding, bringing the company’s pre-money valuation to $2.2 billion. |
| SP003 | CIAM Compass | Transmit Security review and capability profile | Enterprise-only commercial structure with opaque pricing and six-figure annual minimums. |
| SP004 | Okta | Okta Announces Fourth Quarter and Fiscal Year 2026 Financial Results | Total revenue was $2.919 billion, an increase of 12% year-over-year. |
| SP005 | Okta | Plans and Pricing | Okta | |
| SP006 | Okta | Okta Status | System Status | |
| SP007 | Okta Security | October Customer Support Security Incident - Update and Recommended Actions | All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments. |
| SP008 | Auth0 | Auth0 | |
| SP009 | Auth0 | Flexible pricing for all your apps and AI agents | |
| SP010 | Auth0 | Auth0 Status | |
| SP011 | Ping Identity | Identity Orchestration | Ping Identity | Create, test and deploy identity experiences with drag-and-drop visual flows. |
| SP012 | Ping Identity | Have Questions About Identity Solutions? | Ping Identity | We serve over half of the Fortune 100. |
| SP013 | Ping Identity | Ping and ForgeRock Join Forces | Together, we will be able to offer a unified enterprise identity platform for all use cases and identity types. |
| SP014 | Microsoft | Microsoft Entra External ID | Effective May 1, 2025, Azure AD External Identities P1 and P2 will no longer be available for new purchases. |
| SP015 | Microsoft Azure | Microsoft Entra External ID pricing overview | The core offering is free for the first 50,000 MAUs. |
| SP016 | Microsoft | Microsoft service health status | |
| SP017 | VendorBenchmark | IAM Pricing: The Bundling Problem | Okta sells IAM as a standalone product ... Microsoft bundles Entra ID into M365 and Azure. |
| SP018 | MajorKey Technologies | A Comparative Analysis of Top IAM Solutions | Vendor lock-in risk increases with deep Microsoft integration. |
| SP019 | Descope | Identity journeys for customers and AI agents | Powering auth for 1000s of organizations from startups to the Fortune 500. |
| SP020 | Descope | Pricing | Descope | Start for free and scale as you go. |
| SP021 | Descope | Trust Center | Powered by Drata | |
| SP022 | Stytch | Announcing Stytch's $90M Series B at a $1B Valuation | Today, we have more than 3,500 developers building on the Stytch platform. |
| SP023 | Stytch | Modern authentication pricing | Stytch | |
| SP024 | CyberArk | CyberArk Identity and Access Management | |
| SP025 | CyberArk | CyberArk Announces Record Fourth Quarter and Full Year 2025 Results | Total ARR Grows 23% Year-Over-Year to Reach $1.440 Billion. |
| SP026 | Keycloak | Keycloak - Identity and Access Management | |
| SP027 | Keycloak | Documentation - Keycloak | |
| SI001 | Transmit Security | Pricing | Transmit Security | Flexible pricing based on Monthly Active Users (MAUs) or event volume — no hidden fees. |
| SI002 | Transmit Security | Platform | Transmit Security | One platform for best-of-breed identity management, fraud prevention, identity verification. |
| SI003 | Transmit Security | Home | Transmit Security | We have a unique approach fusing Customer Identity and Access Management with Fraud Prevention in one powerful enterprise-grade platform — Mosaic. |
| SI004 | Transmit Security | Partners | Transmit Security | Join the Transmit Security ecosystem and unlock new opportunities to grow, innovate, and succeed together. |
| SI005 | Transmit Security | Leading US Bank Achieves 1300% ROI with Transmit Security | Transmit Security | This enabled a 98% reduction in new account fraud and detection of 10x as many attacks as their legacy solutions. |
| SI006 | Transmit Security | Global bank takes 200 million customers passwordless with Transmit Security | Transmit Security | A multi-trillion dollar global banking giant ... offers its digital services to 200 million banking clients via 7 separate applications. |
| SI007 | Transmit Security | Aflac Wins CSO Award for Improving Security & CX with Passkeys and Transmit Security | Transmit Security | Aflac also touts a 96% passkey login success rate ... 32% adoption within days of its release. |
| SI008 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | Transmit Security | Instant procurement and savings: Use your committed spend to take advantage of Microsoft-Transmit Security partner discounts. |
| SI009 | Transmit Security | Transmit Security Raises $543 Million, The Largest Series A Funding Round In Cybersecurity History | Transmit Security | Transmit Security Raises $543 Million, The Largest Series A Funding Round In Cybersecurity History. |
| SI010 | GetLatka | Transmit Security Revenue 2025: $33.4M ARR, $2.7B Valuation | In 2025, Transmit Security's revenue reached $33.4M ... Transmit Security employs approximately 308 people as of 2026. |
| SI011 | PitchBook | Transmit Security 2026 Company Profile: Valuation, Funding & Investors | PitchBook | PitchBook profile preview lists 317 employees, latest deal amount of $543M, and venture-capital-backed status. |
| SI012 | Tracxn | Transmit Security funding and investors | Tracxn | Transmit Security has raised a total of $543M from 1 Series A round ... valuation is $2.2B as on Jun 22, 2021. |
| SI013 | G2 via Internet Archive | The G2 on Transmit Security CIAM Platform | The required knowledge for integrating and maintining the platform ... and also the price ... is very high. |
| SI014 | PeerSpot | Transmit Security Reviews, Competitors and Pricing | PeerSpot | Rule-building should be centralized for all applications ... Pricing competitiveness needs attention ... SDKs and Journey Player require user-friendly enhancements. |
| SI015 | FeaturedCustomers | 27 Transmit Security Customer Reviews & References | Read 16 Transmit Security reviews ... explore 7 case studies ... collectively responsible for more than $2 trillion in annual commerce. |
| SI016 | CyberSecurityO | Transmit Security Review 2026: Passwordless CIAM | Premium pricing ... smaller customer base than Auth0 or Okta ... implementation complexity for organizations without existing identity orchestration experience. |
| SI017 | VentureBeat | Biometric authentication platform Transmit Security raises $543M | Transmit Security has raised $543 million ... giving the Israeli company a valuation of $2.3 billion. |
| SI018 | SecurityWeek | Passwordless Authentication Firm Transmit Security Raises $543 Million | The funding, which brings the firm’s pre-money valuation to $2.2 billion, was led by Insight Partners and General Atlantic. |
| SI019 | Forbes | Transmit Security Raises $543 Million, The Largest Series A Funding Round In Cybersecurity History | The funding round ... brings the company valuation to $2.2 billion. |
| SI020 | Business Wire | Transmit Security Powers Aflac’s 2024 CSO Award Win for “Quackcess Granted” Passkey Authentication Initiative | Passkey adoption exceeded expectations, with more than 265,000 Aflac policyholders enrolling ... reaching 32%. |
| SI021 | Okta, Inc. via Stocklight | Okta Annual Report 2026 (Form 10-K) | Total gross margin 77%; subscription gross margin 80%; sales and marketing $1,018 million, or 35% of revenue. |
| SI022 | Growjo | Transmit Security: Revenue, Competitors, Alternatives | Transmit Security's estimated annual revenue is currently $60.8M per year ... current valuation is $2.7B ... 368 Employees. |
| SI023 | Cybersecurity Brands / SIG | Transmit Security Revenue & Market Share 2026 $100M | Cybersecurity | Transmit Security exceeded $100M in annual recurring revenue and grew revenue 40% year-over-year in the first half of its post-funding period. |
| SI024 | CheckThat.ai | Transmit Security Pricing 2026: Plans & True Costs | No publicly available source discloses a complete first-year TCO for banking customers at enterprise scale. |
| SI025 | U.S. Securities and Exchange Commission | SEC.gov | EDGAR Full Text Search | EDGAR full-text search is the public route for SEC-filed issuer disclosures. |
| SI026 | Transmit Security | Leading US bank achieves 1300% ROI with Transmit Security | Transmit Security | This top US bank was using three fraud detection tools, which had overlooked 10,000+ fraudulent accounts. |
| SE001 | Transmit Security | Platform | Transmit Security | Mosaic by Transmit Security provides one platform for best-of-breed identity management, fraud prevention, identity verification. |
| SE002 | Transmit Security | Transmit Security Identity Orchestration | Identity Orchestration Services enables the creation and management of customer identity logic and end-user journeys using an intuitive no-code, drag-and-drop journey builder. |
| SE003 | Transmit Security | Identity Verification | Transmit Security | With support for over 10,000 ID templates, biometric matching, and fraud detection, Mosaic simplifies compliance, protects privacy, and scales effortlessly. |
| SE004 | Transmit Security | Fraud Prevention | Transmit Security | Mosaic provides the tools to protect your business, streamline fraud investigations, and maintain trust. |
| SE005 | Transmit Security | Machine and Automation ITDR | Transmit Security | Mosaic replaces static secrets and unmanaged tokens with just-in-time identity issuance and lifecycle visibility. |
| SE006 | Transmit Security | Documentation | The Mosaic Platform by Transmit Security secures and simplifies the full identity journey across customer, business, and workforce contexts. |
| SE007 | Transmit Security | Introduction | Mosaic builds every feature using an API-first approach. |
| SE008 | Transmit Security | API reference | Backend Authentication, OIDC & Hosted Authentication, Identity Management, Fraud Prevention, Identity Verification, Organizations (B2B), Platform Administration. |
| SE009 | Transmit Security | Installation | Load the latest v2 via a package manager: npm install @transmitsecurity/platform-web-sdk@^2. |
| SE010 | Transmit Security | Mosaic Platform Release Notes | This release expands Mosaic’s fraud prevention and risk visibility capabilities with the introduction of Transaction Monitoring and more. |
| SE011 | Transmit Security | Transmit Security Platform Services Overview | Transmit Security | Identity Management Services provides customers with a scalable and dynamic user store. |
| SE012 | Transmit Security | Transmit Security Privacy Statement | Transmit Security | When Users are provided with access to our Platform by any of our Customers ... Transmit Security will usually be the processor of the personal information a User provides. |
| SE013 | Transmit Security | Support and Service Level Agreement for Cloud Services | Transmit Security | Transmit Security strives to meet the target service availability of 99.99% for the production tenant. |
| SE014 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | 30% or greater reduction in authentication failures ... 70% reduction in credential-related support calls ... 95% detection of credential-stuffing attacks. |
| SE015 | Transmit Security | Aflac Wins CSO Award for Improving Security & CX with Passkeys and Transmit Security | The passkey adoption rate shot past their initial 10% target, reaching 32% adoption within days of its release. |
| SE016 | Transmit Security | Global bank takes 200 million customers passwordless with Transmit Security | 200 million banking clients via 7 separate applications. |
| SE017 | Transmit Security | Leading US Bank Achieves 1300% ROI with Transmit Security | 98% reduction in new account fraud and detection of 10x as many attacks as their legacy solutions. |
| SE018 | CIAM Compass | Transmit Security review and capability profile, CIAM Compass | The Mosaic platform's combination of risk decisioning, behavioral biometrics, and passkey orchestration is among the most capable in the enterprise tier. |
| SE019 | CyberSecurityO | Transmit Security Review 2026: Passwordless CIAM - CyberSecurityO.Com | Its BindID passwordless authentication and Mosaic identity security platform target financial services, insurance, and enterprise organizations with high-stakes customer authentication requirements. |
| SE020 | PeerSpot | Transmit Security Reviews, Competitors and Pricing | Rule-building should be centralized for all applications ... better documentation and loop functions ... scaling may present challenges depending on the complexity of workflows and user volume. |
| SE021 | G2 (Wayback snapshot) | The G2 on Transmit Security CIAM Platform | The required knowledge for integrating and maintining the platform at first, is something remarkable and also the price ... is very high. |
| SE022 | GitHub | Transmit Security | identityVerification-ios-sdk ... Updated Jun 3, 2026; authentication-ios-sdk ... Updated May 31, 2026; ciam-expressjs-vanilla-samples ... Updated May 30, 2026. |
| SE023 | GitHub | GitHub - TransmitSecurity/Training-Passkeys | main: shows a full passkey integration ... adding-passkeys-starter ... adding-passkeys-solution. |
| SE024 | npm | @transmitsecurity/platform-web-sdk | A JavaScript client SDK offering comprehensive identity and security solution with Fraud prevention, WebAuthn authentication, Identity Verification, and Orchestration capabilities. |
| SE025 | passkeys.dev | What are passkeys? | Browsers and operating systems enforce that passkeys are only ever used for the appropriate service. |
| SE026 | FIDO Alliance | FIDO Passkeys: Passwordless Authentication | FIDO Alliance | Passkeys replace passwords with cryptographic key pairs for phishing-resistant sign-in security and an improved user experience. |
| SE027 | W3C | Web Authentication: An API for accessing Public Key Credentials | Compliant authenticators protect public key credentials. |
| SE028 | NIST | NIST Special Publication 800-63B | Applications assessed at AAL2 must offer a phishing-resistant authentication option. |
| SE029 | Microsoft Learn | Sign in with passkeys in Microsoft Entra External ID - Microsoft Entra External ID | Passkeys let your customers sign in with face, fingerprint, PIN, or a security key ... They provide phishing-resistant authentication. |
| SU001 | Transmit Security | Home | Transmit Security | We have a unique approach fusing Customer Identity and Access Management with Fraud Prevention in one powerful enterprise-grade platform — Mosaic. |
| SU002 | Transmit Security | About | Transmit Security | Transmit Security gives businesses modern tools to deliver secure and trusted end-to-end identity journeys. |
| SU003 | Transmit Security | Identity Management Service Brief | Transmit Security serves many of the world’s largest banks, insurers, retailers and other leading brands, collectively responsible for more than $1.3 trillion in annual commerce. |
| SU004 | Transmit Security | Identity Verification Service Brief | Transmit Security serves many of the world’s largest banks, insurers, retailers and other leading brands, collectively responsible for more than $2 trillion in annual commerce. |
| SU005 | Transmit Security | Orchestration Service Brief | Transmit Security serves many of the world’s largest banks, insurers, retailers and other leading brands, collectively responsible for more than $2 trillion in annual commerce. |
| SU006 | Transmit Security | Global bank takes 200 million customers passwordless with Transmit Security | A multi-trillion dollar global banking giant ... offers its digital services to 200 million banking clients via 7 separate applications. |
| SU007 | Transmit Security | Global Banking Giant Takes 200 Million Clients Passwordless with Transmit Security | 200M client accounts across 160+ countries & jurisdictions. |
| SU008 | Transmit Security | Leading US bank achieves 1300% ROI with Transmit Security | Reduce new account fraud by 98% ... reduce false positives by 90% ... reduce operational costs by 80%. |
| SU009 | Transmit Security | Citi & Transmit Security: The Power of Partnership | As a long-term customer, Citi continues to expand implementation of Transmit Security services. |
| SU010 | Transmit Security | Why BRED Chose Transmit Security’s BindID | In just seven days, their service began delivering accessible, password-free banking while simultaneously decreasing operating costs, support call volume and fraud risk. |
| SU011 | Transmit Security | Nationale-Nederlanden Simplifies & Strengthens CIAM with Identity Orchestration | Nationale-Nederlanden (NN) ... needed a solution that not only complied with PSD2 and KYC/AML regulations, but also provided risk-based authentication and orchestration of all CIAM processes. |
| SU012 | Transmit Security | Nationale-Nederlanden Simplifies & Strengthens their CIAM Architecture with Identity Orchestration | Dutch financial services company ... ~15K employees and 18M+ customers globally. |
| SU013 | Transmit Security | Italian Insurance Provider Cattolica Assicurazioni Modernizes Authentication with Transmit Security | By replacing their legacy CIAM orchestration solution ... Cattolica Assicurazioni was able to adopt a stronger security posture, improve the entire customer experience with passwordless authentication, and increase stability. |
| SU014 | Transmit Security | America’s Car-Mart Digitally Transforms with Transmit Security | Their business model centered around 154 dealerships across 12 states. |
| SU015 | Transmit Security | Aflac Wins CSO Award for Improving Security & CX with Passkeys and Transmit Security | The passkey adoption rate shot past their initial 10% target, reaching 32% adoption within days of its release. |
| SU016 | Business Wire | Transmit Security Powers Aflac’s 2024 CSO Award Win for Quackcess Granted Passkey Authentication Initiative | Passkey adoption exceeded expectations, with more than 265,000 Aflac policyholders enrolling—surpassing the initial 10% target and reaching 32%. |
| SU017 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | Instant procurement and savings: Use your committed spend to take advantage of Microsoft-Transmit Security partner discounts. |
| SU018 | Business Wire | Transmit Security is Recognized as a Leader in Customer Identity and Access Management by a Leading Analyst Firm | Forrester conducted customer interviews, with the report pointing out that customers praised Transmit Security’s competence and dependability. |
| SU019 | FeaturedCustomers | Transmit Security Reviews, Case Studies and References | Read 16 Transmit Security reviews and testimonials from customers, explore 7 case studies and watch 4 customer videos. |
| SU020 | PeerSpot | Transmit Security Reviews, Competitors and Pricing | Rule-building should be centralized for all applications ... Pricing competitiveness needs attention. |
| SU021 | PeerSpot | Transmit Security Pros and Cons | The main improvement needed is that with the tool, you have to build rules for each and every application. |
| SU022 | G2 via Internet Archive | Transmit Security CIAM Platform Reviews | The required knowledge for integrating and maintining the platform at first ... and also the price ... is very high. |
| SU023 | TrustRadius | Transmit Security CIAM Platform Reviews & Ratings | Some settings were being lost and had to be re-entered, but that has since been resolved. |
| SU024 | CyberSecurityO | Transmit Security Review 2026: Passwordless CIAM | Premium pricing ... smaller customer base than Auth0 or Okta ... implementation complexity for organizations without existing identity orchestration experience. |
| SU025 | America’s Car-Mart | America’s Car-Mart Home | Get Pre-Qualified ... Make a Payment ... Customer Account Center. |
| SU026 | Citigroup | Citigroup About / Company Facts | More than 180 countries and jurisdictions where we serve our clients. |
| SU027 | BRED Banque Populaire | BRED Banque Populaire Home | Plus de 300 agences pour vous accueillir ... et une application mobile dédiée. |
| SU028 | NN Group | NN Group Homepage | We are a financial services company active in 10 countries ... to approximately 18 million customers. |
| SU029 | Cattolica | Cattolica Home | Scopri i principali prodotti pensati per te. |
| SU030 | FIDO Alliance | Transmit Security BindID | FIDO Certified Showcase | BindID is the industry’s first app-less, strong portable authenticator that uses device-based biometrics for secure, convenient and consistent customer authentication. |
| SR001 | Transmit Security | Transmit Security Privacy Statement | Transmit Security | Users may be required to upload a photo of their government-issued ID and a selfie ... we collect, use, disclose and store Users’ biometric identifiers and biometric information derived from the images. |
| SR002 | Transmit Security | Transmit Security Data Protection Addendum for Cloud Services v1.6 | Depending on the geographic location of a Customer or their End Users, and the nature of the Cloud Services provided, Transmit Security may also use Sub-processors to provide the Services to Customer. |
| SR003 | Transmit Security | Support and Service Level Agreement for Cloud Services | Transmit Security | Transmit Security strives to meet the target service availability of 99.99% for the production tenant. |
| SR004 | Transmit Security | Agreement for Cloud Services | Transmit Security | In no event shall Transmit Security’s aggregate liability ... exceed the amounts paid by Customer ... during the preceding twelve (12) month period. |
| SR005 | Transmit Security | Transmit Security TERMS of SERVICE | Transmit Security | If you are located outside North America, Latin America or Japan, this Agreement shall be governed by ... the State of Israel. |
| SR006 | Transmit Security | Pricing | Transmit Security | Flexible pricing based on Monthly Active Users (MAUs) or event volume — no hidden fees. |
| SR007 | Transmit Security | Transmit Security Platform Services Overview | Transmit Security | This fraud detection is accomplished by leveraging Artificial Intelligence and Machine Learning technology to analyze device, network, behavioral biometrics, and transactional data. |
| SR008 | Transmit Security | Platform | Transmit Security | Mosaic by Transmit Security provides one platform for best-of-breed identity management, fraud prevention, identity verification. |
| SR009 | Microsoft Marketplace | Transmit Security | The passkey lifecycle introduces vulnerabilities ... during passkey registration, account recovery and even authentication. |
| SR010 | Microsoft Marketplace | Mosaic by Transmit Security | The Platform integration with Azure AD B2C and Entra External ID offers everything you’ll need to achieve this: passkeys, orchestration, fraud prevention, identity verification and strong device identification. |
| SR011 | Microsoft Marketplace | Transmit Security Data Connector for Microsoft Sentinel | By integrating Transmit Security logs into Sentinel, you gain a unified platform for tracking all login activities and access attempts. |
| SR012 | Microsoft Learn | Tutorial to configure Azure Active Directory B2C with Transmit Security - Azure AD B2C | This feature is available only for custom policies. |
| SR013 | Microsoft Learn | Configure Transmit Security with Azure Active Directory B2C for passkeys authentication - Azure AD B2C | Transmit Security uses strong Fast Identity Online (FIDO2) biometric authentication for reliable omni-channel authentication. |
| SR014 | Federal Trade Commission | FTC Safeguards Rule: What Your Business Needs to Know | Select service providers with the skills and experience to maintain appropriate safeguards. Your contracts must spell out your security expectations. |
| SR015 | Federal Trade Commission | Safeguards Rule notification requirement now in effect | Financial institutions must notify the FTC as soon as possible – and no later than 30 days after discovery – of a security breach involving the information of at least 500 consumers. |
| SR016 | Federal Trade Commission | FTC Provides Guidance on Updated Safeguards Rule | Today, the FTC released Frequently Asked Questions that discuss the requirements of the Safeguards Rule. |
| SR017 | European Banking Authority | Joint EBA-ECB report on payment fraud: strong authentication remains effective but fraudsters are adapting | Card payment fraud was 17 times higher when the payment recipient was outside the EEA, where SCA is not legally required and often not used. |
| SR018 | European Banking Authority | EBA publishes final Report on the amendment of its technical standards on the exemption to strong customer authentication for account access | The extension of the frequency for the renewal of SCA from every 90 days to every 180 days. |
| SR019 | European Banking Authority | Regulatory Technical Standards on strong customer authentication and secure communication under PSD2 | The proposed Regulatory Technical Standards on strong customer authentication and secure communication are key to achieving the objective of the PSD2. |
| SR020 | CISA | Implementing Phishing-Resistant MFA | Phishing-resistant MFA is the gold standard and organizations should make migrating to it a high priority effort. |
| SR021 | CISA | Phishing Resistant MFA is Key to Peace of Mind | CISA | Unlike regular MFA, phishing-resistant MFA is designed to prevent MFA bypass attacks. |
| SR022 | European Data Protection Board | Biometrics | European Data Protection Board | Biometrics |
| SR023 | European Data Protection Board | Opinion 11/2024 on facial recognition at airports | Their biometric template is stored in their hands only, for example, on their individual device, under their sole control and their data is deleted shortly after the matching is completed. |
| SR024 | PeerSpot | Transmit Security Reviews, Competitors and Pricing | The scalability of Transmit Security is a little bit tricky. It is not easy to scale and depends on the complexity of my workflows. |
| SR025 | G2 via Internet Archive | Transmit Security CIAM Platform Reviews (archived) | Transmit Security CIAM Platform Reviews 4.8 out of 5. |
| SR026 | StackInsight | 2026'S Transmit Security Review | In-Depth Ciam Analysis | Potential variations based on data residency requirements; support levels; different pricing for standard, premium, and dedicated support. |
| SR027 | U.S. Department of State | Israel, the West Bank and Gaza Travel Advisory | Reconsider Travel To: Israel due to terrorism and civil unrest. |
| SR028 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | Use your committed spend to take advantage of Microsoft-Transmit Security partner discounts. |
| SR029 | Business Wire | Transmit Security Raises $543 Million in Series A Funding to Rid the World of Passwords | Transmit Security ... has raised $543 million in Series A funding, bringing the company’s pre-money valuation to $2.2 billion. |
| SR030 | TechCrunch | Transmit Security raises $543M Series A to kill off the password | Transmit Security said it has a pre-money valuation of $2.2 billion. |
| SR031 | Transmit Security | Leading US Bank Achieves 1300% ROI with Transmit Security | 98% reduction in new account fraud ... deliver its impressive results in just one month. |
| SR032 | Transmit Security | Global bank takes 200 million customers passwordless with Transmit Security | A multi-trillion dollar global banking giant ... offers its digital services to 200 million banking clients via 7 separate applications. |
| SV001 | Transmit Security | Transmit Security Raises $543 Million, The Largest Series A Funding Round In Cybersecurity History | Transmit Security raised $543 million in the largest Series A funding round in cybersecurity history. |
| SV002 | Business Wire | Transmit Security Raises $543 Million in Series A Funding to Rid the World of Passwords | Transmit Security’s pre-money valuation jumps to $2.2 billion with the largest Series A funding round in cybersecurity history. |
| SV003 | TechCrunch | Transmit Security raises $543M Series A to kill off the password | Transmit Security said it has a pre-money valuation of $2.2 billion. |
| SV004 | Transmit Security | Citi Ventures and Goldman Sachs Join as Investors | |
| SV005 | Transmit Security | Pricing | |
| SV006 | Transmit Security | The Future of CIAM: How Transmit Security and Microsoft Are Transforming Passkey Adoption and Security | Use your committed spend to take advantage of Microsoft-Transmit Security partner discounts. |
| SV007 | Transmit Security | Global bank takes 200 million customers passwordless with Transmit Security | A multi-trillion dollar global banking giant ... needed a customer identity platform that could support more than 200 million customers across 7 mobile and web apps. |
| SV008 | Transmit Security | Leading US Bank Achieves 1300% ROI with Transmit Security | 98% reduction in new account fraud. |
| SV009 | Transmit Security | Aflac Wins CSO Award for Improving Security & CX with Passkeys and Transmit Security | Aflac achieved 32% passkey adoption with 96% login success in around two months. |
| SV010 | GetLatka | Transmit Security Revenue 2025: $33.4M ARR, $2.7B Valuation | In 2025, Transmit Security's revenue reached $33.4M. |
| SV011 | PitchBook | Transmit Security 2026 Company Profile: Valuation, Funding & Investors | Status: Private; Employees: 317; Latest Deal Type: Series A; Latest Deal Amount: $543M. |
| SV012 | Tracxn | Transmit Security funding and investors | Transmit Security has raised a total of $543M from 1 Series A round ... valuation is $2.2B as on Jun 22, 2021. |
| SV013 | Dealroom | Transmit Security — Unicorn company profile | Transmit Security — Unicorn ... Valuation $1–2.5B. |
| SV014 | Gartner Peer Insights | Transmit Security Reviews, Ratings & Features 2026 | We tried to use our mail service provider and it was not possible. There is a lack of Mail and SMS providers that we can use. |
| SV015 | PeerSpot | Transmit Security Reviews, Competitors and Pricing | You have to build rules for each and every application ... scalability ... is a little bit tricky. |
| SV016 | FeaturedCustomers | Transmit Security Customer Reviews & References | Collectively responsible for more than $2 trillion in annual commerce. |
| SV017 | Okta | Okta Announces Fourth Quarter And Fiscal Year 2026 Financial Results | Q4 revenue and subscription revenue grew 11% year-over-year. |
| SV018 | CompaniesMarketCap | Okta (OKTA) - Market capitalization | |
| SV019 | Multiples.vc | Okta - Public Comps and Valuation Multiples | As of June 2026, Okta has a market cap of $21B, revenue of $3B, revenue valuation multiple of 6.1x. |
| SV020 | CyberArk | CyberArk Announces Record Fourth Quarter and Full Year 2025 Results | Total ARR grows 23% year-over-year to reach $1.440 billion. |
| SV021 | CompaniesMarketCap | CyberArk Software (CYBR) - Market capitalization | |
| SV022 | CompaniesMarketCap | CyberArk Software (CYBR) - Revenue | |
| SV023 | Securities and Exchange Commission | CyberArk Software Ltd. Form 20-F annual report for 2024 | |
| SV024 | Windsor Drake | IAM Software Valuation Report Q1 2026 | Top-performing cybersecurity companies trading at a median of 11.9x EV/Revenue. |
| SV025 | Windsor Drake | Cybersecurity Valuation Report 2026 | The median public revenue multiple sits at roughly 7.8x. |
| SV026 | Thoma Bravo | Thoma Bravo Completes Acquisition of SailPoint | An all-cash transaction valued at approximately $6.9 billion. |
| SV027 | SailPoint | Thoma Bravo Completes Acquisition of SailPoint | The completion of its acquisition by Thoma Bravo ... valued at approximately $6.9 billion. |
| SV028 | Yahoo Finance / Bloomberg | Thoma Bravo-Backed SailPoint’s IPO Raises $1.38 Billion | At the IPO price, SailPoint has a market value of $12.8 billion. |
| SV029 | Securities and Exchange Commission | SEC search filings | |
| SV030 | SIG | Transmit Security Revenue & Market Share 2026 $100M | Transmit Security exceeded $100M in annual recurring revenue and grew revenue 40% year-over-year in the first half of its post-funding period. |