In a bold move to redefine digital authentication, Israeli startup Unibeam has raised $6 million in seed funding, led by NFX with participation from AnD Ventures. The funding fuels the company’s mission to eliminate one of cybersecurity’s weakest links: SMS-based One-Time Passwords (OTPs).
The timing of the funding couldn’t be more urgent. In December 2024, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory, a clear call to action, urging individuals and organizations to discontinue the use of SMS OTPs for two-factor authentication due to their vulnerability to interception, SIM swapping, and phishing attacks.
This warning followed a significant breach, dubbed “Salt Typhoon,” where hackers infiltrated major U.S. telecom networks, including AT&T and Verizon, potentially exposing unencrypted SMS messages to malicious actors. Despite this, OTPs remain the default form of two-factor authentication across much of the web. Unibeam’s SIM-based authentication platform offers a modern, friction-free alternative, one that’s built on cryptographic identity tied to eSIM/SIM hardware rather than vulnerable communication channels.
Why OTPs Persist, and Why That’s a Problem
IDLayr reports that 90% of global OTP-based authentication is still conducted via SMS, despite its widely documented vulnerabilities. It highlights that SMS-based OTPs account for the majority of intercepted or phished credentials, contributing significantly to fraud cases worldwide. The persistence of SMS OTPs is largely attributed to their ease of implementation and user familiarity, even as newer, more secure alternatives are available.
However, familiarity is no longer a sufficient defense. Threat actors are exploiting this overreliance on a large scale. In the U.S., the FBI’s 2024 Internet Crime Report revealed that SIM swap attacks accounted for over $72 million in reported losses, up from just $12 million two years prior.
So why do OTPs persist? It’s a classic case of legacy technology inertia. SMS OTPs have been the default for years. However, by 2025, they will no longer offer security, only a false sense of it.
Unibeam’s solution is a beacon of hope in this transitional moment. It promises the best of both worlds: the low-friction familiarity of SMS OTPs, without their vulnerabilities. And it does so without requiring users to download an app, remember a password, or manage a second device. These are common barriers that have hindered the adoption of more secure alternatives, such as hardware keys or authenticator apps.
A Deterministic Approach to Authentication
Unibeam’s approach to authentication is unique. It leverages cryptographic binding to both eSIM and SIM identifiers, along with device-level signals, ensuring precise user verification without guesswork. This deterministic method utilizes identifiers already embedded in every phone, such as the eSIM/SIM ID, device ID, and phone number, to generate a unique cryptographic key for each user. This means that the authentication process is not based on probabilities or assumptions, but on precise and unique identifiers, making it virtually impossible to spoof.
“With AI making it alarmingly easy to impersonate people online, we’re seeing a surge in digital fraud that traditional authentication methods can’t handle,” said Gigi Levy-Weiss, Founding Partner at NFX. “What excites us about Unibeam is that they’re not just improving authentication—they’re redefining it.”
Unibeam’s Industry Backing
The company’s advisory board includes telecom heavyweights like Amos Genish (former CEO of TIM, Vivo, and Telecom India), Stéphane Richard (former CEO and Chairman of Orange Global), and Michel Combes (CEO of SoftBank International and former CEO of Vodafone Europe and Alcatel-Lucent).
A New Standard in Digital Trust
As enterprises race to modernize their digital security, Unibeam offers a compelling alternative: one that promises security without trade-offs and scale without friction. By anchoring identity to the eSIM/SIM and device, Unibeam has created a deterministic approach that’s virtually impossible to spoof, offering a level of certainty that’s urgently needed in the fight against AI-driven impersonation and digital deception.
