Idea Challenge Finals: Exploring Cyber-Security and Privacy in Trento

By David Knight |

The trip from Bergamo airport to Trento starts getting interesting once you pass by the bottom end of Lake Garda and swing north. Then the mountains rise up either side of you, towering over the picturesque little Italian towns snuggled at their feet, the effect made all the more dramatic in this instance by the white clouds rolling by their peaks. Trento, one of Italy’s most prosperous cities, lies in the same valley, through which the country’s second longest river – the Adige – flows south from the majority German-speaking South Tyrol region to the Adriatic Sea.

An ancient settlement dating back more than 2,000 years, Trento boasts a charming Medieval and Renaissance city centre, while the region’s wines, both red and white, are superb (conclusion arrived at following the appropriate research).

But these days, science is just as important as setting and history in giving Trento one of the best standards of living in Italy. The EIT ICT Labs Co-Location Centre, the venue for the cyber-security and privacy (CSP) final of the Idea Challenge, is situated in the Povo scientific and technological cluster, perched on a hill above Trento.

A pan-European competition, the Idea Challenge has seen startups and entrepreneurial teams with the drive to found an ICT-driven business compete in eight categories in total, with finals in different European cities which play host to an EIT ICT Labs presence. Three winners are picked from each final, receiving €40,000, €25,000 and €15,000 respectively as well as coaching and mentoring from business development experts, integration into future EIT activities and office space for six months. There is also access to some of the world’s leading universities, research institutes and companies, such as Siemens, SAP, IBM, Intel and Philips.

Cyber-security and privacy is certainly an area where there is a great deal of activity in innovation, driven by the high-profile nature of data leaks and successful cyber attacks. Some 67 applications were received in the CSP topic, and the best ten were selected to pitch in Trento last week in front of a jury of experts, both independent and from within EIT ICT Labs.

And with the glorious backdrop of the Dolomite mountains, and the city of Trento spreading out beneath, the teams tried to hit the peaks in the pitching contest. They included:


BYOD, of course, stands for Bring Your Own Device, a fast-growing policy for companies with 198 million users in 2013, a figure set to double in the next three years. Security with BYOD is crucial, and BYODroid tailors mobile apps to corporate security needs, enforcing policies directly on the applications installed on the device. It verifies whether an app complies with policy, and if not can sanitise it.


Mobile health apps are becoming a staple of many people’s smartphones, yet there are significant concerns over the security of the sensitive data they collect. Developing technology that meets ever-stricter privacy laws in this field can be painful, especially for individual and small-team developers. CHINO offers a set of secure APIs with full encryption, backup and auditing, to enable a more efficient app development process.


Cleafy addresses a major vulnerability of the Internet – HTML is a publicly readable code and it is easy to write or buy a program that interacts with it in ways that are invisible to existing security products, which try to detect attacks by looking at how they appeared or behaved in the past. Cleafy has reframed the problem, by verifying that the original website has been correctly delivered, rendered and adopted by the client, all in real time. is a secure and encrypted platform for the safe exchange of data such as messages, multimedia or documents. The complexity and tech is hidden inside the app, and there is forensic deletion of data with no logs kept. The solution is baed on open source technology and well-proven algorithms and offers a strong and unique level of privacy.


This Italian startup has developed a solution to the counterfeiting of documents and products, a problem which will cause losses of up to €1.5 trillion in 2015. There is no current way to check the authenticity of things like printed documents and products sold in physical stores, so Cryptobrand has created a digital seal which can be used to lock the info which users can verify instantly on their smartphones – the seal on the certificate becomes a QR code.


Cryptolab is aiming to improve security and privacy in the cloud using secure, fully homomorphic encryption. This not only ensures privacy but also allows for the manipulation of data, which cannot be done with current solutions. It does this by using two encryption engines, which means the data is never actually decrypted.


The solution put forward by n-Auth is designed to put authentication back into the hands of the user. Using state-of-the-art cryptography, users connect from a webpage to a server, such as logging in and out, and directly authorise transactions at any computer by using their smartphone and a QR code. The technology eliminates the need for a trusted third party and for storing sensitive information on the server.


Today’s embedded systems don’t have enough security to cope with partially successful malware attacks, and it’s hardly likely the world will be bug-free any time soon. REMPLEX’s product D-Fence is a highly secure hypervisor-based platform for communication and automation applications which systematically reduces the attack surface and denies malware across the vulnerable parts of a system. Its first project was to create two different phones in one physical device.


Industrial Control Systems (ICS) manage our physical world, whether its controlling energy units, subways or modern factories. There are an increasing number of new and stronger mandatory regulations for ICS from the automation world, and Sentryo ICS CyberVision protects against cyber risks by building a dynamic inventory and automatic map of all the components of a system to improve prevention, as well as monitoring a network continuously and detecting intrusions and abnormal behaviour.


Swafety is a cloud-based software testing platform based on symbolic execution, which can effectively detect a wide range of subtle errors and security vulnerabilities. The system sits in the cloud, and whenever there are changes to a code, it is comprehensively tested and the results presented to developers in a way they are familiar with.


With the pitches over, the jury made their way to the judging room to come up with a decision, while Davide Sola of the ESCP Business School delivered a keynote. Soon they were back, however, and named CHINO as the overall winner, with Cleafy second and Sentryo third.

Jovan Stevovic, CEO of CHINO, told Silicon Allee: “I think they [the jury] realised there is a problem in the market, [and so] there is a huge opportunity here. Even though the idea is quite simple, it’s effective.”

He added: “We will make good use of all the resources [that come with winning] because we are early stage. Especially the coaching on the business side, because we are technicians, and we have only just started out.”

His namesake Jovan Golic, Cyber-Security Action Line Leader at EIT ICT Labs, said: “[The winners] bring about new and real business ideas and new entrepreneurial spirit, and with such efforts, together with our network of business developers, we could possibly – it’s not easy in cyber-security and privacy – make a difference on the European market.”

And as for CHINO, he added: “There are many apps around that do not comply with regulations so this is a very important area, and it’s a very practical solution.”

With that it was off to conduct more vital research into the local wine and cuisine together with all the participants.

With seven finals done and dusted, there is only one more to go – urban life and mobility in London on November 20.