Simon Glairy is a preeminent figure in the Insurtech landscape, recognized for his deep expertise in risk management and the implementation of AI-driven assessment tools. With a career spanning the intersection of corporate litigation and insurance technology, he has become a leading voice on how digital platforms can protect their intellectual property against sophisticated threats. In this discussion, we explore the evolving challenges of maintaining proprietary underwriting logic in an era of frictionless, self-service portals, examining a high-profile case where a competitor allegedly used a sham entity to harvest trade secrets.
When a user creates a new entity with no revenue or employees simply to navigate a competitor’s hundred-question underwriting flow, what specific digital guardrails are failing? How can companies distinguish between a legitimate startup and a bad actor seeking to reverse-engineer proprietary pricing architecture?
The primary failure here is a lack of real-time validation against external data sources, which allows a user to move through a complex flow without confirming the entity’s existence. In the case involving Augmenta Advisory, the platform allowed an application to proceed despite the firm having no federal employer identification number, no revenue, and no functioning website. To distinguish between a true startup and a bad actor, companies must integrate automated “KYB” or Know Your Business checks that flag entities created on the same day as the application. Legitimate founders usually have some digital footprint or at least a tax ID before they go hunting for high-level D&O or Cyber Liability coverage. If a user is answering 100+ deep-dive questions for four different coverage lines without these basics, it should trigger a manual block immediately.
Insurance forms often use custom exclusion structures and retention mechanics developed over years of investment. If a competitor gains access to these non-standard templates through a self-service portal, what are the immediate competitive risks, and what specific steps should a firm take to protect these intellectual assets?
The risk is catastrophic because these are not standard industry templates; they represent millions of dollars in research and years of proprietary development. When a competitor like Vouch allegedly gains access to these custom forms, they aren’t just looking at prices; they are seeing the entire “blueprint” of how the risk is boxed, including specific exclusion language and retention mechanics. This allows them to undercut the original insurer with surgical precision or replicate the product design without the R&D costs. To protect these assets, firms should use dynamic watermarking on all policy documents and gate the final “specimen” forms behind a secondary verification layer. It is vital to remember that once a policy is issued and then canceled within days, the damage is already done if the PDF has been downloaded.
Most digital platforms include Terms of Use prohibiting access for the purpose of building competitive products. From a legal standpoint, how difficult is it to prove “intent” when a policy is purchased and then immediately canceled, and what metrics help substantiate a claim of trade secret misappropriation?
Proving intent is often a “circumstantial puzzle,” but in the digital space, the timeline provides the strongest evidence. When an LLC is formed on February 10th and an insurance application is submitted by a rival executive on that exact same day, it suggests a premeditated strike rather than a genuine search for coverage. The metrics that substantiate misappropriation include the “time on page” for proprietary questions, the downloading of non-public policy forms, and the suspicious speed of the cancellation request. If the user claims they “no longer require coverage” just 48 hours after a policy is issued for a company with zero clients, the legal argument for a “sham” transaction becomes much more compelling. This type of behavioral data is the smoking gun in modern corporate litigation.
In the push for frictionless customer experiences, many platforms overlook basic verification like checking for an employer identification number or a functioning website. What is the ideal balance between automation and manual vetting, and what step-by-step protocols can prevent corporate espionage in the digital insurance space?
The ideal balance involves “smart friction,” where the system remains fast for verified users but slows down significantly for high-risk profiles. A robust protocol starts with an automated cross-reference of the Secretary of State filings and the EIN database before any proprietary pricing logic is revealed. Step two should involve a “logic trap” where unusual combinations of coverage—such as selecting every available line like General Liability, D&O, and Cyber all at once—trigger a human review. Finally, any account that requests a full policy issuance but lacks a verified business domain should be flagged for a manual phone call. We have to stop prioritizing speed over security when the “customer” is asking for 100+ data points that define our competitive advantage.
When proprietary logic and coverage structures are delivered through public-facing workflows, the risk of industrial theft increases significantly. How does this threat change the way technology-driven insurers collaborate, and what are the long-term implications for the transparency usually required in the digital insurance marketplace?
This threat is forcing a retreat from the “open kitchen” model where anyone can see how the meal is made just by clicking a few buttons. Insurers are becoming more guarded, moving away from public-facing quote engines toward “authenticated-only” experiences to protect their pricing architecture. Long-term, this could lead to less transparency for the average consumer, as companies hide their most innovative coverage structures behind walls to prevent reverse-engineering. It changes collaboration by making firms more litigious and suspicious of “stealth mode” startups that might actually be fronts for established rivals. We are entering an era where the digital insurance marketplace will prioritize “verified transparency” over the current “free-for-all” access.
What is your forecast for insurtech security?
I expect we will see a rapid shift toward “Zero Trust” underwriting environments where no user is granted access to policy documents until their corporate identity is fully authenticated. Within the next two years, AI-driven behavioral monitoring will become standard, identifying “competitor-like” behavior—such as rapid-fire navigation through 100+ questions—and feeding that data into fraud prevention systems in real-time. We will see more cases like the one against Vouch and Augmenta, as firms realize that their digital workflows are their most vulnerable flank. Ultimately, the industry will have to accept that “frictionless” can no longer mean “anonymous” if we want to protect the intellectual property that drives our market.
