What’s your mother’s maiden name? Your high school mascot? Do you remember your childhood dog’s nickname? If you’ve ever called a service desk, chances are you’ve been asked at least one of these questions to verify your identity. And while you might know the answers, the problem is, according to TechJutsu, that most anyone else might, too.
Founded in 2015 by CEO Tracey Nyholt, TechJutsu is a Calgary-based cybersecurity company focused on identity and access management. Today, the company announced the launch of its Caller Verify Universal Connector, a web-based browser extension that enables multi-factor authentication (MFA) inside any web application.
In an era where artificial intelligence has increased both the sophistication and frequency of voice-phishing (vishing) attacks—cybersecurity juggernaut CrowdStrike’s 2025 Global Threat Report shows vishing attacks surged by more than 400 percent in 2024 alone—Nyholt said many service desks remain an overlooked vulnerability.
“What if bad actors call, and they’ve reached someone on Facebook, they know the mother’s maiden name, and are able to answer the security questions?”
Tracey Nyholt, TechJutsu
“We were working with one of Alberta’s largest credit unions, and they brought the problem to us,” Nyholt said. “We set up MFA for their online banking, and they asked, ‘What if bad actors call, and they’ve reached someone on Facebook, they know the mother’s maiden name, and are able to answer the security questions?’”
Seeing the vulnerability, particularly given the glut of personal information on social media, TechJutsu identified a broader use case that eventually led to the development of the Universal Connector.
The plugin operates as a light overlay inside Google Chrome or Microsoft Edge-based workflows. According to TechJutsu, the browser extension integrates into a swath of CRM platforms, including ServiceNow, Salesforce, Microsoft Teams, Slack, Zendesk, Workday, and even custom internal systems.
RELATED: Canada’s cybersecurity startups have no room for error
It allows service desk agents—including artificial intelligence (AI)-based agents—to send an MFA prompt directly to a caller’s device, circumventing both the time it takes to run through a series of knowledge-based questions and the security vulnerabilities those questions are increasingly susceptible to.
“Once the caller approves the prompt, the browser updates a real-time verified status, creating high assurance verification of identity and allowing the agent to safely continue the request,” the company said. Each verification also creates a logged event to aid in organizational audit and compliance requirements.
The business-to-business extension is available on the Chrome Web Store, but requires a TechJutsu Caller Verify subscription to use.
BetaKit’s Prairies reporting is funded in part by YEGAF, a not-for-profit dedicated to amplifying business stories in Alberta.