When InfoArmor founder and CEO Drew Smith secured seed money and a big contract from Washington Mutual in 2007, he thought his privacy-management company’s future was assured. But just 60 days before the firm was to roll out an identity-monitoring service for WaMu’s 10 million credit card holders, the U.S. Office of Thrift Supervision seized the struggling bank and placed it in receivership.
InfoArmor needed new customers — fast. Smith, who had been an angel investor in LifeLock (remember the TV spots in which its CEO broadcasts his Social Security number?), knew how competitive it would be to sell directly to consumers, so he instead began marketing his service to corporations that in turn offer identity protection as an employee benefit, alongside medical insurance and tuition reimbursement.
Smith’s fresh approach not only rescued InfoArmor, but also caught on with employers looking to save their employees the hassle — and lost productivity — of unraveling an identity theft (canceling credit cards, filing reports, etc.). Today more than 300 companies, including T-Mobile and Ford (F), are customers, and InfoArmor’s sales last year hit $4.5 million.
“There’s no one doing what InfoArmor does,” company investor Austin Westerling, a partner with Granite Point Capital in Boston, says of the company’s business-to-business model. Some firms pay for all employees to be protected (the rate depends on company size). Others offer it as an optional benefit for about $8 a month.
InfoArmor’s corporate push comes as more consumers put themselves at risk via personal disclosures on websites and social media. Over 12.6 million Americans were victims of identity fraud in 2012, according to Javelin Strategy & Research. InfoArmor casts a wide net sleuthing for identity thieves. Its software tracks applications for everything from new cellphones to credit cards and brokerage accounts. Crucially, it taps into unlisted servers on the Internet black market, where e-mail addresses and passwords are sold.
Smith, 42, worked as a financial analyst and strategic planner for PepsiCo (PEP) before getting his MBA from Harvard. He was selling real estate in Arizona when he became an angel investor for LifeLock, which went public in 2012. Smith cashed out before the IPO, selling his stake back to LifeLock for a 300% premium. He used the proceeds to fund the continued growth of InfoArmor in 2008.
The company is expanding into new markets. Medical insurance companies have started to hire InfoArmor to find fraudulent claims. Using member information, InfoArmor looks for unusual patterns of emergency room use or excessive purchases of medical equipment to uncover improper uses of members’ medical insurance information.
Consumers may need protection from identity theft, but InfoArmor has found success getting their employers to foot the bill.
This story is from the July 1, 2013 issue of Fortune.