Wave Systems: AGC Conference Presentation Transcript

| About: Wave Systems (WAVX)


Wave Systems Corporation (NASDAQ:WAVX)
3rd Annual America's Growth Capital Information Security Conference
February 5, 2007 5:45 pm ET


Steven Sprague - President and CEO
Erik Suppiger - America's Growth Capital


Erik Suppiger

Good afternoon. I think we are running slightly behind. I am Erik Suppiger at America’s Growth. And I would like to present Steven Sprague of Wave Systems. Steven is President and CEO of Wave Systems. Thanks.


Wave Systems (ticker: WAVX) develops, produces and markets hardware and software based digital security products for hardware-based trusted computing platforms, including trusted computing applications and services that are compliant with the specifications of the Trusted Computing Group, an industry standards body.

To sponsor an investor conference presentation please email us.

Steven Sprague

Thank you, Erik. The obligatory Safe Harbor statement for everybody. I thought I would just start with a brief overview of who we are. Wave is a software company. We are focused on building software for the trusted computing market, which is a chip-based security device in your PC. Our revenue ramp is really underway now with customers like Dell, Intel, Gateway, Seagate, STMicro, and a number of others.

We are one of the leading experts in this trusted computing space and I’ll tell you more about that in a minute. Now, we are also one of the Board members. We are one of the three elected Board members by the body of the Trusted Computing Group organization. You can see the other Board members are in the presentation.

We have about 100 employees. We are based in Western Massachusetts. We also have offices in Cupertino, California, a group in New York, a small group in France, and we are a National Market Cap on NASDAQ.

So, I’ll touch very briefly, and the problem is, it’s a Security Conference, so I don’t think anyone needs to know that PC security is a mess. I think the thing that’s interesting and isn’t yet really being talked about is that there is an amazing solution that is underway in its deployment, and in general, people are very unaware of what’s going on. So, we know the problem. We know we are losing records. We know we have poor authentication. And we know users hate user ID and password. We are working for single sign-on to reduce that mess. But really, all of it is a series of band-aids.

I mean, industry is underway right now in deploying what would be the foundation for the real solution for strong authentication on the network. So what is that?

It's a hardware security device that is now standardized on the motherboard of almost every PC you buy today, as far as enterprise-class machines. It's not yet on consumer machines. We expect the first adoption in the consumer market probably in '08. And what this is?

It's a hardware container that can safely store your credentials. So the new paradigm becomes, I log into my PC and my PC stores credentials that it releases that log me into the rest of the world. And the beauty of an industry standard-based solution is that it's the same framework for everybody.

So, I know something that no one else knows. I know how we as consumers are going to log into E*TRADE, and Amazon, and eBay, and PayPal, and every other service on a global basis -- maybe not tomorrow, and may be not the next day, but in certainty within the next generation of PCs. Because eventually, we'll all have the ability to have hardware-based authentication on to the network and we don't need user ID and password any more. I think the real trick of this technology is the obsolete user ID and password, and let's go put it in the science museum.

So, why does the enterprise want strong authentication? The nature of this technology, it's in every box, but just like networking was picked for, in many aspects it was. At one point in time Microsoft said, we’re going to use Ethernet. And guess what? After we all got a 1 billion SAN Ethernet ports, the RJ-45 port, we all had consumers who know what an RJ-45 port is. All other networking technologies disappeared.

We used to talk about Token Ring, and ATM, and Silent Networks, and all of these kind of stuff. Same in multimedia; for a while, multimedia was a highly fractioned market with lots of acquisitions going in smaller players, and then we ended up with audio built into the chipset by Intel and standard software stack from Microsoft, so I can send you an MP3 file. And what did the multimedia business become? It became about the services that multimedia enables, not about what fidelity in audio I like to deliver.

And so, this market, we believe, will follow the same track that networking did, start in the enterprise and move into the consumer market. And so, we’ve become very focused as a software company in building the tools necessary for an enterprise to deploy this infrastructure, but we are ultimately very focused on how we take this technology ultimately to the next step, and enable everyone to turn it on.

So, it's about really three areas, strong authentication, strong data protection, and strong network access control. What's driving those is compliance, reduction in helpdesk cost, but it's really about trust. Do I know which PC is on my network with which user running which application? And if I absolutely knew that and trusted that information, I would be a lot farther down the path.

So, Trusted Platform Modules are in very broad distribution, shipped about 50 million units in '06, will ship close to 100 million units in '07. What this chart is telling you is, '06 we got about half of the PC enterprise business that’s shipping. '07 gets you to the entire enterprise-class machines, has a TPM on it, and you are beginning to see the penetration in '08 of the consumer market. This year, about 220 million total PCs shipped globally. And this technology is shipping globally today.

So, our mission is to provide the software, to enable and manage and deploy this technology on every machine. So, we built a collection of products and we really break our products into three fundamental areas; solutions for the user to manage their own trusted platforms, a single user environment.

This is typically very inexpensive software we provide to the OEMs, they bundle with their machines. So, Dell Latitude 620 comes with our software preinstalled on the machine. And that’s actually true across all the enterprise-class Dell machines.

Then we sell solutions that are there for the corporation to manage their install base of Trusted Platform Modules. We actually, just the other day, announced our remote administration tool, where with no touch by the IT Department of a single machine, they can go and actually turn the Trusted Platform Modules on and engage them in their network electrically. You still have to physically turn on the TPM in BIOS. But as long as you order your machines with the TMP turned on in BIOS, we now no longer have to physically touch every machine. We can electronically deploy those machines within the enterprise.

And then, ultimately, solutions that enable the use of this technology for different applications. One of the first examples of that is, we've built a software for Seagate for their new trusted drives, which they are showing here at the RSA Show. They’ve announced back in the fall timeframe. So, this is actually where the drive controller on your hard drive encrypts every bit of data.

If you were to lose your laptop and did not know the password, you will never break the drive. And never is a pretty strong word. But, this is very sophisticated hardware level technology protecting the drive. Actually, one of the problems is, you have to have very good Key Management in these infrastructures, because if you accidentally delete all your drives, you might want to recover the keys.

And so, we built a collection of products, both for client product or EMBASSY Trust Suite, and then a series of server products, our Remote Administration Server and Authentication Server and our Key Management Server, which is how we do backup and recovery for the enterprise of all the keys on different machines.

Our business model has been to put this brand and this technology in the machine, ship it to as broader marketplace as possible, and then up-sell the enterprise. This is a very horizontal business. It has all the benefits of a very horizontal business and all of the true nightmare of a horizontal business. This is hardware and the challenge with hardware is you got to wait till it gets there until you get enough saturation that market can really begin to turn it on.

And so, in our first phase, we partnered with number of major OEMs. Dell is our primary partner in this space. We've included our software in all their enterprise-class machines. It started shipping last April. We have shipped millions of copies of software and we continue to increasing volumes on a quarter-by-quarter basis. We are seeing better traction out of Gateway. We are seeing much better traction out of Intel. We expect to sign other OEMs going forward as well. We actually think the Seagate business with Trusted Drive, which is also an OEM component business is going to bring a whole another tier of OEMs to us as well.

But then the trick is the up-sell of that, because we only make sub of a dollar per machine for the software we provide to the OEMs and in many cases sub $0.50. However, when we provide an enterprise solution, it's much more of a client server solution, and we get paid typically around $50 of fee in actual revenue to Wave. So, the customer cost is in the $70 to $100 range. And long-term, this lays the foundation for services because once you have strong identity on every machine, you actually build the basis of what looks like a subscription network. And so, there are really tremendous capabilities you can provide on a services basis, it's very early on now. It's something I think we understand. We do some transactional business today. We do some work in electronic signatures. We are actually paid per document signed. So transactionally, as the infrastructure deploys that everyone could electronically sign then having the tools necessary to participate in those transactional businesses is very useful.

We have a great tier of partners, both at the OEM level and the silicon level, but now also in the services and server level distribution. It's continuing to grow. It's still very early on in the process.

To put this up just to show that, we have really good established relationships on OEM distribution that will put our software on millions of machines. We have commitments from our OEM partners to include us on this year's models and next year's models, and these are commitments in some ways there is too strong word. We are today their provider of choice. As long as we continue to provide the right solution to them, they'll continue to ship us. We work to make their switching cost very, very high. Bringing for example, things like, the fact that our solution today manages not only the biometrics on Dell's machines, but also the Trusted platform module, also the Smart Card infrastructure, and now we are adding infrastructure for Seagate Full Disc Encrypting drive. So when and if Dell decides to put a Seagate drive in a Dell machine, they have access to the software to manage that drive through Wave.

It's important in Trusted computing to understand that this ecosystem doesn't encompass just the client's PC, but it also covers servers, mobile devices, you are now seeing the emergence of the first peripheral in storage. So it's our intention to provide the software to administer the trusted devices, those machines that show up with hardware level credential support in your household or in your business. We think that that really will have a tremendous expanding business over the next period of time, as the framework for identity finally has a standard to hang off a bit. We know how you are going to authenticate to these different services.

Just a moment on Seagate's drive, I think this is going to be a very interesting component and expansion of our business. In essence, it's a second OEM business for us. We get paid on a per drive basis. We also provide enterprise tools for the organization to manage these drives. This is hardware-based Full Disk Encryption in the drive, and it's done at the drive controller level. So, if the password is not supplied to the drive or the Trusted platform module doesn't supply authentication to the drive, the drive will never spin-off. And so, this completely addresses the issue of how do I solve, I lost my last password and I had this certain data on it, how do I know it was encrypted. We are providing the software to support that and to encrypt, to provide administration and management for the end-user of those drives.

Our competitive advantage in this market is that we are the only company who has done the work to run our software across all known implementations in the Trusted platform modules today. To an essence, three providers; ourselves, Infineon, who build software today that HP carries and a number of the Japanese OEMs carry, but you must use an Infineon core. So, either a Infineon chip or some of the Broadcom chips. Broadcom actually last year signed a licensing deal with us. So, now they support both Infineon software and Wave software. The other four silicon vendors in the marketplace today only work with Wave.

The other vendor in the marketplace really isn't a competitor is the old IBM ThinkPad now purchased by Lenovo, but it's a captive software team and they only support Lenovo. Again, the Lenovo software only runs on Lenovo machine. So, if you are a large enterprise and you have some Dell, some HP, some Lenovo, the only solution that runs across all those machines today is Wave. We are also the only company now that has demonstrated remote administration. We are the only company that's doing enterprise level back up and recovery of keys. So, we are really building out the infrastructure that's necessary to turns this on.

We think that the pre-boot environment is going to be a very interesting place. Once you start to encrypt all your drives, you've heard from a dozen companies today about strong authentication. What they don't know is that all their software won't work in a couple of years. And the reason is, once they have a Full Disk Encrypting drive, I have no operating system anymore. All my authentication takes place without an operating system. So, you have to build authentication independent of the OS environment. And so, it's a very interesting constraint that come along with that because clearly in BIOS you have a lot less space. And this is going to be true for anybody who turns on Full Disk Encryption even within the context of what Microsoft has done is a very limited OS that works with Microsoft Vista BitLocker.

So, the enterprise business is starting. We are actively installing pilots today. We have a growing list of identified customers who are working through Dell distribution channel and Intel's distribution channel. We continue to work to sign value-added resellers. So, it's early on in the process. A typical value-added reseller shows up to an enterprise. They may show up in an enterprise who has not just done a refresh cycle on their PCs. We find the OEMs are still our best channels partners to find companies who just went out and replace half of their computers, because if they just replaced them, they most likely have TPM.

We have identified over 400,000 seats that are on our active hot list. We are closing those seats. Revenues are beginning to grow. It's still learning how to be an enterprise software company. I won't say it's a train rolling freely down the track [flat]. But we can see that coming. And the good pipeline, the pipeline is getting stronger and we are beginning to close the business. We are beginning to understand where we can push back on the enterprise, because they need to understand where these solutions have their edges and where we have to go modify our solutions to meet their needs in the marketplace. You have to have a balance of both sides of that.

We do a tremendous number of joint sales calls. We've done a ton of training in last six months in Europe, in Asia and we were just out training the whole Dell Asia team couple of weeks ago. And so it gives you tremendous presence in the marketplace with those partners that they are very shallow. So once they identify the customer is interested, it turns into our hands fairly quickly.

We also -- last summer a reseller agreement with NTT DATA. We are working with them in Japan to deploy this in number of large opportunities in Japan. There are actually really good security requirements out of the government in Japan to drive such platform modules into the market.

The other place that I think we've had tremendous traction is within the Federal government particularly the DoD. We got Army to specify that all Army machines must have Trusted Platform Modules, Air Force follows that. We see the OSD or Office of Secretary of Defense is drafting requirements and stated this public, they are drafting requirements to put TPMs on all DoD machines as a requirement for purchase.

And most importantly, so great -- it's great to have devices on every machine, but a device on a machine doesn’t necessarily generate for us all kind of revenue. The most important thing that happened is that the data-at-rest Tiger team included in our list of requirements for their data protection solutions for the defense department and will most likely be copied for all Federal machines that they would like to see TPMs part of the data-at-rest solution. So it's not an absolute requirement but it’s a very much like to have requirements of the key management for data-at-rest leverages the Trusted Platform Module.

There is good process interest for this because Microsoft is already doing that in Vista with something called BitLocker, which is their data-at-rest solution. So we actually see tremendous potential in the Federal space, they have a simple problem. They have always these TPMs coming in, they are out of control right now, they don’t have US Army property written on them. We provide the tools that would make it possible for them to let them put up spray paint new property, US Army and take control of these devices. And so we think actually that’s a tremendous opportunity we are working it into the architecture. I think we understand how it could be used and deployed and hopefully we're ultimately the vendor that wins the business as we help them to understand what they need to deploy.

So revenues have been growing. The bottom part is our licensing business. We had a small service business you see that was nice WIP in Q1 and Q2 that actually was defense department business for a small contract. We actually see extension of similar contracts like that adding to a broader services component of our business. We have a lot of expertise in this area and people are beginning to tap it.

These numbers need to grow. They are driven ultimately by our enterprise business. We are shipping millions of copies of our software, our brand is in the box, as the enterprise becomes aware of how they can secure their network with TPMs they are turning to us first. And, so it’s then converting them in that cycle. And so we are still early on in the enterprise adoption. But we can see the momentum of this running. And this is driven by a standard. So the probability that Trusted Platform Modules do ultimately get turned on is very high. We hope that we are in the right position to help them execute turning that on at the right place and the right time.

So we continue to build market share, we are very focused on that, anything that we can do to attach our software and our brand to more OEMs. I think what we have done with Seagate, Seagate ships over 170 million drives a year, they have been pretty clear that this is the type of technology they do put on every drive in a year or two. So we like being one of the key software providers and helping them to accomplish that. You can see a demonstration of that at RSA Conference of our software managing the Seagate drive. Our partners are expected to ship over 50 million end unit machines of that software over the next couple of years.

Our OEM licensing is continuing to expand. I think we are actually starting to build a little strength slowly, but surely in our pricing capability here. So that first you come in and then it tapers down as they beat you up, but I think they are realizing there is value that we are bringing to the market. So hopefully we are beginning to build a little strength on that side. But, ultimately at the end of the day it's driven by our Enterprise business. Enterprise business is engaging we'd like it to be faster than it is, it's still slogging through the mud, but we're beginning to see good traction. We'll be very happy when it reaches cash flow breakeven for us, that's really the goal here and that shouldn't be too far in the distance.

We continue to invest in maintaining leadership in this space. We just finished building and delivering our Vista solution to our prime OEM partners, it will be generally available in a few weeks. And that's a huge effort. We actually are the façade that shows all the security solutions for the biometrics the Smart Card integration et cetera. And it requires the support of all the other partners that are in the machine. And that just has a tremendous challenge, especially when you don't have a direct relationship necessarily with all the suppliers, so through your OEM partners and based on who they introduce.

That's the presentation I have. I'm open to take any questions anybody has and I'd like to leave everybody with one important thought. This is our standard anyone who invests in, participates in, or is building solutions in the security space. Who can't articulate where Trusted Computing touches their business, needs to go figure it out. This thing has been very, very, very quietly launched by Microsoft and Intel as part of logo compliance. They are going to put it on every single machine. It is the basis of how you could do subscriber management for a billion people. It has all the strength necessary to run a subscription-based network like an IPTV network, and it's in every single box.

So watch this space very carefully. If you look at strong authentication, this is why most likely certificate-based authentication will win in the long-term. This is the basis for the root of trust, as to how all network access control works. So Cisco's NAC solution versus what Microsoft is doing with NAP versus what the standard body here with 70 companies are doing in Trusted Network Connect and melding those pieces together.

So it's I think a very important place to watch and understand in the whole security space, how standards will affect the competitive landscape in the business and how competitors respond to it. So are there any questions I can answer?

Question-and-Answer Session

Unidentified Analyst

(Question Inaudible)

Steven Sprague

Yeah, I think it's really going to be a combination of that and we've seen tremendous interest as we data tested this remote administration. I'd say that remote administration has been one of the enabling technologies, that's been missing from the Trusted Platform Module space. Today, if you wanted to go to turn this on, you physically have to go with an IT guy and touch every machine. We now are in a position where we can basically automatically roll that out. So, let me use an example. We automatically rolled it out inside Wave and then we went out and bought $150 Cisco hotspot -- WiFi hotspot that has 802.11a and then we turned on Secure Wireless Authentication with hardware and there is no user involvement.

So, the machines know that they belong on Wave’s wireless network. They don't ask the user, every single time you connect, can you provide me with your password? Right? And so, my IT Department knows that there are 30 machines that are authorized for this hotspot. There are only 30 machines that will ever get access to that hotspot. This is very interesting capabilities. We ship this for free. In every single Dell box, it's free. I can't tell you the number of IT guys we go to visit who are totally unaware of the [new box]. So, that means that awareness is our biggest challenge.

Unidentified Analyst

(Question Inaudible)

Steven Sprague

Well, I think they could in time. They are not there today. I mean -- this is the perfect question in my opinion. So, on paper, what's your plan? There is going to be 1 billion machines that need Key Management for Trusted Platform Modules, what's your plan? And what's fascinating is, this is not in any of the presentations, you didn't see the letter TPM anywhere. We've never seen a solution that operates Key Management for a TPM. So, at some point in time, they are getting way behind the curve. I am on Generation II, maybe Generation III of Key Management infrastructure for TPM, and I just finished building Key Management infrastructure for consumer Seagate drives. If you ask EMC why they spent $2.1 billion in RSA, they will tell you, it's for Key Management, as a part of storage solutions. Where are they?

So, I look at consumer drives at a 170 million drives a year doesn't take very long before you start to touch everybody's machines and it's getting way late in the game. I am working on how do I get my software completely bundled in the box and packaged with the solution it just derives. And so, you as a user or as a corporation going to have mentally uninstall that and what we've learned is it has to be somewhat customized on an OEM-by-OEM basis to really effectively work as well you'd like it to work. So, it's not going to be that trivial that show up with the solution later on in the market and then roll it out across an enterprise. And if you break the stuff, it's a huge mess. Right, like the CEO's machine goes, because you lost the keys to your drive. They don't like that.

So, we think key management is a very important area in this space. We are very heavily invested in it. There is a ton more work to be done. I think we have a very rich patent portfolio in the space and we have -- something we are doing for five or six years. I think we have an awareness of what people are building. Just a simple fact, that all strong authentications are moving pre-OS. Nobody here is saying that. Your army just discovered this. They just went on and said we are going to put all our machines to have data protection in the machines and then they discovered that in the act of that they are fundamentally breaking all of their strong authentication solutions. So, it's a fascinating space to watch.

So, I think my time is up. So, thank you very much and we are around all afternoon if anybody has any questions.


Wave Systems (ticker: WAVX) develops, produces and markets hardware and software based digital security products for hardware-based trusted computing platforms, including trusted computing applications and services that are compliant with the specifications of the Trusted Computing Group, an industry standards body.

To sponsor an investor conference presentation please email us.

Copyright policy: All transcripts on this site are copyright Seeking Alpha. However, we view them as an important resource for bloggers and journalists, and are excited to contribute to the democratization of financial information on the Internet. (Until now investors have had to pay thousands of dollars in subscription fees for transcripts.) So our reproduction policy is as follows: You may quote up to 400 words of any transcript on the condition that you attribute the transcript to Seeking Alpha and either link to the original transcript or to www.SeekingAlpha.com. All other use is prohibited.