rodman & renshaw secuirty
Biodefense & Connectivity Investor Conference in New York
Steven Sprague, CEO, Wave Systems
June 19, 2006
Welcome, Thank you for coming.
So let me start by telling you a little bit about the opportunity that Wave is pursuing and sort of the scale and scope of this marketplace.
The PC industry is really undergoing a revolution. Today the industry is introducing a new technology on a standards basis on your PC platform called Trusted Computing. It's driven by a standards organization that's made up of over 130 companies and its goal and objective is to bring hardware authentication to every single laptop and desktop PC.
So we've been at a conference that's been talking about a lot of different security technologies, and a lot of proprietary technology. One of the challenges is, what's the technology that a billion people are going to use for authentication?
In essence the PC platform is that. Today, according to Intel there are over a billion PCs that are connected to the global internet, and as the industry goes and replaces that equipment over the course of the next five or six years, everyone will end up with a PC that has a Trusted Platform Module in it. And this is how, ultimately, we are going to get rid of User ID and Password from our daily lives.
We know what this feels like. We have lots of devices that we carry around with us that don't require User ID and Password. My Blackberry is a really good example of that. I don't have to log into every tower as I'm walking down the street in New York. Yet, with my computer's WiFi connection, every time I go to a different WiFi hotspot, what's the first thing it asks you to do? It says, "Please Log In." This is really a very silly paradigm because it requires a lot of work by the user for every different service that you belong to. So, this is the industry's effort to bring strong, multi-factor authentication as a standard component to every PC.
The industry has formed a standards body. This was started back before 2000, and today it consists of all the major PC players, the networking players, a number of people in storage, government has begun to join the group. So we have a very strong collection of players who are driving the standard forward. And, really there is no one in disagreement. There's no one who is out there who is propagating an alternative standard. So you're going to see a universal standard across the platforms.
What's driving now adoption is that Microsoft has made this part of logo compliance for all PCs that are commercial desktop machines and laptop machines. Logo compliance is this little sticker; everybody's computer has one. It's says, "Designed for Windows XP." The "Designed for Windows Vista" sticker requires a Trusted Platform Module on your business computers. This is why we will all end up with this capability in the box, in some ways whether we want it or not.
As a result, these are IDC's forecast numbers. Last year the industry shipped between 20 and 25 million PCs with this capability. This year it's on target to do more than 50 million units. If you look at this chart what it's really saying is that next year is it's on all business platforms, 100 million machines and beginning on consumer. And the year after, or sometime between '08 and '09, here it's on every single PC shipped.
Again, it's a technology that comes into the market. It's driven by logo compliance. This is how we end up with it on every machine.
So, what do we do?
We build the client software and server software that makes it easy to manage and control these Trusted Platform Modules. So as they are broadly deployed, how do I take advantage of them; how do I use them; how do I put keys in them; how do I remotely control them; how do I take the keys out. There's a whole range of capabilities that the IT groups need in order to control these Trusted Platform Modules in the market.
As a company we're about 100 people. We have offices today in Cupertino, California; Western Massachusetts; Princeton, New Jersey; we have a small presence in France; we'll probably end up with a small presence in Asia in the not too distant future. So we have a very broad presence.
We are one of the leading drivers in the Trusted Computing space. A good way to test that is we got elected to one of the optional board seats for the standards body. Our co-board members are Intel and Microsoft and HP and Lenovo and Seagate and Infineon and Wave. It's actually a pretty interesting group to hang out with. And we're driving this standard forward, both as a company and as a member of the Trusted Computing Group.
Our products are really broken into a couple of different components. One is client software. This is the software we provide an individual user that helps them as an individual to manage these devices. This software we typically provide on an OEM licensing model. Our customers today are Dell, Gateway and Intel's Motherboard Group. We ship across their product lines. In the case of both Dell we're on all 2006 commercial machines, same with Gateway. Intel,we're on about 15 different motherboard products where they put a CD in the box with the motherboard. It's not their chip side of their business but the motherboard side of their business.
We then provide server software that's both server and an upgrade of the client to an enterprise, so that they can provide enterprise level management of these devices. And that's much more of a licensing model on a per seat basis, very classic enterprise server model for the distribution of software. And I'll talk about that economic model in more detail in a minute.
And we also provide a collection of developer tools, which have been very useful to a number of our partners.
It's important when you think about Trusted Computing, we talk about it in the context of the PC, but it really is a group to encompass much broader array of devices: storage, peripherals, printers, servers, network switches, etc. And we see very strong engagement across that. There's a very active mobile working group that's working towards specifications out this fall. One of our partners is Seagate. We build software for Seagate's new Full Disk Encrypting drives, which are built according to the Trusted Computing Group's specifications. A Full Disk Encrypting drive is a very cool device, because it completely eliminates this whole class of problems, like for example what the Veterans Administration has had where they lost all the files because they lost the computer. With a Full Disk Encrypting drive every bit on the drive is encrypted all the time. When it comes off the drive it is decrypted. But in order to tell the drive to release data, you have to log into, in essence, the drive, or authorize the drive to release data. If you don't know the password, you will never get the data off the drive. And so if I lose my laptop and you don't know the password to my laptop, when you find it, the only thing you can do is reformat the drive. It's a really elegant solution because it's done in hardware, and so it's at full line speed performance. There's no performance impact and there's no software that's pretending for the operating system while it intercepts commands.
Seagate starts shipping Full Disk Encrypting drives later on this summer. It's my expectation next year you'll see everybody do it. The lawyers will require that we put Full Disk Encrypting drives in every laptop that goes outside of the building. Because the liability risks today of getting your name written up in the Wall Street Journal are just way too high.
So what does a Trusted Platform Module do for me?
There are three major reasons why I want to use this technology. One is strong authentication. Who are you and what machines are allowed on the network. 100% knowledge of all machines on my network. This is the holy grail for the IT guys. If there are 100 machines allowed on the network, there are only 100 machines that are allowed on the network. And I can't go get another machine and pretend to be allowed on the network.
Network security is a whole new class area where there are 60 companies as part of the standards body building something called Trusted Network Connect, which is actually how you do policy enforcement on the computer to ensure that all the applications on the computer are configured according the IT department's policies, and Trusted Computing plays a very important role in ensuing that those policies are adhered to. So what happens is, if my computer was supposed to run Anti-Virus last night and I try to connect to the network, it says, "I'm sorry you didn't run Anti-Virus last night. You have to go do that before I'll let you on the corporate network." And this becomes the policing action for the IT department to ensure that all of us users are in compliance with whatever the policies happen to be.
The third is data protection. We talked a little bit about Seagate's Full Disk Encrypting drives, which ensure the data OUTSIDE the corporation is protected if my machine is traveling around, or I leave it in the hallway out there and it happens to disappear. But we also provide file and folder encryption which allows the user to protect individual files or folders from perhaps the IT department. If send my computer down to be upgraded by the IT department, I may not want them to see the IT department's reviews that are on my computer. And so how do I ensure that the keys are held in hardware, that I have the right passwords to unlock those keys and the IT department doesn't have them.
Providing an integrated client security solution where we today supply the software to integrate biometrics, smartcards, and Trusted Platform Modules, we're a single software solution for Dell, Gateway and Intel. And we're shipping in millions of units in volume.
The challenge here is ensuring interoperability. We have one major competitor in this space and that's Infineon. Infineon is one of the chip vendors. There are five silicon vendors, and I'll talk about the other four in a second. What Infineon provides is a very similar package of software to Wave, but they view the customer as the PC manufacturer, an HP or Dell or others, where we view the PC manufacturer as the conduit to get to the ultimate end enterprise, who really is the end customer that has to use it. So we build many more server tools and components than Infineon does and we've also ensured that our software runs on everybody's platform. So today we support the Infineon's Trusted Platform Modules. We also support ST Micro, Atmel, Winbond, and Broadcom. We actually have licensing agreements with the other four. They bundle our software with their chips. So we provide interoperability.
What does that mean?
It means as a corporation you can buy anybody's computer. You can buy software from Wave. And, it works.
Today if you buy an HP machine, the software that comes on an HP is Infineon's software. It only runs on Infineon chips.
If you put a Dell machine in your enterprise, you have to use Wave's software to run on the Dell machine and all the HP machines. The HP software will not run on the Dell machine.
And so, we think that's a huge competitive advantage. We're taking advantage of it. Our biggest customers really require it.
Let me talk a little bit about our partnerships. We have a range of partners in the chip space. Today as I mentioned before, four of the five silicon companies that are mass producing Trusted Platform Modules today, have licensed our software and are distributing it. They are our partners to help evangelize Wave to the OEM Market. We provide very simple software that's in the box that they test with. One of goals is to move to the next stage with the chip vendors, that they can actually sell our full software solution, so that we get paid on the full software solution by the chip vendors to the second and third tier OEMs.
We also have a couple of really good enterprise examples. Papa Gino's is up there as a, they're a small restaurant chain out of the Northeast, they are one of Dell's customers. They were an early customer for Trusted Computing. They've done a great job of building a case study for Dell and articulating what they are doing.
We also have a customer up there in Diebold who we actually supply with Intel. Intel motherboards go in ATM machines. We provide the key management software for the Trusted Platform Modules for Diebold.
Kind of two ends of the spectrum. One group is not a technology centered company, and one is.
Let me mention also NTT Data. We signed an Memorandum of Understanding with NTT Data for them to resell our software in Japan. We're working towards our final commercial agreement and we expect to have that done this quarter. NTT is a 20,000 person systems integrator. This is how we drive our enterprise business in the market in the long term.
A good recent example was when they were writing stuff up about the Veterans Administration, one of our indirect customers Ed Velez, the CIO of the Army's Program, was talking about Trusted Computing, because the Army is now standardized on Trusted Platform Modules in every single PC they buy. So as of February, the Army's Small Computer Program now requires that every machine procured has a Trusted Platform Module on it. And what was interesting was, there was a huge shift for us in the market as they went from "Do we want this technology or not?" to "Okay, now we've got it," and you can actually see in his quotes it's really assumed that we have it already. And so it's a much more interesting environment now to sell the upgrade software into, once they've already mentally decided, "Okay, we're going to buy the hardware. Now, where do we get the ammunition?" And that's really a good way to approach this.
Let me talk about our economic model.
We're well into the first phase of our economic model which is we collect a per unit licensing fee for every single OEM machine that ships with our software. We get about a dime from the chip vendors. We get about 40 cents from the OEMs. Good way in aggregate to think is it's about 50 cents. Makes for simple math.
We have today 50 million machines forecast to have our software. How do I get to that number? It's over the next two to two and a half years. This is a Dell Latitude 620. It has our software designed into it. It will most likely ship with our software for the entire life of this machine. This typically has a two, two and a half year, life that they will ship this computer for. For the life of that machine it will include our software. It's very unlikely that people will remove your software in mid-stream shipping, because then the product managers need to go back and touch this platform.
So my 50 million units does not include next year's potential design wins with Dell and others, or if I add an additional OEM. These are design wins we have in hand. And when you think of it from a revenue generating perspective, we started shipping our first volume deals with Dell and Gateway in the April time frame, so we're seeing the beginnings of the revenue ramp. You'll see solid growth in sales over the course of the next four quarters, because they will ship more units next quarter than they shipped this quarter of their new model line and that will continue on until next year. Sometime next year it crests on these model lines, because the new models come out and begin to take the volume from this one and put it to wherever the new volume is for 2007.
We are just at the beginning of phase two of our business plan which is the enterprise sales. We've been doing joint sales calls with Dell to their leading customers who are interested in security. We've been doing this since the March time frame. We have now amassed a pretty substantial pipeline list. We do every couple of weeks a conference call where the Dell sales force can invite customers in. We're averaging any where between 25 and 50 people on a conference call every couple of weeks. We get about a dozen solid leads every couple weeks out of those conference calls. And, they range from little companies to giant companies.
So today the pipeline is beginning to form up. We're not far enough along in it so that I can feel comfortable in the conversion time frame, as to how long really is the sales cycle going to be on these, but it's forming up very nicely.
The strength of our enterprise business ultimately is what drives the long term performance. I think we have very strong interest. Really good enthusiasm in the product. So it's developing very nicely.
And then finally, we provide phase three, which is how do we bring transactional business to this model. So if we have a few hundred million customers with our client software, how do we upgrade them, and then how do we deliver transactional business to them.
We are well on our way to being one of the market leaders in owning marketshare in this space. We own more marketshare today than Infineon does and we're growing it because we provide interoperability.
So why do you want to invest now?
Because this is the beginning of the revenue ramp. It's taken us a very long time to get here. This has been a couple hundred million dollars in investment to influence the PC industry to put hardware in. We've emerged as the leading software player in this space. You can go look at our customer's websites and see them selling our product across their product line. We have over 50 million seats forecast which will begin to drive the revenue of the company on a solid basis.
We believe we'll get to cash flow breakeven in a very optimistic case by the end of this year, in a sort of more pessimistic case by second quarter next year. Purely on the OEM business we can get there by second quarter of next year.
We're beginning to see the enterprise engagement. Players like having Army say, every single machine requires a platform module really is a solid endorsement of the technology by a very major player in the field.
We're also starting to see a much broader industry coverage from a media perspective. On a media basis, having the industry start to talk about it is what helps the IT managers begin to know it. A year ago when we talked about Trusted Computing, everybody was saying, "Well, what's a trusted computer? What do I need this for? Why do I have this?" Today it is, "I understand what it is. I have to figure out how to put it into my plans. I know where I'm going to use it architecturally. I know that I need to have it."
And we're beginning to see the regulatory agencies, specifically in financial services, definitely in HIPPA, basically say "User ID and Password is done. We need to get onto what's next." This is what's next. This is the standard that will be in every single computer.
So, in summary, Trusted Computing is a very interesting space. It's an industry standard. We've forgotten about industry standards. Windows 98, Microsoft said, “Let's put it on CD ROM," and we all ended up with CD ROM. Somewhere around Windows 95 they said, "Let's do networking." We all ended up with an Eithernet port, not token ring, not ATM, but an Ethernet port. And little companies came along like Cisco, who built the other end of the Ethernet port. Turned out to be a reasonably good business. Because you can count on the fact that millions and millions and millions and millions of machines are going to all do it the same way. Today if I mail you a music track, what format do I use? MP3. Not some proprietary, patented scheme, but an open, industry standard scheme, because all of us can use it.
This is how we're going to log on, to eBay, to Amazon, to our movies, to our corporate networks. And if it really works well we use, like this machine has the beginnings of, a biometric sensor to log me into my computer and a Trusted Platform Module in this machine that will log me in to everywhere else I belong. And so it will work like my phone. When I walk down the street it knows I belong on the network. It will log me into the towers and get my phone calls. That's what we want as users. We don't want to have to remember a password ever again. We don't with our cable boxes. We don't with our phones. We won't have to with our PCs. The technology is coming to do it.
And that's all I have. Thank you very much.
[applause]
Nine seconds left!