Transcript: SRA Conference - February 15, 2006

security research associates

2nd Annual Winter Technology Conference in San Francisco
February 15, 2006

I'd like to introduce Steven Sprague, the CEO of Wave Systems. And, by chance one of my closest friends and oldest friends is his father, so I've known Steve since he was a small boy. He's now a big boy. I think this is a watershed event for Wave, because the company has been an R&D company for many years and they're now starting to develop revenue. And there's plenty of security in the company, plenty of security technology, but there's nothing like revenue, and revenue is now coming. And so it's a perfect time for Steve to take over. And, thanks for coming.

Steven Sprague: Thank you very much. Thanks for having us.

So let me introduce you to Wave. For some people have seen it before. We've been down a very consistent path for a long period of time. It's taken a long time to get to where we are today. We've gone through a few iterations. If you look back in our history we've done a variety of different things. We used to build hardware; we no longer build hardware. We were involved in the measurement and use of information, really metering and DRM in the very early stages of it, and I think that actually that will be parts of markets coming forward in the future.

Today our focus is on building support for a new industry standard that's emerging. And I'll spend a bunch of time talking about the industry standard, because it's very important to understand what's happening in the marketplace that's creating this opportunity.

I will say one of the most interesting aspects is that we've become so comfortable with the PC, we forget the power of the PC market when the PC market was emerging. And we're having another iteration of something that's inside the PC and the addition of a new capability and the markets that it's going to basically disturb and the markets that it's going to create. So in a very similar manner to Microsoft and Intel deciding to add multi-media as a standard component to the chipset changed the whole flavor of the multi-media marketplace and created what today is a huge market on the PC, that process is going on today to add security as a standard point to the market.

Standard safe harbor language.

So one of the challenges that we have in the PC space is that there's a huge amount of stuff that's been built around trying to address this fundamental question of who are you, are you the same person you were yesterday, can I trust your machine. These are the classic set of problems we've all heard about, read about, some of us have experienced in the consumer PC model. Why? Because a consumer PC or a standard PC has no identity technology in it, we have no idea who it is. When it shows up on the network, it's just another processor on the network. Unlike the cell phone network where we now have SIMM modules and identity capabilities, etc, I can make your phone ring by dialing your number and your phone rings, and his phone doesn't ring and her phone doesn't ring and his phone doesn't ring, just your phone rings.

And so there's a tremendous opportunity to bring standards based hardware to solve this problem of the PC. The challenge of course is that the PC business of course is a very standards driven business. And so what you have to do in order to accomplish this, and we got very close to getting our own hardware deployed in this context, and really what became necessary was to go become part of forming and driving then the industry standard to accomplish this.

So back in the late nineties an original group was formed called the TCPA, Trusted Computing Platform Alliance, that was rechartered a couple years ago to become the Trusted Computing Group. It is a full up industry standards body similar to standards bodies that exist for Web based protocols, for WiFi, etc. We're actually in the standards organization in the process of discussions with IEEE with how this standard should be adopted by the IEEE. But in essence it's 130 companies today. It's all the major players in security. It's all the major PC manufacturers. They've agreed to a common standard. They've begun deployment. They've shipped noe parts, actually Lenovo, the old IBM ThinkPad team, was just saying they've shipped their 19 millionth unit out of Lenovo by themselves, total in the market. They started shipping, I think they shipped their first unit back in 2001, and they've been shipping for a while. The rest of the industry joined in the course of the last year. So probably sort of the bookend of establishing that this was going to be the defined standard and the train had left the station was when Dell shipped their first unit back in March of last year.

If you've got Lenovo, HP, Gateway, Dell, etc, Dell tends to join these parties late but they drive the adoption of technology.

So the Trusted Computing Group publishes standards for building blocks for hardware security in the motherboard. There are now a half of a dozen PC chip manufacturers. So chips are built by Infineon, ST Micro, Atmel, Winbond - Winbond bought National Semiconductors old group, and Broadcom, are building chips for [] are a dollar a part. So to have some scope of what I think the market is, clearly getting into this market are five different silicon providers, because the market is 200 million units per year, and they want to divide that market amongst them. 200 million units is the current shipping capacity of the PC industry based upon last year's volumes as reported by IDC.

So the market is growing. The industry shipped approximately 30 million units last year. General estimates from IDC are close to 70/75 million units this year.

So this is IDC's growth chart. You can see that it moves up towards 100% adoption in the PC space. This is not an unfamiliar chart. This is an absolutely classic Wintel standard adoption chart. The same chart was drawn for math coprocessors, CD ROMs, Ethernet ports, etc. Once the industry decides to put the technology in, the problem is and a very simple one, actually one that was highlighted just the other day, is that if I have the technology in my PC and he doesn't have it in his PC and the customer makes it standard, that guy sells zero PCs.

And so for example, the US Army just standardized that all future PCs starting at the end of this week going forward require Trusted Platform Module 1.2.

There are some OEMs who have 1.1 version platform modules and not yet 1.2, who actually won't meet that and therefore for the next quarter won't supply any equipment to the US Army. If you want to motivate a product manager to make sure that all future PCs have that, miss a quarter of sales to major customer like the federal government. Showing customer adoption is important for us as well. Having the US Army do the first step - before they can buy our software they have to get machines with TPMs. The first thing they have to do is go ask that 100% of the machines they buy have Trusted Platform Modules in them. Anybody who has any influence over their organization's purchasing of PCs should ask for the same thing. This is, think of it in a similar manner to color. You know at some point you have to buy your last black and white monitor because you know everything in the future is going to require color, and so that's the same case here for security. This is going to be used for all network access control, all authentication, and the question is the machine your bought yesterday which doesn't have a TPM on it, are you going to be able to have it live its normal life before you get rid of it, because maybe in order to file your filings you have to have a Trusted Platform Module.

So what's our mission?

We looked at this market and we've been part of facilitating the market to come to place. We've watched lots of other markets in the Internet and other places develop around us, and we believe that the primary task here is to be the company that provides the tools and infrastructure to help the OEMs deploy this technology in the box. That if we can be the branded experience where you start your Trusted Computing relationship as a user, that is the best place to aggregate the value that's generated by this market.

And so we've focused on building the client software, doing deals with the PC manufacturers, get this as broadly deployed on a horizontal basis as possible and build the infrastructure so that the enterprise can begin to take use of it. Our model for our enterprise software looks like the early days of Novell or 3Com or other guys in the networking game. So I'm going to have all these devices, they're all going to be connected, how do I control them? Things that are important to us are remote management. We haven't heard about remote management since the early days of Ethernet. But remote management for Trusted Computing becomes very important. How do I reach out, put keys on machines and take keys off. How I manage to manage your machine without having to go visit your desk is a very important characteristic of this. So, providing those tools to accomplish that are really important to us.

So we've managed to aggregate a team of some of the world's experts in this. In some cases they were world experts before they started, they are definitely world experts now. We write most of the infrastructure working group specifications. We've been a major author of lots of parts of that. Many pieces of the standards organization have Wave folks contributing significantly. We've chosen to fund that effort from internally. So that we not only build the client software, but we help write the specifications. So things like backup and recovery of keys, we built a product and then we wrote the standard. And so there's a real advantage in that of having strong participation.

We've chaired the marketing working group of the Trusted Computing Group for over a year. Which means the entire budget for the Trusted Computing Standards organization is administered in essence by one of my guys. I think the best way to equate this is you don't run it. It's kind of like volunteering for the PTA dinner, okay? If you volunteer you can have a lot of control as to how the event goes, but if you get too far off the reservation somebody comes along and slaps you and says, "no, no, no, no, no, we can't. We're not going to have the Hawaiian Night theme." So some days it's more entertaining than others. But we write all the quotes. We wrote a lot of the articles. We decide which analysts get briefed. I mean actually a lot of energy gets put into that. Part of our role in that actually, another good way to understand where we are, and why Wave is an important player in this, because there's some really big companies in this. This is Microsoft and Intel and all those guys. So we just got elected to a board position in the Trusted Computing Group. It's a really good indicator of where our role is. This is elected by the membership. There are two board seats that are elected on an annual basis. We got one of the seats and Infineon got the other. The rest of the board members are Microsoft, Intel, HP, Sun, Seagate, AMD and Nokia. So that puts us in an even stronger position. There are monthly board meetings. We meet with the players. This gives us interaction with all the key players and their key Trusted Computing Group guys as well. So a lot of stuff gets done in that context.

So what do we build? We build client software. It comes either as something you buy as an application to go onto your machine, or it comes embedded in your machine. That client software provides the ability to manage and control your TPM, Trusted Platform Module. It helps you decide how you're going to use those devices to logon. Logon to my PC; logon to my network, and logon to my services. So we help administer all the relationships that you have with other service providers. Today those are typically internal relationships inside an enterprise. We expect that fully to be every place you do business on the Internet.

A billion machines are going to do strong authentication "this way." You're going to hear about lots of other companies. We talk about RSA has their tokens and Vasco has tokens and Gemplus has smartcards. There are lots of things out there helping you authenticate. The difference is RSA is really happy they've shipped 19 or 17 million tokens. We're going to ship 17 million tokens a quarter. They've shipped that since the beginning of time. And we'll ship at the rate of 17 million units a quarter in '06. So it's going to get interesting.

How is that going to affect the business? I think one of the really interesting aspects of this market is to understand that an industry standard, when it shows up in the PC space, it throws all the pieces up in the air. It doesn't guarantee who wins and who loses when the pieces fall down. But it's going to throw all the pieces as we know them today up in the air. A really good example is, if you invested in multi-media before Microsoft and Intel added audio and video to the chipset. Right? Creative Labs was the leading player and the different video guys were, and then it just went "whooof!" For a while it was a little interesting and then it settled back down and certainly the market was not the same size for Creative Labs building sound cards after audio got built in than it was before. The same thing is true in security. This is going to really change the space.

The other thing we build is the server software to help manage this, because once we have this in the machine, how do we turn it on and use it for strong authentication? Another very important thing to understand is back in 1998 and '99 there was a big push to add PKI. Everybody remembers Baltimore Technologies and a bunch of other players. That massive rise in market capital around PKI, facilitated building PKI support into all networking equipment and it never has gone away. So every CISCO router supports PKI. Every Juniper router does, Checkpoint firewall... This is the hardware PKI token on the client side. So this provides interoperability with anybody who ever supported the public key standards, which is about 80 to 90% of all networking equipment today. I can configure out of the box to work with Trusted Computing.

Now the challenge for the IT department is the manual doesn't say trust Trusted Computing any where in the manual, from my CISCO VPN router. One of the things we've had to do as a company is publish a series of documents on how you set your Checkpoint router up or your Checkpoint firewall up with Trusted Platform Modules. It works brilliantly. It's really easy to do. But helping that guy through that sort of first step of associating pieces that aren't normally associated has been a challenge.

We've built a number of networking components to help that. The most important tool we build is a tool for backup and recovery of keys. So if you're going to encrypt all of the data on the hard disk, then you better have some place to backup your keys, because if you forget or lose your keys you lose all the data. And that's been a very valuable component for us.

It's still early in selling the enterprise software because people haven't really recognized that they have clients yet. And we provide a range of developer tools that others can use.

One of our more interesting partnerships has been Seagate. So Seagate decided to build full disk encrypting drives. What's that? It's a hard disk; in the drive controller they have added security in hardware, where all the data bits spinning on the platters of your disk are now encrypted. Which means that if you leave your laptop in the cab while going to the airport you can't take the drive out of the laptop, plug it into another computer and just read the drive. Because that bypasses all the authentication into Windows. So they've built this as a standard component to the drive. They've added very few cents ultimately to the drive.

We formed a partnership with them, that we would build the enterprise software to support their new Trusted drives. Because Seagate's not an enterprise software company, they're a drive manufacturing company. And so we built the software support for their new drives. You have to buy the software from Wave. In some cases we'll provide bundled solutions. We are today the only provider of software for the Seagate drive that demonstrates any functionality. There are open standards solutions we fully expect a few others to enter in producing this. But we've integrated that capability now into the same client software we ship to the PC OEMs.

So a company like Dell who buys Seagate drives, they own 50% of the marketplace, can have a single solution where they get Trusted drive management, TPM management, we actually also have expanded in the case of client machines to biometrics and smart cards as well. We provide management of the full-secured environment of the client PC.

Our prime competitor in this space is Infineon. Infineon builds chips. They've also built a software stack that works with their chip. One of Infineon's biggest disadvantages is that their software only runs with Infineon's chips. Wave's software today runs on Infineon chips, ST Micro chips, Atmel chips, Winbond chips and Broadcom chips. And so we provide a solution where a company like Dell can buy one software stack and then commoditize the chip vendors as to who they use on a chip basis. That type of layered software approach is very typical for the PC industry. I think one of the only reasons we've actually lost any business to Infineon is that they are a much bigger company than we are. Most of the players that have used Infineon have been the Japanese OEMs. They very typically work better with a really large company. However one of the more interesting announcement we recently did is we just signed a Memorandum of Understanding with NTT Data to be their supplier of infrastructure support for Trusted Computing for the Island of Japan. In order to use our software they'll do a client software replace on every machine. So this has certainly woken up the Japanese OEMs and I think is a very good piece of business for us. In addition if a Toshiba wants to use a Seagate drive they're going to need both Wave's software and Infineon's software. So in time we think it will be much cheaper for them to have a single source supply, not even in the cost of software but just in talking to all of us, which seems to be one of their biggest challenges.

So Trusted Computing, we've only talked about the PC space. We touched a little bit on Seagate and the peripheral space. But the Trusted Computing Group standards organization encompasses all devices: peripherals, storage, PCs and mobile devices. There's a very active mobile working group that has a couple dozen members, all the major telephone companies, and the goal is to put interoperable credentials on PCs and cell phones. So I can check my email from my Blackberry against my corporate server without having to own a Blackberry server. Because the device should have an open platform for credentials that the IT department manages, not the cellular operator manages. And so this is very well underway. The specifications will get published this spring. We expect to see first devices this fall.

We've done some nice warm-up relationships with ARM, with Nokia, with a couple of others in the marketplace. So we're very active in helping to write those specifications. We think there are some really interesting ways to combine our client software with the software on the cell phones. We don't expect ultimately to be a huge cell phone software provider, we want to make sure the phones work very well with the PC platform.

So this compatibility and interoperability for us is a really key differentiator. It's also a key differentiator for the overall standard. So one of the challenges in security is that if I write to platform A, I do a security project over here, and I do another security project over here, the probability that they work together is zero. Because everything in security is little vertical markets. And so the opportunity with Trusted Computing is to provide a normalization of authentication, data protection and access control, so that as different devices use that, the probability that they'll interoperate becomes much much higher.

And so in an effort to help have a simpler deployed network and to reduce a lot of the layers of security, because the IT department gains something they don't have today which is for the first time they'll know 100% of the things on their network. They don't know that today. They've all this software they're buying to figure out what's going on, which they don't really need because it'd be like running airport security with no IDs. "I have no idea who you are. But go ahead on through!" is different than if I'm looking for somebody and I've got everybody scanning everybody's ID and I know that your name on your passport and your name on your ticket are the same thing. I have a much higher probability of catching somebody going through an airport if I know everybody at the airport.

Sure...

Question from audience: Just one question, I'm not understanding how you differentiate between if an unauthorized user is on the computer, it's not going to catch an unauthorized user... [?]

So the way this works is a Trusted Platform Module holds credentials. An IT Department can ask the TPM chip to create a credential that's what's called non-migratible, which means it exists once and only once. That gives unique identity to the machine in the control of the IT Department. The way I release that is with a PIN number or a biometric. So I'm identifying the user to the chip with a PIN number, and I'm in essence making the second factor of authentication their six-pound laptop as opposed to a smart card or an RSA token. There's no difference in this structure except that I'm including the PC platform as part of the authentication. So I know it is someone who knows the PIN number in that machine. So to the extent you protect your PIN, which actually you don't need to protect nearly as strongly as you do in the case of User ID and Password, because if you tell me your User ID and Password to your Citibank account, I can go logon anywhere. If you tell me your PIN number, I've got to go steal your computer in order to use your computer to login to your Citibank account. So I know a lot more [] and even better and we've already done this in a number of cases where you link the biometric to replace the PIN. Now the biometric never leaves the computer. There's no big server with everybody's bio-data on it, it's only inside my own machine. But now I as a user don't even know the PIN, right? And so that's a pretty elegant solution to release the credentials stored, I have a pretty high assurance that it is someone I know on that machine logging into the network.

So a couple things from recent progress. These are around the last couple of weeks actually, few weeks,

So we're showing now at the RSA show today integration with Nortel Networks and Juniper for something, you've probably heard the terms, Trusted Network Connect, NAP and NAC, right? The Network Access Control and Network Access Protection and Trusted Network Connect are the ability for before I let you on the network my computer is going to check to see if all the software you're supposed to have is up to date, is correct, is my anti-virus correct, and if you get a green sign you can get on the network. If you don't get a green sign you get sent to remediation. This is not necessarily a great user concept "remediation" but it works well. And so, it ensures that if you have to have Acrobat Version 9 to do your job, IT can say, "check before he gets on the network. See if he has Acrobat 9. If he hasn't updated yet, he isn't allowed on the network until he updates."

And so the Trusted Platform Module plays a very important role in that and we're showing at the show today for the first time what's called Platform Trust Services, which is the integration of the Trusted Platform Module to do this as part of that process. What it does is prevent the client from lying that I still have Acrobat 8 and I'm going to pretend I have Acrobat 9. So a Trusted Platform Module can enforce that the platform isn't lying. Wave plays a very important role. 100% of the machines need it. You're going to have to upgrade our software to get our TNC support for Platform Trust Services.

We're also showing the first production Seagate drives. We announced our Seagate relationship about a year ago. We shipped some prototype stuff, really a lab experiment. These are now running on production drives. They're a couple months away from production release of drives. So sometime early summer it looks like these drives begin to show up. Everybody who has stock compliance issues, everybody in California needs one of these drives, because now I can ensure that if I lose my machine it and it has any sensitive data on it I don't have to get an article written on me in the Wall Street Journal.

Gateway began shipping our software January 26. So that was our next major OEM beyond Dell. We supply Intel as well. Probably one of the more interesting ones from our perspective is the US Army's consolidated buy mandate. If you're looking for an indication that a big enterprise is thinking about this and trying to figure out where to use it, here's a good public indication. They've said all future machines purchased in our consolidated buy program require TPMs. It's public on their website. We help communicate it out there.

NTT Data is a very important relationship for us, because it's showing a really big systems integrator and also a really big market. Japan has standardized on a bunch of PKI capabilities for consumers to government connection and NTT is building that infrastructure and they want to use our tools to build that on top of Trusted Computing. So having NTT select us, there aren't very many of "us," people who build support for Trusted Computing. Getting selected and partnering with them allows us today to begin a relationship that we think over time will be a hugely profitable relationship for us. It will take time to mature. The point is we're beginning to sign these relationships today.

Somebody enters this market tomorrow. First they'd have to build all the stuff we build, then they'd have to come displace us in relationships where we're proving our value to those customers.

So it's getting to be quite a good stable of characters and we're making good progress on that.

Our business model consists of getting nickels and dimes from the OEMs and chip vendors, and we get typically fifty cents from a Dell deal. That helps to pay the rent. One of the biggest challenges we have as an organization is while we successfully raised a bunch of money back in 2000, we burned through that cash in 2003. We've really gotten very clear and focused on this market. It's clear how the market is developing and how we have to build more partners we need. We've been funding the company off of a series of PIPE transactions as discounted common with relatively light weight warrant positions, very short term. Six-month warrant for us is useful money; five-year warrant is completely useless money. And we've done that off of shelf registration so the investors are relatively quickly converted into market. People who have been investing in us are liquidity players. So they buy my stock in December and they've sold all the stock they bought in December by now. They've made money on the transaction. You can look at my share price, the volume, and what they bought the stock at and realize they made a good chunk of money. And they'll come do it again.

The problem with that obviously is that when you're venture funding a fairly expensive burn rate, it burns a lot of dilution. But it's the right thing for this company to do right now. What you want to do, you want to own the leadership position in the introduction of Trusted Computing to the market and be in the position to capture four to five hundred million subscribers at the starting point in their Trusted Computing relationship. That's what Wave is about.

In order to do that, we're investing heavily in building that space. So, our burn rate is pretty hefty. We burn in and around four and half million dollars a quarter. We have for all intents and purposes no cash. We raise that on a quarter-by-quarter basis.

Our challenge today is that our share price is not strong enough to support that level of burn rate. One of the things I think, we made the decision really last summer that we were in the right position that we could get to this point with this set of deals. And we've delivered on that set of deals, and now we're in the position I think where we can begin to clearly offer the stock on a basis where somebody can look at it and say, yes, these guys are in the leadership position. They have the key partnerships. The market is clearly underway. The revenue underneath this has got some good substance.

We have got good volume forecasts from our OEM partners. We can look out in front of us today and see somewhere between 80 and 100 million seats over the next 36 months that we have under contract today. No, contract is too strong a term. It means I have a contract where my customer could cancel me tomorrow and they give me a forecast that looks at that kind of volume. So the nice thing with an OEM business is that as long as we perform, they won't displace us tomorrow. It's extremely expensive for them to do that, because they've done work to integrate our software into their offering, into their marketing, into their sales training, etc. So typically in an OEM business if you win a design win, a Dell model 610, that image will stay the same until Dell 610s cease to be available in the market. Very seldom does it change in the middle of a product life cycle.

So the deals we announce tend to be fairly good long-term deals, although the contracts with OEMs are terrible. I mean any big company like Dell negotiating with a little company like us says "we'll pay you if we feel like it." But in essence we get paid on a quarterly basis. And they're good customers on that basis.

The second phase of our business model is really around providing the enterprise support to the market. So this typically a 40 to 50 dollar per seat model. It's classic enterprise software, both client software and server software. It provides the infrastructure to manage the devices in the marketplace.

We've got a couple of good reference customers. We've supplied Diebold with some interesting software. They're a classic customer who won't tell anybody what they're doing with it. That's perfectly fine. But they allowed us to use them as a customer. On the other end of the spectrum we provide Papa Gino's with their security infrastructure for their 500 pizza restaurants, and they've been very happy to help publish a bunch of Dell case studies. Actually if you go to Dell's website and type in "Papa Gino's" you'll find the case study. And they're happy to talk about the fact that it saved them money, made it easier, it's effective technology and they have it in deployment today. So we're working on continuing to increase those customer relationships and we expect that to really start to turn on in the course of this year. This is the hardest thing to gauge.

Clearly, selling a couple hundred thousand seats would dramatically improve my revenues at 50 bucks a seat, the challenge has been when does it starts in earnest, and that's been a very hard thing to predict. We'll probably ship somewhere in the range of 20 million plus seats of software, Wave's software this year, and it could be as high as 30 to 40 million units this year. So I think we're in a good position on that front. We only need a few percentage points for people to convert and actually use it. But I don't have any track record to prove that that's happening yet. I can't look back and say. For all intents and purposes software upgrades sales to this point have been negligible. To be fair, they've been negligible for everybody else in the market as well. It's not like some other person is getting all the seats. It's just the market awareness of this technology is just really starting to happen.

We kind of had the first analyst at RSA this week who said, "Yes, this stuff is really going to be important. It's really going to have an impact. A lot of people don't know what it is yet.

The last couple of slides...

So we're building an installed base. These are our actual stated numbers in Q2 and Q3. You can see pretty good growth. As I said before Q4 tends to not be a growth quarter for the PC OEM industry. You start new product adoption in the spring and you build through the year. We expect relatively flat in Q4 and growth really picks up again in the beginning, the first three quarters of this year.

We've announced our Dell licensing agreement and our Gateway licensing agreement and we're working with a bunch of other OEMs in the marketplace.

Another huge thing that has happened over the course of the last six months is that the coverage of this space has grown completely vertically. There were probably two articles written in the first half of last year and there were dozens of articles written in the second half. All of this is in preparation for Microsoft's Vista launch. So logo compliance is part of what is driving this technology. If you look at Microsoft, if you look at any laptop there's a little sticker that says "Designed for Windows XP." If you want a sticker that says "Designed for Windows Vista" on an enterprise PC platform you must have a TPM in the box. That's what's driving this business. That's what drives a Wintel standard into the marketplace. So everybody ends up with it, the question is, what do you do with it once you get it?

So in summary this is the foundation for security for everything we're going to do. Fast forward ten years from today, you won't log onto a service provider, pay anything, have access to any content and use your User ID and Password. You will log into your PC and your PC will log you into everything else. So User ID and Password, hopefully my kids won't really understand what User ID and Password is. They'll think it is really arcane and stupid technology and why did you need that. And we've certainly had occurrences where that's happened. We got rid of the beep beep tones on our cell phone, that was a good improvement. Every time you dialed long distance wait for the beep beep tone, type in your PIN number and go. It's gone. Let's make User ID and Password go away.

I think we have the right partners to drive there. We're clearly the market leader in this space. 30 to 40% marketshare of the total software dollars spent in this. The problem was that it was only $300,000 in the third quarter. That's the challenge. So we're in the beginnings of an emerging market. It is going to be a huge market. What we've focused are the things we can control. Build the right partnerships, build the right relationships, build the right software and build it in a market that's being driven to be a huge market. And that's how we're executing in this space.

So we think we have the right model. We think we have the right business models. We think we're testing very well in the market our next phases of business models. And we're really waiting for the growth to come to us.

And that's all I have.

Thank you for your time.