TCS Daily

Authentication Tools Opening Up Opportunities in Online Security

By James K. Glassman - May 29, 2001 12:00 AM

Worried about using your credit card online? You shouldn't. The risks to you are tiny, but that doesn't mean that you should ignore this issue. In fact, there's an interesting investment opportunity here.

The odds are that you'll never be a victim of credit card fraud, and even if you are, the ultimate cost to you will be little or nothing. Under federal regulations, card companies can hold you responsible for only $50 of unauthorized use. Some card issuers like Visa go even further, offering "zero liability" to encourage consumer confidence. So if you use a Visa card, you won't pay a nickel for the consequences of fraud.

In an era of exploding online commerce and countless media reports of identity theft, customer database hacking and other Internet shenanigans, it may surprise you to learn that credit card fraud is actually declining as a percentage of transaction volume. Still, the volume is huge. Visa alone handles $1.8 trillion of transactions every year, so even though fraud accounts for just 0.07 percent of that volume, we're still talking about close to $1.3 billion. And fraud is more common online than offline, so as electronic commerce grows, this problem may loom larger. On top of that there's a special problem for online merchants. They typically eat the costs of fraud because they never actually see a card - and that means that the card companies keep them on the hook for bogus charges. On the other hand, if a crook walks into a store and presents a stolen card, then Visa eats the tab, not the brick-and-mortar merchant.

The point here is that online businesses, not just card issuers, have a strong interest in making sure that their customers are legit. This interest goes well beyond credit cards. As more and more business moves online, it will become increasingly important to verify that people are who they claim to be, and that they really are committed to a transaction, even if they're not physically signing their names to pieces of paper. In a world where fewer and fewer transactions will occur among people meeting face-to-face, authentication is key. It's not just about cutting deals. Authentication is critical when allowing people access to information, which is increasingly stored in digital form and shared with people who aren't walking into offices and showing their faces.

The clear leader in authentication and security software for Internet transactions is Verisign (VRSN). If you're running a web business and you want to show customers that you offer secure e-commerce, you're probably going to display the Verisign logo. The company's products allow merchants to conduct web transactions while shielding the sensitive customer data from malicious hackers and to screen for potential cases of fraud. The company also offers products that allow people and companies to prove that they are who they claim to be, and to send encrypted communications that can't be tampered with en route to their intended destinations. This is done with a digital ID, a special piece of software code that sits only in the web browser or e-mail program of the legitimate user.

Some smaller companies are tackling the next generation of authentication products: "biometrics." You've probably seen biometric systems in sci-fi movies or James Bond flicks, but they're beginning to make their way into everyday applications. Biometric devices use parts of a person's body to verify his or her identity. These tools can scan a fingerprint, for example, or even the retina of an eye to authenticate the potential user of a computer or cell phone, or perhaps the visitor to a sensitive area. Bill Schaff, portfolio manager of the Berger Information Technology Fund, profiled several biometrics companies in a recent issue of the tech magazine Red Herring.

Schaff cites a report from market research firm IDC predicting that the biometric market, already a $166 million business in 1999, will grow to $1.8 billion by 2004. That's a compound annual growth rate of 61%, so if IDC's prediction holds up, this market represents an intriguing investment opportunity to say the least. According to IDC, the lion's share of the biometrics market - 55%, or roughly $1 billion -- will go to fingerprint-recognition systems. Another 15% will go to voice-recognition systems, and the rest will be split among technologies that read faces, eyes, and hand geometry.

Sure, it's a little creepy, and there will no doubt be a host of privacy issues surrounding these systems, but these technologies certainly offer clear advances for markets increasingly dependent on rock-solid authentication.

So which companies are in position to capitalize on this technology? According to Schaff, Identix (IDX) is the clear leader in fingerprint-recognition systems. Expect to see their touch-pad scanners attached to laptops, wireless phones, and other electronic gear. Among companies developing voice-recognition systems, Nuance Communications (NUAN) and SpeechWorks International (SPWX) have had early successes, while Visionics (VSNX) has grabbed a leadership position in the budding market for facial-recognition systems. These are all small-cap companies that have been losing money in a very young market. So they carry a good deal of risk, but also opportunity for the long-term investor..

TCS Daily Archives