In The Boardroom Press Room About Us Research Reports Contact Us

In The Boardroom With...

Mr. Thomas Flynn
Vice-President, Online Banking and Authentication
Gemalto North America Thank you for joining us today, Tom. Please give us an overview of your role at Gemalto and background.

Thomas Flynn: There is a global trend toward increasing identity security in both the physical and virtual worlds. On the leading edge of this trend is the move to embedded microprocessor chip technology in identity credentials, documents and tokens to secure online transactions, protect identities and ensure the access control of information systems. At Gemalto, we address these opportunities in our Security Business Unit, and I am charged with managing our security activity in North America for Online Banking and Online Authentication. I am also involved in the third part of our Security business, Government Programs, because of the many authentication and identity opportunities in that sector.

Since I joined Gemalto, I have held a variety of management positions in project management, marketing and sales. Prior to my current position, I was responsible for defining Gemalto's business strategy and technical solutions for enterprise network security and converging badge programs. During that time I helped to implement some of the industry's most notable identity credentialing programs at Fortune 500 companies. I also worked closely with Gemalto's channel partners to develop a national network of information security specialists.

An electrical engineer by training, early in my career I held various domestic and international positions technical marketing and business development for both Hewlett Packard and Mars Electronics, a division of M&M Mars. One sees on that Online Banking and Online Authentication have been particularly strong performers in 2010, growing by 49% in the first half. What is propelling those sectors ahead?

Thomas Flynn: From our roots in the smart card industry, Gemalto has grown to become the €1.91 billion ($2.7B USD) global leader in digital security. Last year we produced and personalized 12 billion secure digital devices, which we complement with systems and services to provide total solutions for our customers.

Online Banking and Online Authentication growth stems from the need to replace passwords with a stronger form of identification and multi-factor authentication.

As we all know, freedom of access places a huge additional burden on security. It's essential to verify the identity of authorized users without hampering the convenience and efficiency of cloud computing. At the same time, complex software tends to have more security vulnerabilities, not fewer. This is increasing demand for 'strong' (two- or even three-factor) authentication. For example, a user might need a password as well as a physical component like a fingerprint; or an ultra-secure one-time password generated by a smart card and reader.

Three interconnected factors are fueling this trend. First, mobility is becoming more important, with remote access and cloud computing on the rise. Cost savings and convenience are driving more use of cloud computing, and since security is the number one barrier to the development of the cloud computing market, this in turn creates demand for secure authentication solutions like those from Gemalto.

Cloud computing services - that is, data and applications that are accessed via the Internet or virtual private networks - are going mainstream. IDC expects spending on IT cloud services to reach $42 billion in 2012. By then, it will represent 25% of IT spending growth and nearly a third of growth the following year.

Secondly, banks, businesses and governments are under regulatory pressure to improve protection of their customers' private and personal information. According to IDC, compliance was the driving factor for up to 85% of all online authentication purchases in 2009. U.S. examples of these regulations include Homeland Security Presidential Directive 12 (HSPD-12), which led to smart card-based identity credentials for all federal employees, and the Health Insurance Portability and Accountability Act (HIPAA), which requires more tightly controlling access by administrators and practitioners to individuals' healthcare records.

The third factor is that online fraud continues to increase. In what some called "the hack of the century," cybercriminals penetrated Epsilon, one of the world's largest email companies, that at the time handled more than 40 billion emails annually for more than 2,200 leading global brands including Verizon Communications, Hilton Hotels, Kraft Foods, Kroger Company and AstraZeneca. The reason for the increase is that the threatscape has changed dramatically in recent years. Hackers are
increasingly able to penetrate endpoints and download Trojans, keyloggers and other malware onto endpoint PCs or laptops to steal login passwords.

These are the factors driving the growth in Gemalto's Online Banking and Online Authentication security solutions and services to authenticate identities online and make sure information and transactions remain secure.

As for our solutions, under our Protiva brand Gemalto offers the complete solution for strong authentication, from devices and readers to applications and authentication servers. Examples include multifunction smart card credentials used for physical and network access control, one-time password (OTP) tokens, the Ezio optical reader for secure online banking and our suite of eBanking solutions with more than 20 million online banking customers worldwide. According to Frost & Sullivan, Gemalto is the market leader in chip-based corporate security solutions.

We also provide our Coesys fulfillment and support services to these sectors as well.

Our solutions provide the highest level of protection against fraud while being simple for IT departments to administer and very easy to use, ensuring maximum compliance with security protocols. What is your outlook for growth opportunities in Online Authentication and Online Banking in the U.S.?

Thomas Flynn: In the United States, our top targets are eIDs for cloud computing, online banking, healthcare, online gaming and the actual end user's online social identity.

The opportunity that cloud computing is creating for Gemalto is particularly interesting. Beyond 2013 access authentication will be critical in the new computing models that are evolving. IDC Enterprise Panel research shows security is the number one challenge to the cloud model of computing in enterprises, with 75% responding that security is a significant or very significant issue.

As the IT industry evolves toward cloud computing, the need for authentication and identity management grows with it. This is significant because the authentication market is evolving toward areas of strong Gemalto expertise such as PKI transactions, smart cards, signature display cards, smart tokens and smart card readers for both unconnected and connected solutions.

One example of how we capitalize on these emerging opportunities is the work we are doing with Amazon Web Services (AWS). AWS is a Web service platform in the cloud offering a suite of IT infrastructure services to merchants and enterprises. Gemalto created a digital security solution for its customers providing a simple and cost-effective way to securely access and use Amazon's on-demand Web services from anywhere using our Ezio Time Token for OTP strong authentication. We also offer deployment services from personalization to fulfillment. By providing a complete solution like this, we are directly addressing the number one concern people have about cloud computing: security. We see this as a very significant opportunity, and we are very well positioned.

Another interesting development is the formation The National Strategy for Trusted Identities in Cyberspace (NSTIC) instituted by the Obama administration. It envisions an Identity Ecosystem that allows consumers and businesses to work with a network of identity providers for secure access credentials. This federated network will provide protection and convenience to both the end-user and the on-line institution. For high assurance identities, such as healthcare and Social Security as well as transactions in the private sector, the evolving guidelines call for strong authentication credentials of the types Gemalto provides.

As for Online Banking, securing access and combating fraud are major concerns for Gemalto's North American banking customers - 40% and 30% respectively - according to Datamonitor. Gemalto enables banks and retailers to offer customers in each end-user segment tailored solutions that deliver maximum confidence in their online transactions without compromising convenience.

These indicators all point to a very positive outlook for U.S. market development in Online Authentication and Online Banking. Gemalto's Security revenue grew 14% year-over-year in 2009, and an even faster 19% rate in the first half of 2010; please give us your perspective on what is driving this growth in the area of Government Programs.

Thomas Flynn: The broad deployment of electronic identity documents is an important megatrend that is driving growth worldwide in Government Programs. Gemalto is well placed to address this opportunity because governments are adding microprocessor-based features to identity credentials, a core competency of Gemalto. This makes them far more difficult to counterfeit or alter, and this introduces the possibility to place biometrics or PIN codes in the credential to tightly tie it to its bearer.

Underlying this growth are goals common to all governments. One is the need for better national security, which requires more accurate identity verification and credentials that cannot be easily counterfeited. The best example is the global ePassport program, which began here in the United States in response to 9/11. Now more than 100 countries have an ePassport system in place. Gemalto is the world leader in this domain in terms of the number of ePassport and eID systems implemented, with over 50 active projects. Other identity related imperatives are better control of immigration and temporary visitors, such as the European Union recommendation that required all 27 Member States to roll out an electronic European Residence Permit eERP by 2010, as well as voting registration and driver licenses.

Another factor is cost control, especially in health care and other social benefit programs. Governments need to more accurately identify individuals to fight fraudulent claims for services and to better protect people from the threat of identity theft. They are also seeking to lower administrative costs and provide better government services for citizen convenience with broader use of Web-based services and processes, like the trend taking place in the private sector.

These market trends are well established and as I mentioned earlier, Gemalto is already deploying more than 50 e-government projects worldwide including in the United States. In fact, we have shipped more than 25 million smart card-based identity credentials and ePassports to the U.S. federal government. In India, we recently passed the ten million mark for electronic driver's licenses and electronic registration certificates for vehicles, a program expected to be the world's largest of its kind. We announced a contract to supply three million national eID cards in Kuwait.

These are only a few examples, but with entire countries adopting these types of technology provides Gemalto with strong, lasting opportunities to offer our products and services. What do you see as Gemalto's competitive advantages and key differentiators in the Security sector?

Thomas Flynn: As the world leader in digital security, security expertise is at the heart of everything we do. This includes knowledge of cryptography and how to design secure systems.

We excel at the design and manufacturing of secure personal devices based on smart card technology, both hardware and software. All of these secure personal devices we have been discussing, from cards and credentials to ePassports and USB tokens, include smart card technology as a core capability.

Another important advantage is that Gemalto has digital security market leadership and experience in multiple domains. Gemalto is the number one provider of SIM cards and over-the-air management platforms for the wireless industry, number one in chip and PIN bankcards, number one in ePassports, number one in chip-based identity cards for enterprise-the list goes on. Our know-how in each of these sectors cross- pollinates the others, reinforcing and extending our security expertise.

Being close to our customers is a major competitive advantage and the reason we distribute our manufacturing, personalization and fulfillment facilities worldwide.

We count innovation among our top differentiators, and support that with sustained investments in R&D, which was once again twice that of our physical equipment capex, even during business downturn cycles. We have 1,400 digital scientists, 4,200 patents, 13 research centers and 103 new inventions first filed in 2010.

Other competitive advantages include the quality and processes we follow in our development and production facilities, including many certifications for telecom, banking and government in each of our facilities; the breadth of our product portfolio; and the managed services we offer that enable us to provide a total solution for our customers. Thanks again for joining us today, Thomas. Are there any other subjects you'd like to discuss?

Thomas Flynn: I'd like to let your readers know that Gemalto is a well-positioned company at the heart of our evolving digital society. We are set to capitalize on growing market opportunities in the Security, Mobile Communication and Secure Transaction sectors with stable growth with a strong market mix across business units. We are growing our diversified product portfolio through product innovation, software, services and bolt on acquisitions. Our strong 2009 performance allows Gemalto to achieve market share gains and invest in R&D and take advantage of attractive acquisition opportunities when they come available.

I'd like to encourage your readers to learn more at

Note: Gemalto's shares are traded on the Euronext exchange and ADRs trade in the United States in the over-the-counter (OTC) market.

The ADR security identification numbers are: ISIN: US36863N2080, CUSIP: 36863N 208

Another idea is to visit our digital lifestyle Web site,, where we answer consumer questions about how to better enjoy the conveniences of the digital world and how to secure one’s digital identity and information while surfing, buying, traveling and communicating. 

I want to thank SSW for this opportunity to tell your readers a part of our story today.