Identiv's Post Password Era Solutions Gaining Traction As Company Strengthens Its Financial Position

TM editors' note: This article discusses a microcap (<$100M market cap) stock. Such stocks can be easily manipulated; do your own due diligence.

Lately, we have seen many headlines about how large companies are experiencing security breaches that have resulted in sensitive customer information being exposed to theft. 

• In yet in another string of security breaches, JP Morgan Chase (NYSE:JPM) revealed that 76 million households' and seven million businesses' contact information were compromised, in a filing with the Securities and Exchange Commission (SEC) recently.

The compromised information included names, addresses, phone numbers and e-mail address, as well as internal JPMorgan Chase information about the users, according to the filing. The bank did say however that the more sensitive information such as bank account numbers and credit cards was not affected.

• In another recent security breach, Home Depot (NYSE:HD) said on September 8th of this year that cyber thieves compromised financial information of its customers. According to the company:

On Sept. 8, we confirmed that our payment data systems were breached, which could potentially impact customers who used a payment card at our U.S. and Canadian stores in 2014, from April to September. Today, we are able to tell you that the malware used in the recent breach has been eliminated from our U.S. and Canadian networks.

Thankfully, it appears the cyber thieves in this case have been using the information to buy small insignificant everyday items such as beverages and meals at McDonald's, so it's likely the thieves in this case were just a bunch of bored kids, otherwise the damage would have been much greater by now.

• Cyber thieves used stolen/guessed passwords recently to 'steal' nude pictures of actress Jenifer Lawrence and model/actress Kate Upton from Apple's (NASDAQ:AAPL) cloud storage system. Representatives for both Upton and Lawrence had to work very hard to stop the spread of these personal pictures, and the theft has left users of Apple's cloud feeling rather insecure about their personal items stored there.

• Target (NYSE:TGT) had its data breach occur around Thanksgiving of 2013. In that case, it appears that cyber thieves installed malware unto one of Target's internal servers that stores customer credit card data. In fact, it's believed the Home Depot breach occurred in the same way.

It's really only a matter of time until more sophisticated cyber thieves will get the type of financial information in their hands that could lead to a potential financial crisis for both the businesses affected and their respective customers.

We believe a small company headquartered in the California Bay Area, Identiv (NASDAQ:INVE), has solutions that businesses and investors need to be aware of.

The cyber thieves were able to install malware in servers of Home Depot and Target that still use passwords for authentication. This gave access to the credit cards prior to encrypted storage. In simple terms, a credit card is swiped at the time/point of sale. Afterwards, it's stored and encrypted internally before being charged by the credit card company. What the thieves did was intercept the credit card numbers using malware installed on the internal servers which directed the card numbers to be sent to them.

Identiv's solution is geared for the internal server of a business. Passwords to gain authentication are not used, so Identiv's solution is part of the "post password era."

Identiv produces and manages strong two-factor authentication credentials. The company provides a service that issues and manages the life cycle of the credential (smart card or other form factor). The credential and the processor on the device are used to generate private keys inside the hardware itself. The service works with managed Public Key Infrastructure (PKI) providers like Symantec or Verizon, as well as an in-house PKI system to provide the customers with one of the strongest methods we have to protect Identity.

The complexity of smart credentials has always been in how they are managed. Typically complex expensive Card Management Systems and Public Key Infrastructure are used. Identiv's solutions allow customers to take advantage of a secure credential without having to install the complex and expensive system to manage them. The credential can be used with managed or in-house PKI systems.

With the Identiv cloud-based service for issuing trusted credentials for its customers, the company provides a service-based solution to a lot of difficult questions such as:

  • How do we protect the computers our users are logging into?
  • What is a technology that everyone already knows how to use?
  • How difficult is it to use this technology in our environment(s)?
  • How do we protect our customer information?

All of these questions can be answered with one thing: a trusted credential that can be used to securely access the systems that have the most valuable data on them.

An Identiv Utrust Credential works like an ATM card. You insert the card into a reader and you use a PIN to verify your identity to the credential. The credential then identifies you to the host using standard digital certificates based authentication that is built into to every browser on the planet. This type of authentication is built in to windows operating echo system as a native method, meaning you do not need to install any software to use these credentials.

The solution does not require a company to make a large investment into the infrastructure to deploy and manage these credentials. This is what the Identiv ID on Demand service provides. It is a cloud based solution to design what the credential is going to look like physically and logically. The built-in badge and workflow designers allow customers to create work flows defining the steps used to onboard users as well as custom card design that can be physical printed on identification cards.

With Identiv's solution, you do not have to deploy client software; it is built into the browser or native in the operating system and in email clients like Outlook or Thunderbird. You can do all of this, without the complexity or the overhead of a Credential Management System or Complex PKI.

For all of the reasons, cyber thieves cannot install malware on a company's internal server because they cannot obtain access unless they have the required smart card and the encrypted digital certification.

Q3 Earnings Call

The clarity and investor relations efforts that are necessary for any company are now imminent for Identiv for the first time under current management.

In the recent third quarter conference call on 11/13/14, Identiv Chief Executive Officer Jason Hart stressed that in the past year, he had to be narrowly focused on execution as the company had many challenges to dramatically change, including restructuring its executive team and sales organization. In the long term, this is the correct approach which is evident by several improvements.

The company is now in a better position because of a much stronger balance sheet, new favorable credit agreements with its suppliers and Opus Bank (Opus credit line doubled from $20M to $40M, with lump sum payment due in 2017 rather than 2015), growth delivery, and the ability to focus on new strategic partners such as Verizon.

Hart said the next phase starting now will include a greater focus on investor relations, press releases of significant events, and an added focus on marketing.

Hart stated:

The number one question I receive is, 'why don't you put out a PR about Verizon or the largest security distributor and the like.' First, we don't put out press releases without the customers permission. We've begun to negotiate PR clauses in many of our new contracts. At least two large known brand customers have agreed to such clauses as the projects are rolled out.

So, Hart refers to two major customers who have such agreements in place and have not been revealed to date. Prior to this, approval was not granted by some of its customers. Customers have been hesitant to allow this because of the nature of the business involved- security -- something that has frustrated shareholders.

With the business now stabilized, the focus is now on rapid growth. Hart directly addressed the stock performance and repurchase plan as well. Hart also stated:

When looking at the public and private markets, I stand by the comment that I made on the previous call [Identiv is a 400 million dollar company] that the stock is substantially undervalued. The board agrees with me so we took an uncommon move by initiating a stock buyback after a capital raise. We are undervalued with comparison to our competitors. There is no operational reason for that disparity. For now, we are going to deliver operational performance and get the message out more aggressively. Now that the simplification strategy is mostly behind us along with working around the clock to drive growth and fine tune our products, you should expect us to outpace the industry growth through 2015.

Identiv Customers

When we took a look at a customer slide the company used at a conference in Boston, it was easy to see the diversification present for Identiv. The company has customers in numerous sectors including oil, telecom, universities, world and U.S. governments, and others.

The list includes Verizon (NYSE:VZ), Cisco (NASDAQ:CSCO), Nokia (NYSE:NOK), Hewlett-Packard Company (NYSE:HPQ), and 20 different segments of the U.S. government such as the IRS and NASA.

One customer whom Jason Hart has spoken about in previous calls is Verizon. As touched on previously, some frustration has been voiced from shareholders trying to find further details of this partnership. Although financial terms have yet to be released, Hart did at least clear up some speculation surrounding Verizon:

I was asked this morning about a Verizon video that remarkably looks like one of our technologies. It is. We work closely to blend our product and Verizon's product into a unique Verizon offering that they're now taking globally.

Within this video, a credential solution is displayed and provides cloud based deployment while giving the user convenience and flexibility when completing actions such as adding new employees or removing termed ones quickly. With these products now having the Verizon stamp of approval, it has already created additional deals for Identiv. The global reach of this program will be interesting to watch develop as it expands worldwide.

VoIP comparison

Hart has compared the current situation with authentication and data breaches with the early adoption of Voice over IP (VOIP). In the early 2000's, most every company was rushing to change its phone system to the new technology of VoIP. This is essentially the ability to speak to co-workers and others anywhere without paying long distance fees because of the internet. The cost savings was very clear to implement VoIP for virtually every major organization and the companies providing these services had as much work as they had the ability to handle.

This is perhaps an underrated statement because people unfamiliar with the telecom industry may not understand the context of it. However, this comparison is the reason the company expects aggressive growth. He is seeing the demand come in and comments that the company's pipeline has doubled in the past two quarters.

To give some color on this, a pipeline consists of opportunities the company has identified as just "potential customers," with the associated revenue impact. So, the hypothetical and just potential revenue in the pipeline is a long list with a large total for even small organizations. For a company such as Identiv with approximately $85M in sales this year, the pipeline doubling in such a short amount of time is rather impressive and tells us that the sales organization restructure has made a fast impact.

Obviously, closing deals in the pipeline is now the focus while continuing to build it to replace deals that are already closed or missed.

Comparing Identiv to its competitors

As referred to in the conference call, Hart believes company is substantially undervalued in comparison to competitors. So, let's take a look at a couple of these companies and the valuations compared with Identiv's.

Ticker

Name

3Q Revenue

3Q Ebitda

Cash

2014 Sales Guidance

Market Cap

INVE

Identiv

$22.7M

$1M

$41M

$80-$90M

95 Million

 

 

 

 

 

 

 

IMPR

Imprivata

$25.3M

-$2.8M

$78M

$94-$95M

345 Million

CYBR

CyberArc

$28M

$7.7M

$169M

$92.7-$93.7M

1.3 Billion

As shown, the third quarter for Identiv produced sales of $22.7M with a positive EBITDA (earnings before interest, taxes, depreciation and amortization) of about $1M. Year to date, the company reported $61.8M in revenue.

One of Identiv's competitors is Imprivata (IMPR), a leading provider of authentication and access management solutions for the healthcare industry. For the full-year, Imprivata expects revenue between $94-$95M and adjusted EBITDA to be a loss of $14-13M.

Although the Imprivata has a higher cash reserve and a little bit higher revenue guidance for full year 2014, Identiv has a considerable edge regarding profitability and differentiation of customers. Imprivata mainly focuses on healthcare solutions while Identiv is well rounded in terms of customer mix. A more diverse customer mix should result in stronger growth for Identiv over Imprivata.

Another competitor is Cyber-Arc (CYBR), a company that recently reported $28M in third quarter revenue. $4.8M of that was a result of deferred revenue from previous quarters. Cyber-Arc recently had an IPO which created a lot of buzz for the company. Having successful banks such as JP Morgan and Deutsche Bank (NYSE:DB) behind the IPO and providing analysis on the quarterly calls helps a great deal.

One key that has helped Cyber-Ark achieve such strong profitability is in the area of maintenance after initial install. This is a key for residual revenue along with the fact that it is generally very profitable. Additionally, companies buying Cyber-Ark products appreciate that they know exactly what will be spent and can accurately budget that amount.

Regardless if any problems come up, companies pay the same flat rate while it's nice profit for the providers -- a win-win scenario.

Identiv has a similar opportunity creating repeatable revenue via its Razor model approach. Another good thing about maintenance contracts is it gives you a much better ability to project a company's repeatable revenue for the future. Organizations selling large volumes of maintenance are attractive in the area of acquisitions because of guaranteed future income streams.

Clearly, Cyber-Ark has a nice business model to produce very high profitability. However, with the yearly revenue guidance in line with what Identiv will produce, the disparity in valuation is absurd.

In the near future, we think Identiv's management will change this disparity with the new directives regarding investment relations mentioned in the quarterly call. A healthy investor relations department is an imperative stock price driver. We have talked in depth with Jason Hart about this matter and he agrees that the time has come for Identiv to take stronger action in this area.

Conclusion and forward guidance

For the year 2015, the guidance is for a minimum of 20% growth. This is the budgeted amount although we think they can do better considering the new management has been very cautious with guidance. Hart did say factually that Identiv will see revenue grow next year based on interest the company is getting.

All of the breaches in the news have raised awareness for strong post-password authentication. In addition to all of the industries focused on so far, law enforcement initiatives promote the need for accessing confidential data as there are more attacks on personal information. According to Hart via the Q3 earnings call, the company has seen new customer wins in this area, as it's a worldwide issue which translates to global opportunities.

The turnkey approach makes Identiv unique and gives the company an edge over many competitors.

With the company share buyback program, it has consciously looked to stabilize the stock. Now that the quarterly report has been made public, insider knowledge is behind the CEO and CFO. Therefore, the company said it will instruct its brokers to continue the buy back strategy at the appropriate times.

With the restructuring largely in the rear view mirror for the company, Hart stated,

Now that the simplification strategy is mostly behind us along with working around the clock to drive growth and fine tune our products, you should expect us to outpace the industry growth through 2015.

Cyber security is a growing concern. As we demonstrate at the beginning of this write-up, various large and well-known companies have had several major security breaches over the last year or so.

The new management team at Identiv led by Jason Hart is taking the right approach. Investors have been a bit frustrated with the Identiv share price performance lately. However, we strongly feel that the tide is turning here as the company is in a much stronger position to tell its story (which Hart guided Identiv will) which should attract more institutions and a stronger investor base.

We think Identiv is grossly undervalued here with a current market cap coming in just under $100M. We feel the main reason that the company is undervalued is due to its lack of press releases that detail its overall story and new deals it has won. Simply stated, not enough people know about Identiv and its current and future fundamentals.

Over the last year, the company did not have the proper leverage to insert clauses in its deals to allow it to press release deals with larger companies.

But, as Hart mentioned in the Q3 earnings call, this has now changed so we expect press releases for at least the two significant deals to be forthcoming. Undoubtedly, we see this development as a strong price per share driver moving forward.

Additionally, we expect its deal with Verizon to bring in substantially increased revenues over the next few quarters as it takes the Identiv product global.

We believe Identiv should be trading at a much higher valuation now as demonstrated when comparing it to industry peers. Based on our comparison, a $300M valuation (around $26 a share) would fairly price Identiv. This would represent roughly three times the current price. This puts our valuation mostly in line with the Cowen and Company analyst, who has assigned a $24 one year price target on the company.

Identiv offers physical access solutions as well as solutions for near field communications (NFC), both which are also gaining traction. In our next write-up on Identiv, we will cover both of these.

 

Disclosure: I am long INVE.

How did you like this article? Let us know so we can better customize your reading experience.

Comments

Leave a comment to automatically be entered into our contest to win a free Echo Show.
Or Sign in with
John Fitch 10 years ago Member's comment

Interesting read! What would happen if you lose your card or forget your pub key? I used Google 2FA and when I lost my phone it was a pain to try and get back my codes because for some reason my cell phone provider was having issues supplying me with a SIM card with the same exact number as my previous device. Sometimes added security comes at a cost of greater annoyances, but for things like financial data it's worth taking the extra step.

Kevin Xcintrik 10 years ago Member's comment

The main auth is a certificate auth via a CA(certificate authority). A IT department could backup your key but that wouldn't make sense for security. Ideally you would have them generate a new certificate to put on your new card for you. At the same time they would revoke your previous certificate at the CA as someone could have it.

Scott Matusow 10 years ago Contributor's comment

it's on Identiv servers, and can be retrieved in a matter of minutes

Mike Nolan 10 years ago Member's comment

"Thankfully, it appears the cyber thieves in this case have been using the information to buy small insignificant everyday items such as beverages and meals at McDonald's, so it's likely the thieves in this case were just a bunch of bored kids..."

Or, more likely they are professional thieves who start out with minor charges to see if the card holders are observant enough to catch them. If not, they are emboldened to start spending them more freely - a common tactic.

John Fitch 10 years ago Member's comment

Interesting point Mike, and one that did not occur to me. It does seem unlikely that a hack of this magnitude could have been orchestrated by a bunch of "bored kids." It would take expertise and experience to pull off.

Scott Matusow 10 years ago Contributor's comment

Nope, it's actually very easy to pull off with simple scripts. This is the major problem we are facing -- the ease of doing it. Do some more research on the Target and Home Depot breach and you will see that what I am saying is accurate!

Scott Matusow 10 years ago Contributor's comment

your comment does not make much sense to me. The thieves knew from the get go their actions were exposed, so did the card companies, Any charges would be refunded immediately, so in this case, it was not on the consumer. Therefore, we stand by our view that the thieves were likely high tech script type kiddies who found a weakness in the network to exploit.

John Fitch 10 years ago Member's comment

I actually did some more research as you suggested and what I found were multiple accounts of people being impressed with the complexity of the hacks. For example, Time Erlin, a director of IT security and risk strategy: "the thing that strikes me is the level of organization, the level of planning." Highly unlikely to just be a bunch of kids. Also found that the card information was being sold underground up to a million at a time for up to $100 a piece. Not exactly McDonald's money..

Scott Matusow 10 years ago Contributor's comment

Our point is that one day, if companies do not switch to the type of tech Identiv offers, we will likely see cyber terrorism, in which not only will info be stolen, but entire financial systems could become shut down.

Joe Black 10 years ago Member's comment

Great article, Identiv is looking good to me.