Symantec To Acquire VeriSign Security For $1.28B


Symantec Wednesday said it signed a deal to acquire VeriSign's Identity and Authentication Business, including its Secure Socket Layer Certificate Services, for $1.28 billion in cash.

Altogether, the Symantec-VeriSign deal will give the security giant VeriSign's SSL Certificate Services, Public Key Infrastructure, VeriSign Trust Services and VeriSign Identity Protection Authentication Service.

Under the terms of the agreement, Symantec will acquire specific VeriSign assets, including the majority stake in VeriSign Japan, for $1.28 billion in cash, but could be subject to customary closing conditions such as regulatory approvals. The deal is expected to close some time during the September quarter.

VeriSign executives said that the deal "marked a milestone in the company's history," while hinting at the ongoing trend of market consolidation that made it challenging for standalone products to experience market growth.

"The security industry is consolidating, and customers benefit when authentication services are part of a broader offering, which means our SSL, PKI and VIP products would best be integrated with other security services and applications. Symantec has a broad suite of market-leading security offerings and a robust distribution network that is a natural fit for our authentication products," said Jim Bidzos, VeriSign executive chairman, during a conference call. "In light of these considerations, we believe the sale of the authentication business to Symantec is the right thing for our employees, our customers and our shareholders."

The acquisition aligns with Symantec's stated vision to further delve ito areas such as identity security, mobile security, information protection, context and relevance, and cloud security.

Symantec executives contend that the deal will enable users to have simple and secure access to their information from anywhere, with a way to provide businesses the means of incorporating identity and authentication security into a the fabric of IT infrastructure. Technology from the acquisition will also allow organizations to feel safer when adopting new computing models, applications and resources, including cloud computing, social networking and mobile computing, executives said.

“With the anonymity of the Internet and the evolving threat landscape, people and organizations are struggling to maintain confidence in the security of their interactions, information and identities online. At the same time, people’s personal and professional lives have converged and they want to use their various digital devices to access information wherever they are without jeopardizing their privacy,” said Symantec CEO Enrique Salem in a statement. “We believe the solution to this dilemma lies in the ubiquity of identity-based security."

Salem added that the products and reach of the combined Symantec/VeriSign would position the company to "drive the adoption of identity security" as well as "prevent identity fraud and to make online experiences more user-friendly and hassle-free.”

Down the road, VeriSign's SSL Certificate Services and other authentication technologies will be combined with Symantec's existing security products, such as Symantec Critical System Protection or Protection Suite for Servers, in an effort to further secure customer's Web servers, and provide added trust during financial and other sensitive transactions, executives said.

In addition, Symantec has tentative plans to combine the information classification capabilities in its Data Loss Prevention solutions and Data Insight products along with VeriSign’s identity security services, which will help ensure that only authorized users have access to specific information.

Symantec also has plans to incorporate user certificates into its Norton-branded consumer products, creating a new consumer business that allows users to easily create secure identities that can be authenticated when they do business online.

Executives said that VeriSign's authentication and identity management technologies could also be applied to the growing number of consumer devices, as more mobile and remote workers rely on their own devices in the workplace.

VeriSign is renowned for its SSL Certificate Services, which provide a trusted mark of authentication for Web sites that users visit. The VeriSign check mark indicates that the Web site is legitimate and ensures users that financial transactions are encrypted and secure.

The company claims that more than a million Web servers use VeriSign certificates while it processes more than two billion certificate checks daily.

Meanwhile, security experts say that unlike other smaller, high-dollar purchases Symantec has previously made, the VeriSign acquisition won't likely yield excessively high revenue growth.

"VeriSign spent the last two years divesting non-core businesses to focus on its identity and authentication businesses," said Allan Krans, senior analyst for Technology Business Research, in an e-mail. "VeriSign’s revenue growth averages in the single digits, and with a large revenue base it will be difficult to consistently grow double-digits even after joining Symantec."

However, VeriSign will likely bring significant operating profit to the security giant, Krans said, in light of the fact that it has maintained more than 30 percent operating margins. "VeriSign’s margin profile is well matched to Symantec’s Security and Compliance segment, which consistently reports operating margins in the 20 percent to 30 percent range. Symantec is buying value, both in VeriSign’s strong security brand and margin profile," he added.