What are some of the key trends in the digital security space?
Initially, there was the concept of two-factor authentication using OTP (one time password). However, with more and more countries like India now mandating the use of digital signature, we see this market evolving. A digital signature is an upper level of security compared to two-factor authentication and we are pushing our products facing the government mandates for the digital signature. As a matter of fact, many procurement officers in India are already using digital signatures.
At the same time, that there is a cloud wave arriving, pushed by more people accessing applications on their mobile devices. Most of these users will need OTP to connect to the VPN to access company data, most of them will require a digital signature with credentials integrated with their trusted ID in order to digitally sign or encrypt email.
In any case, digital signatures as of now are largely driven by the mandates. I feel, gradually, companies that have assets at stake (banks, insurance companies etc.) will start investing in such solutions proactively. For example, we are already working with a big insurance company. We help their agents across the world connect with the head office and get access to company data, for which they need digital signature, but now we are also proposing biometrics for them. As of today, we cannot say that large enterprises are aggressive on implementing digital signatures. However, the enterprises need to get into the green zone to get to the first step, for having digital signatures. For this, they must at least start thinking of OTP; digital signatures will happen gradually.
Which countries in APAC do you think have been proactive investors in digital security?
Countries like India, Vietnam, Singapore and Japan have been early adopters. I believe the rest of the region is still trying to understand and implement OTP. The good news is that there is greater awareness around relevance of authentication. At present, in India the government mandates are conducive to adoption of digital signature. We see an increasing number of new partners looking to train themselves on our products to provide solutions to the end users.
How important is India from the digital security perspective and what is your strategy for this market?
Gemalto has 83 offices and 13 research and development centers located in 43 cpuntries, including India. We even have a factory in the country. It will be difficult to comment on India contribution to our revenues.
All I can say is India as an important market, especially in the backdrop of the pace of proliferation of the two mega trends like BYOD (bring your own device) and cloud computing in this market. We feel the government mandates here are favorable to our growth. Even individuals are today using digital signatures to file their income tax returns.
Our solutions are customizable and they are compatible with various form factors depending on customer requirements, something which is a must-have in order to survive in a highly demanding market like India. At present, Gemalto has three distributors in India for its Identity and Access business unit – RAH Infotech, KDK Software and Agmatel. We are expanding our channel network by adding Tier 2 and 3 partners. We are also associated with large system integrators and evaluating ways of bundling our solutions with their offerings. Our business strategy is to align with distributors as we are not into direct billing.
Though India is believed to be a price sensitive market, for us, pricing hasn’t been a constraint. The initial challenge in the country was to get the right partners. With years of experience in banking and telecom space, we understand security very well. Over the last three years, we have delivered around eight lakh PKI (public key infrastructure) devices in India. These include different form factors such as corporate badges for enterprises, PKI tokens for certification authorities, banks and government bodies.
What technological innovations can we expect in the identity and access space?
With BYOD, CIOs face the challenge of authenticating employee owned devices in the organizations’ premises. We are working on embedding secure elements in phones and tablets that will contain credentials such that the phone will become the authenticating device. We are also working on integrating biometrics on the chip. We believe the market will be concentrated on tablets and the phone. mobility and cloud.