Feeds

AuthenTec sells out to Apple to the sound of 1,000 lawsuits

Directors hounded for not hawking the business to Samsung

The Power of One eBook: Top reasons to choose HP BladeSystem

The $356m purchase of AuthenTec by Apple has not been universally welcomed. Not only are analysts and potential rivals trying to piece together the logic of the deal, but investors and, more importantly, class actions lawyers, are trying to work out if the 60 per cent trading premium that the deal is set at, was sufficiently high.

There is a thought out there that since AuthenTec had just concluded a deal with Samsung, its directors had the fiduciary duty when approached by Apple to at least ask Samsung if it wanted to counter-bid. We cannot go along with that thinking. When a board is approached with an outstanding offer compared with its current share value, it has every right to take the money and commit the company to a merger. However what these complaints might make possible is the extension of the time period over which the deal will move to completion, and that MAY give AuthenTec time to at least talk to Samsung.

Of course the whole point of agreeing cancellation fees (there are two way cancellation fees in here valued at $20m from Apple and $10.95m the other way) is so that the target company cannot go and talk to someone else and ramp the price, and so that the buyer cannot walk away, having shown an acceptable bid valuation to the world.

Since AuthenTec is a company that only has $18m in the bank, it had better have a very good reason to change its mind and fail to sell to Apple, and lose that cash. And anyway it has a customary "no-shop" restriction placed on its ability to solicit alternative proposals from third parties or to enter any kind of discussion. This has to be subject to some exceptions, such as when another company approaches it, it must have something to say.

But we expect that whatever comes of these legal moves, the deal is more or less done and Apple will get the spoils, even if anyone gets shareholders a little more cash. So why does it want AuthenTec? Most analysts in this area cannot see the wood for the trees. The first thing they do is look up what this company does. The bulk of its revenues comes from fingerprint recognition systems and it has genuine IPR here. It is a decent market leader in this nascent field, and most people assume that Apple will use this technology for one of two things, to secure iOS devices on a fingerprint, for either enterprise apps or to introduce it for mobile payments.

The myth of fingerprints

We tend to think this is pie in the sky. You cannot dominate the global banking community and introduce authentication technology which they have yet to approve of, no matter how ground breaking. Apple already has patents on accessing devices using unique gestures and these have already all been copied by rivals.

On the enterprise front there may be applications where this could be used, but to put this in perspective, right now AuthenTec has only quarterly revenues just over $10m in fingerprint recognition. These revenues are going down, or are at best flat, and the company has recently reduced its R&D in this area marginally. So what else could Apple be after?

Well there are two other security businesses that AuthenTec is present in, using software protection for DRM systems, so that you can have an (arguably) secure downloadable DRM, and a silicon based embedded execution area for encryption – a set of cores that can be used to securely process decryption on-chip, which any security software layer could benefit from. Samsung has recently taken this to underpin a VPN, but it might just as easily be used to underpin a DRM system for video delivery.

HD video on tablet

Now one of the debates that has been raging around the most recently launched iPad is the ability of its screen to handle HD video content. Hollywood has vacillated between banning premium HD video from portable devices and allowing it. The best solution has seemed to be to downgrade the resolution on this video for tablets. Many content owners allow video which is premium paid video, such as pay TV, to be delivered over IP in parallel with its TV delivery, to tablets, but at a lower resolution, while some ban it altogether.

But blocking HD content to a tablet is a lottery – your rival may get many more viewers by NOT banning it, because tablets of all types are taking off. The problem has been the software only nature of the security and only two solutions have emerged which really offer any comfort at all, one from Arxan, which AuthenTec uses, and one from Irdeto called Active Cloak for Media, and both use a form of white box encryption, as well as object code obfuscation and multiple frequent authentications between system components.

These two systems are dominant but slightly different, and regardless what both companies say about how secure they are, they are not secure enough to entrust Premium paid HD content to, where it has not yet been widely pirated. One security analyst told us that if smart cards were a 9 out of 10 in security terms, these software only systems were a two and a half.

The most secure approach is putting a secure set of decryption processing cores – complete with a hardware enforced firewall and separate processing elements for decrypting keys, on the processing chip. The problem here is that although AuthenTec offers its DRM Fusion product as a secure software only, downloadable DRM, the underlying security technology belongs to Arxan, and so it has no real IPR to offer Apple, which is what leads us to believe that this is not the reason for Apple‘s interest.

AuthenTec has made a number of strides here and signed some new customers recently, but while many of the App Store video apps are based on either the Arxan or AuthenTec implementations, Apple should have been buying Arxan if it wanted to control this process. This brings us to AuthenTec‘s third security business, based on its SafeXcel IP chip cores. AuthenTec acquired this technology from SafeNet two years ago along with its DRM Fusion product and since it did so it has been investing more R&D in this than any other part of its product portfolio, doubling it each year so far.

Designing a Defense for Mobile Applications

Next page: Luring in the devs

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.