Endpoint
8/30/2010
11:57 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

CA To Acquire Authentication Vendor Arcot Systems Inc.

Software giant will pay $200 million for emerging security tool vendor

CA Technologies today announced it has signed a definitive agreement to acquire privately-held Arcot Systems, Inc., a leader in providing advanced authentication and fraud prevention solutions through on premises software or cloud services, in an all-cash transaction valued at $200 million.

The acquisition of Arcot adds visionary technology for fraud prevention and advanced authentication to CA Technologies leading Identity and Access Management (IAM) offerings.

Arcot’s solutions – delivered as cloud services or deployed on premises – help prevent fraudulent transactions for about one million online credit card transactions each day. In addition, by combining Arcot’s technology with CA Technologies market-leading CA SiteMinder portfolio, the company will provide advanced capabilities to help customers further reduce risk, support regulatory compliance and confidently secure business transactions.

"Arcot brings to CA Technologies a strong business in fraud prevention and unique capabilities in advanced authentication using a software-only approach," said Dave Hansen, general manager for the Security business at CA Technologies. "This acquisition adds industry-leading technology that extends the breadth and depth of our strong IAM portfolio and gives our customers more first-class options for securing their Web-based business."

The acquisition builds on CA Technologies cloud security strategy, providing the on-ramp to accelerate its delivery of IAM solutions as a comprehensive service from the cloud. The CA Technologies cloud security strategy is a three-fold approach: enable organizations to extend existing on-premises IAM systems to support cloud applications and services; provide IAM technology to cloud providers to secure their services – whether public, private or hybrid; and enable IAM services from the cloud.

In addition to helping customers leverage the value of cloud computing, this acquisition is compelling from several market perspectives:

The Advanced Authentication market, a segment of the overall IAM sector, is expected to grow at low double digits over the next four years. The transaction is expected to drive new revenue streams for CA Technologies IAM business by growing Arcot’s eCommerce transaction business and growing sales to managed service providers that serve emerging enterprises.

The synergies and customer benefits gained by combining solutions from Arcot with leading IAM solutions from CA Technologies, open strong cross-sell opportunities into both companies’ existing customer bases, as well as opportunities for net new sales.

The acquisition fast-tracks CA Technologies IAM cloud service offering, with 120 million identities already verified using the Arcot technology today.

"Identity is a critical area for security whether you’re talking about in-house or the cloud, and with 120 million identities verified by our solutions today, we bring a strong, solid recurring revenue base as well as sources of new growth opportunities for CA Technologies," said Ram Varadarajan, president and CEO, Arcot Systems Inc. "Arcot’s strong established knowledge and expertise in core security and fraud prevention technology -- coupled with IAM solutions from CA Technologies -- will offer robust capabilities to our numerous shared customers, particularly in the financial industry."

Arcot’s business features a subscription-based model, with almost 90 percent of revenue recurring and nearly 100 percent customer retention rates. Arcot has been cash-flow positive since the second quarter of 2009, which ended June 30, 2009.

The all-cash transaction is expected to be dilutive in fiscal 2011 to CA Technologies GAAP earnings per share and slightly accretive to non-GAAP earnings per share. The transaction is expected to close by the end of CA Technologies second fiscal quarter, ending September 30, 2010, and is subject to certain regulatory approvals and customary closing conditions. Founded in 1997, Arcot is a recognized visionary in the Web fraud prevention sector. With 35 patents awarded and pending, Arcot co-invented with Visa the 3-D Secure protocol for online payment security.

Arcot’s operations and its approximately 165 employees will become part of the Security business at CA Technologies.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6856
Published: 2014-10-02
The AHRAH (aka com.vet2pet.aid219426) application 219426 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6857
Published: 2014-10-02
The Car Wallpapers HD (aka com.arab4x4.gallery.app) application 1.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6858
Published: 2014-10-02
The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6859
Published: 2014-10-02
The Daum Maps - Subway (aka net.daum.android.map) application 3.9.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6860
Published: 2014-10-02
The Trial Tracker (aka com.etcweb.android.trial_tracker) application 1.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Chris Hadnagy, who hosts the annual Social Engineering Capture the Flag Contest at DEF CON, will discuss the latest trends attackers are using.