Technology
Internet Security
(OTC: VLDI)

Validian Corporation

30 Metcalfe Street – Ste. 620
Ottawa, ON, Canada K1P 5L4
Phone: 416-368-3332



Dr. Andre Maisonneuve
Chairman and
Chief Executive Officer

Interview conducted by:
Lynn Fosse
Editor

CEOCFOinterviews.com
May 2003

BIO:
Dr. André Maisonneuve brings to Validian over 30 years experience in the high-technology sector. He successfully managed private and public corporations involved in high technology in which access to financial sources and the establishment of new markets were essential components. He founded and managed a successful, international information-technology and management-consulting company with customers in 14 countries and links with the major international development banks. He managed a defense-electronics company selling core technology and products to the U.S. Navy and large defense contractors such as Marconi Aerospace, Teledyne Technologies and Ericsson. While at ACDS, he was instrumental in implementing an international distribution network for a publicly held spatial-database company, where customers included EDS, Atlanta Gas and IBM. He has a Ph.D. in Engineering and is a graduate of Harvard Graduate Business School.

Company Profile:
Validian has developed an Application Security Infrastructure (ASI), a comprehensive integrated infrastructure for securing distributed applications and Web services.   Based on open standards and a distributed architecture, ASI delivers a security level comparable to that of more expensive and complex PKI or VPN solutions, but with the ease of use, low cost and dynamic scalability of SSL. 

Enterprises are increasingly reliant on distributed, web-based applications and services to collaborate with customers, suppliers and employees.  Tightly securing these transactions has been effectively out of reach to all but the largest organizations.  Validian's ASI enables organizations of all sizes to secure new or existing applications and web services in a matter of weeks - without requiring them to become security experts.

ASI is light and specifically designed to provide true application-level security and data transport between distributed applications in dynamic environments. It automatically manages all critical security functions, including authentication, encryption, key generation and distribution, addressing and data transport.  ASI is completely network independent, supporting most major platforms, network architectures, transport protocols and development environments.   Data is encrypted and decrypted within each application, so information is protected at all times, even as it travels over the local network segment.  ASI is a software-only solution, easy to install, manage and use. It can be linked to any application, regardless of the source language, and uses industry standard encryption algorithms for truly dynamic end-to-end application security. 

Validian's ASI Software Development Kit allows rapid integration of applications into the ASI infrastructure through a process similar to generating a socket call in other communication environments. The SDK is standards-based and developers who use it do not have to learn the various transport and security products or mechanisms to implement security on distributed applications. This lowers the cost of integration and the total cost of ownership as compared to other solutions.

ASI provides security and speed to real time exchanges, privilege management functions and collaborative processing applications, which will immediately benefit applications such as e-commerce, e-banking, e-health, supply chain management, electronic bill presentment and payment, and secure individual electronic exchange of messages and files.

CEOCFOinterviews: Dr. Maisonneuve, why the name change to Validian?

Dr. Maisonneuve: “The old name was hard to spell, difficult to pronounce, and it didn't actually communicate anything.  Validian is much more meaningful given our focus and technology.   Fewer spelling errors too.”

CEOCFOinterviews: Will you give us an overview of the company?

Dr. Maisonneuve: “We're an early stage network data security company and we'll be launching in few weeks in San Francisco. We have offices in the United States, Canada, and Europe and our shares are quoted over the bulletin board in the U.S. The symbol is 'VLDI'.

We began developing our technology in 1999.  Our goal was to design network data security products that are easy to install, easy to use, and cost effective for the customer.  Out of that effort came Validian's ASI - our application security infrastructure - which secures and transports data in distributed applications and Web services environments.  It gives our customers the same level of security found in complex and expensive PKI solutions but with the ease of use of SSL, and allows companies who couldn't previously afford to implement strong security to do so.

The current business world is moving toward decentralization, dynamic organizations, new partners, new customers and people working from anywhere and everywhere. Other solutions make it much more complex than it needs to be -- especially in environments where partners and customers are constantly changing."

CEOCFOinterviews: What do you do differently that makes your product simpler and less expensive?

Dr. Maisonneuve: “The main thing that we do different from other solutions is to separate identity and transport.  Current solutions tie identity and location together very tightly, but once people, partners or applications start moving around, it becomes really difficult to manage the changes.  With our solution, once identity is established, communications are made point-to-point instead of going through central servers.  Simpler, more efficient, easier to deploy and operate, and in the end, it costs less.”

CEOCFOinterviews: Are there particular industries or types of companies that you are going to be targeting first?

Dr. Maisonneuve: “We're a really good fit for industries which require information shared between applications to be secure, and have users, partners, customers, vendors, or applications distributed across different networks, linked via the Internet.  One example would be manufacturing companies who run supply chain management systems; they have an ever-changing group of suppliers they must connect with, each of whom must connect with others as well.  Another example would be in financial services, where protected transactions must take place between banks, customers, and other institutions.   Healthcare organizations fall under federal privacy regulations requiring all patient data to be secure. But hospitals must communicate with insurance providers, pharmacies and other entities. The information must be protected from end to end.

Another segment includes companies deploying Web services initiatives, typically linking back-end applications and systems across the Net using Web standards. Many of these communications require transport, routing, and security, all of which we can deliver.”

CEOCFOinterviews: How will you reach your customers?

Dr. Maisonneuve: “We plan to sell through independent software vendors, who already have established relationships and are actively looking for solutions to their customers' problems.   Because of the high cost of implementation and ongoing maintenance that come with other security solutions, many of their customers haven't been able to afford application data sharing or Web services initiatives.

Because we have a far lower TCO, it opens up new market opportunities for the ISVs by simply linking their current applications to our application security infrastructure.  We have tested this with a number of ISVs, and the response has been very positive because they see that they can increase revenue or add a new product line with little added cost.”

CEOCFOinterviews: There are so many new products and ideas out there, how do you get yours noticed enough to make a difference?

Dr. Maisonneuve: “The best technology does not always do best in the marketplace. We realize that we need to have a very significant marketing push, focused on ISVs and our target verticals; supply chain management, financial services and healthcare.

We will also focus also Web services, an area in which the security issues have not really been solved. Everybody has the problem and very few have had a solution until now. We supply a very specific solution that is easy to implement and fits within the product set of the software vendors we've been talking to.”

CEOCFOinterviews: Will you tell us about the financial condition of Validian?

Dr. Maisonneuve: “Our funding is provided by international financing institutions and individuals, and the budget is tightly managed on a multi-annual basis. The operating capital is provided on a monthly basis in accordance with the budget. So far, our investors have put in over 6 million dollars.  Our current burn rate of about 150k per month, which should increase as marketing kicks in. This financing is organized by a very serious venture capital firm that has worked very successfully with these partners, managing over one billion dollars since starting operation in 1989.  It is a unique model and it is working very well for us.”

CEOCFOinterviews: As you start to sell your product, what will the revenue model be like?

Dr. Maisonneuve: “Our revenue model is to sell through to the customers, and to organize groups of suppliers or participants within the customer environment. We sell the software to organize and manage a domain, and the cost of that will range from $50K for small customers to hundreds of thousands of dollars for a larger one. There is a revenue stream that is attached to the usage of the domain controller. The client side is free for individual clients or corporations who want to participate in the domain of our customer.”

CEOCFOinterviews: Is there a timetable in place for you?

Dr. Maisonneuve: “We have a business timetable which we're executing on now; focusing on ISVs first, because we can improve their margin and open up new markets for them. Our second target will be the value added reseller, similar to what we're doing with ISVs but for different market environments.

In terms of the product timetable, our infrastructure is available now and has been in operation for a year in the U.S., Europe and Asia. We have a software development kit that can link existing applications to the application security infrastructure, and we'll release an application gateway that will do the same thing for Legacy applications.

We'll have a product to secure web services and we'll also offer a secure web browser to link to any web server application at the same time. Plus we'll have a shareware version of an instant messaging system, which will allow individuals to send and receive secure instant messages and files.”

CEOCFOinterviews: Is this proprietary technology that you have?

Mr. Maisonneuve: “There is little proprietary technology per se. We have intellectual property, which we are very proud of, but it's been developed using standard tools. We use industry standard encryption algorithms, for example.  In security, it's much better to use technologies based on open standards that have been tested by tens of thousands of people than to 'invent' something proprietary.

Our intellectual property lies in the mechanism, the way we implement standards in our unique distributed architecture for securing and transporting the data.  Other security products focus on securing the data but don't transport it, so they have to rely on something else to transport it. We have integrated security and transport into a single architecture. We have also developed a unique advertising and directory scheme, which separates the logical operation of an application from the physical address of the computer where these applications reside. This is a very important aspect of the application security structure, separating the authentication process from the communication itself.  It allows for a wonderful simplicity.   Finally, we have developed an innovative way to exchange encryption keys.  We use industry standards, but our implementation has a twist.”

CEOCFOinterviews: What are the biggest challenges that you face and how are you ready?

Dr. Maisonneuve: “The most immediate challenge we face now that we're launching the product is to sign on the first paying customers and software vendors. To that end, we've retained the services of innovative marketing and public relations firms to help. We would like to see customers past the deployment stage by the end of summer who will say nice things about us.”

CEOCFOinterviews: What is involved with a company when they want to implement a system?

Dr. Maisonneuve: “A typical PKI (public key infrastructure) deployment would take six months to a year and a half to deploy at a cost of 500k and up. 

A typical ASI deployment should take a month at most and cost far less.  There are two steps to our implementations; first is to build out the infrastructure itself, second is to build connectivity into the partners or distributed applications through the use of the SDK or a plug-in.  Everything else, authentication, encryption, data exchange, etc. are handled automatically by the ASI.   We are talking about a light implementation process, which is very efficient. It is not months and months of testing. All the communication and security has been tested and is delivered as-is. Them implementation is very simple compared to other mechanisms.”

CEOCFOinterviews: What would you like to say to shareholders and potential investors?

Dr. Maisonneuve: “What potential investors should know is that we came in with a number of good ideas, but we don’t revolutionize the market. We just insert our technology within the existing environment in order to extend it -- people that have invested in setting up networks don’t have to change anything. We really leverage three things. First, most computers are connected to the Internet, so you don’t need to design new communication networks to make connections.  Most of the large corporations, even medium sized corporations, have made significant investment in their networking infrastructure. They want to access security from any computer anywhere. The network manager doesn’t want to reinvest anywhere, he just wants to link.

The second point the investor must realize is that the issue of security in communication is a big issue. Every day there are articles in the newspaper talking about this was breeched and that was breeched, obviously it is not a totally solved problem, so nobody owns the market at this point. The probability of us with a good offering, making an attempt at that market, is good, and it is good for the investor and means higher return.

The third fact that investors must realize is this is software. We are a software-only solution and the margins in software are significant. In addition, the team of managers that have been put to work for Validian, have already delivered in the field of software and high-tech. We know how to proceed; we have been successful and we are doing the same thing once again. They are joining a strong financial team. This company will not be let down. The current investors have been with us for almost four years, and they will keep on supporting the company.”

CEOCFOinterviews: What would you like to say in closing?

Dr. Maisonneuve: “We will be launching in San Francisco in a few weeks, we have just celebrated the first full-year of pilot projects in the U.S., Canada, Asia, and Europe, and we look forward to the challenges ahead.”

disclaimers

© CEOCFOinterviews.com – Any reproduction or further distribution of this article without the express written consent of CEOCFOinterviews.com is prohibited.