Symantec’s decision to buy the authentication and identity business of Internet infrastructure provider Verisign is “a bad idea”, according to John Pescatore, a fellow at analyst company Gartner.
The acquired business sells SSL security certificates to web site operators. Symantec hopes that it will be able to use this channel to sell its other security products, Pescatore said today. “We don’t think that will work,” he added.
The cost of SSL certificates is such that it is not a major purchasing decision, Pescatore argued, so leveraging the customer relationship will be difficult. “Selling copier paper doesn’t help you sell copiers,” he explained.
He added that both revenues and profit margins at Verisign’s SSL business have been shrinking of late. “Symantec is buying $400 million in annual revenue for $1.3 billion.”
After Symantec’s recent acquisition of PGP Corporation, an encryption provider that owns a small SSL certification business, Gartner had warned that investing in such a highly-commoditised business would be a distraction for the company. “Unfortunately, Symantec were seduced by the revenue,” Pescatore said today.
Symantec’s official justification for the deal is that it will help businesses and consumers use the Internet more securely.
“With the combined products and reach from Symantec and VeriSign, we are poised to drive the adoption of identity security as the means to provide simple and secure access to anything from anywhere, to prevent identity fraud and to make online experiences more user-friendly and hassle-free,” said president and CEO Enrique Salem in a statement.
According to Pescatore, however, there is little scope for a meaningful integration of the two companies’ technology. “A security certificate is like a license plate on your car,” he said. “You screw it on but there’s no integration with the rest of the vehicle.”
Instead, he predicted that Verisign’s SSL business will operate under Symantec as though it were a separate company. This has been the pattern for many of the company’s previous acquisitions, he said, most notably its $13.5 billion merger with storage technology provider Veritas in 2004.
“The initial claims that [then-CEO] John Thomson made – that security and storage management were essentially the same thing – have proven totally false. But they operate [Veritas] as though it was separate business now, and they seem to be running it pretty well.”
Earlier this month, the company revealed that revenue for its 2010 financial year was $5.99 billion, down 3% from the previous year. Its net income for the year was $714 million compared to a $6.8 billion loss in 2009, caused by a negative reassessment of the worth of various acquisitions, including that of Veritas.