Wave Systems Corp. (fka WAVXQ)

[Tsunami07]

Reality Check: M2M: Driving exponential growth in connections

"There will be 50 billion connections by 2020"

"The number of machines communicating with each other wirelessly will soon dwarf the number of people connected via mobile devices"

October 5 2010

http://www.rcrwireless.com/article/20101005/REALITY_CHECK/101009980/reality-check-m2m-driving-exponential-growth-in-connections

Editor's Note: Welcome to our weekly Reality Check column. We've gathered a group of visionaries and veterans in the mobile industry to give their insights into the marketplace.

Over the past year, the wireless industry has given a lot more attention to connecting “things.” The number of machines communicating with each other wirelessly will soon dwarf the number of people connected via mobile devices. This next big thing in information technology has been clearly defined as machine-to-machine communications, or M2M.

The nature of personal communication has changed dramatically in the past few years. Instead of placing quick phone calls, users tend to send text messages via instant message or a text message. M2M solutions have long specialized in this kind of communication. The devices that have traditionally taken advantage of 2G and 3G cellular networks have done so with short-bursts of data, such as weekly power meter readings or hourly position-location pings from a fleet of freight trucks.

Now we're seeing a new wave of “connections,” where the lines between personal and machine communications are blurring. E-readers, music players and even washing machines are examples of consumer devices that are being equipped with 3G capabilities to connect to the web and interact with other machines.

Some of these devices emit short data transmissions, some download larger files and others remain “always on,” constantly communicating with the network. From that perspective, the average utility meter, e-reader or garbage truck could be categorized as an M2M device. These machines are constantly signaling the cellular network, checking for updates to download or upload files, books and location information, for example.

M2M has specific needs

In general, we think of M2M as any device that uses electricity and communicates with another device: quite literally, machines talking to machines without a person actively creating that connection. There are a few requirements for M2M communications that set it apart from personal and other types of communication.

First is duration of use, or the lifetime of the device. Whereas the average consumer has grown accustomed to a new phone every year or two, the majority of M2M devices serving vertical industries such as energy, healthcare and fleet management require a longevity that could extend beyond 10 years.

System integrators and enterprise customers don't want to replace their M2M modules or devices unless it's absolutely necessary. For example, trucks with 3G-connected telematics devices or smart utility meters are expected to function at the same level for many years without needing replacement. Consequently, 2G and 3G-enabled M2M devices that are already installed will remain connected to their networks for a very long time

Several M2M-reliant industries, such as fleet management and asset tracking, also require ubiquitous coverage throughout a country or region. Whereas people are accustomed to the occasional dropped call or loss of service, many vital industries such as healthcare require security, location accuracy and network reliability to ensure quality of service. While 2G and 3G networks in many regions around the world already have nationwide coverage, it will take 4G networks several years to attain the same reach and reliability.

Most M2M applications require a relatively low amount of bandwidth. In many instances the network capacity and speeds offered by GPRS and CDMA2000 1x are more than sufficient for M2M applications. Using lower-bandwidth technologies is also attractive because M2M device costs and total cost of network ownership are key factors driving the selection of mobile connection technologies.

M2M Module Price Comparison

Source: Harbor Research, Inc., September 2010

Harbor Research recently published the above chart showing that technology innovation, economies of scale and an increasing number of suppliers are dramatically reducing cellular M2M module prices.

M2M is counting on technology longevity

So what does all this mean? Clearly the number of connected devices is going to grow, and we've seen predictions, such as L.M. Ericsson Telephone Co.'s, that there will be 50 billion connections by 2020. These connections will utilize a broad range of fixed and wireless technologies, including cable, DSL, satellite, Bluetooth, Wi-Fi, 2G, 3G and 4G.

Strictly looking at cellular technologies, Harbor Research reports that the annual number of cellular M2M connections will grow to 161 million by the end of this year, and is projected to reach 390 million in 2014. While this number seems small in comparison to 50 billion, add wireless connectivity to any “thing” and the possibilities are limitless. Imagine a “smart grid” with virtually everything connected and communicating for optimal results: meters, appliances, autos, lighting fixtures, medical monitors, retail inventory, etc. Now imagine the benefits: greater productivity, energy conservation, remote access, reduced costs, enhanced healthcare and more.

This makes for bullish predictions regarding M2M, such as Strategy Analytics' expectation that the global mobile M2M market will reach $57 billion by 2014. 3G networks will support circuit-switched voice and mobile broadband services for many years to come, and M2M only strengthens the business case for continued investments in 3G technologies.

Many wireless operators and device manufacturers are embracing M2M as they seek new ways to add affordable wireless connectivity to a growing number of previously isolated machines. In addition to its sheer number of connections, M2M allows operators to more fully utilize their 3G network data capabilities, increase revenues and enjoy reduced churn rates.

Just as mobile phones revolutionized the way people connect with each other and use information, M2M has the potential to do the same for everything else around us. Ongoing investments in 3G networks, devices and services will open up new possibilities for innovation with machine-to-machine communications.

==============================================================

Machine-to-Machine (M2M) Communication Over "GPRS Networks"

http://whitepapers.techrepublic.com.com/abstract.aspx?docid=155033

Wireless Packet Data networks, such as GPRS, hold great promise for applications that rely on machine to machine (M2M) communication. Widespread availability and low price per Kilobyte are two key benefits of GPRS networks that make it an attractive technology to replace existing equipment or to deploy new wireless solutions.

=====================================================

Westpac orders 15,000 Hypercom terminals

"GPRS"

October 5, 2010

http://www.finextra.com/News/Announcement.aspx?pressreleaseid=35937

Hypercom Corporation today announced that Westpac Banking Corporation, one of Australia's largest financial services organizations by market capitalization, has ordered and will deploy 15,000 Hypercom Optimum countertop terminals to merchants in Australia.

The deployment places Westpac in a local market-leading position. No other Australian bank currently offers a terminal with mains power connectivity (ie: GPRS or Ethernet connectivity) without the added cost of a phone line. The new Westpac Hypercom product offering features include a terminal of this type, plus a mains-powered, phone line-connected countertop terminal and a battery-powered mobile terminal.

The multi-million dollar Westpac order is the first of several purchases and deployments planned under the terms of a five-year agreement between Westpac and Hypercom announced in November 2009. Additionally, Hypercom, through its wholly owned subsidiary ACG, has in the last two months started providing service and support to Westpac's entire installed base of more than 80,000 terminals.

"Westpac Banking Corporation is highly respected for its leadership, performance, innovation and unwavering singular focus on its customers. Their rollout of Optimum terminals represents a significant market share gain for Hypercom in Australia and New Zealand, considerably expands our footprint, and is a superb endorsement of our company and products," said Jacques-Herve Maupin, Managing Director, Hypercom Asia Pacific.

=====================================================

The TPM provides a hardware basis, usually through an application specific integrated circuit (ASIC), for protecting computers. The TPM’s capabilities include trusted cryptography, protected storage, integrity management, and attestation through natively supporting public key infrastructure (PKI) authentication.

=====================================================

PKI security for embedded systems

"Machine-to-Machine (M2M) authentication strategy based on PKI can form the backbone of a secure embedded system"

HISTORY: May 2010

http://embedded-computing.com/pki-security-embedded-systems

Public Key Infrastructure (PKI) isn’t just for enterprise applications – a Machine-to-Machine (M2M) authentication strategy based on PKI can form the backbone of a secure embedded system.

=====================================================

Wave's EMBASSY:

The company offers EMBedded Application Security System (EMBASSY) Trust Suite, a set of applications and services that are designed to bring functionality and user value to trusted platform module (TPM) enabled products. The EMBASSY Trust Suite includes the EMBASSY Security Center, Trusted Drive Manager, Private Information Manager, and Key Transfer Manager. It also offers middleware and tools, which include TCG enabled toolkit that assists application developers writing new applications or modifying existing ones; and Wave TCG-Enabled Cryptographic Service Provider, which allows software developers to utilize the security of a TCG standards-based platform. In addition, the company offers EMBASSY Trust Server Applications comprising EMBASSY Key Management Server, a server application designed to provide corporate-level backup and transition of the TPM keys; EMBASSY Authentication Server that provides centralized management, provisioning, and enforcement of multifactor domain access policies; and EMBASSY

Remote Administration Server, which provides centralized management and auditing of TPMs. Further, Wave Systems Corp. provides eSign Transaction Management Suite and broadband media distribution services. It sells its products to chip original equipment manufacturers (OEMs), PC OEMs, enterprise customers, and systems integrators.

=====================================================

VeriFone makes hostile bid for Hypercom

HISTORY:September 30, 2010

http://www.finextra.com/News/Fullstory.aspx?newsitemid=21844

VeriFone has launched a £337 million hostile bid for rival card terminal outfit Hypercom after seeing an initial friendly approach rebuffed.

VeriFone says its all-cash bid represents a 52% premium over Hypercom's closing share price on Thursday last week, prior to a share-for-share proposal presented to the Hypercom board on Friday.

Hypercom has vigorously rejected the bid, which it says singificantly undervalues the company. In a statements, the company says: "Hypercom believes that VeriFone's proposal is opportunistic and intended to disrupt its business, which has successfully taken market share from VeriFone in several markets."

Shares in Hypercom soared in after-hours trading, rising 45% to $6.12 as investors speculated that VeriFone's approach might draw out other bidders, including France's Ingenico which abandoned a $332 million Hypercom takeover attempt two years ago.

In a letter to the Hypercom board, VeriFone CEO Douglas Bergeron writes: "Consummation of the proposal would insulate your shareholders from the risk that Hypercom faces should it continue to experience disappointing financial and operating results in these challenging markets."

He goes on to say that VeriFone would be prepared to take "extraordinary steps" to win regulatory approval for the bid, including the sale of Hypercom's US terminal business.

If successful, the acquisition would give VeriFone an expanded footprint in Europe, where Hypercom currently commands a 23% market share.

However, Hypercom is preparing to mount a strong defence, noting that it expects to significantly exceed Wall Street securities analysts' consensus estimate of $112 million in net revenues for the third quarter, following strong sales in Asia and Europe.

"We believe that VeriFone's proposal is opportunistically timed to exploit our second quarter 2010 results which were affected by supply chain issues that have been resolved," says Philippe Tartavull, Hypercom's Chief Executive Officer and President. "Hypercom is currently experiencing the strongest growth in global order demand in recent years and we are focused on converting this demand into revenue in the second half of 2010."

The company says it is adopting a stockholder rights plan to fight off VeriFone and has hired UBS and DLA Piper as financial and legal advisors.

=====================================================

Hypercom and TeleCash roll out medHybrid payment and e-Health card terminal

HISTORY:September 30, 2010

http://silicontrust.wordpress.com/2010/09/30/hypercom-and-telecash-roll-out-medhybrid-payment-and-e-health-card-terminal/

Hypercom and TeleCash, a First Data Company and one of Germany’s leading network operators and electronic payment service providers, today announced that they have started marketing Hypercom’s medHybrid, the industry’s first multifunction healthcare and credit/debit card payment terminal. The high security medHybrid incorporates two card readers to process the German health insurance cards (KVK and eGK) as well as credit and debit card payments.

“The overwhelming majority of Germany’s doctors want to be able to accept electronic payments in their offices, and the medHybrid allows them to do just that. By introducing this multifunction terminal and teaming with TeleCash, Hypercom again solidifies its leadership as the only transaction solutions provider with a complete and futureproof family of high security data transaction products for Germany’s doctors, dentists, hospitals, pharmacies and other healthcare service providers,” said Peter Vesco, Managing Director, Hypercom Northern Europe. “Joining with TeleCash will help us get medHybrid into the field, expand our reach and build our marketshare.”

“By joining with Hypercom to market the medHybrid, we can offer doctors, hospitals and medical facilities a complete package for secure, flexible card processing that will benefit all,” said Joachim Hammer, Director of Program Management, TeleCash. “It’s important to have the most experienced and reliable partner at your side, and that’s why we have teamed with Hypercom.”

Hypercom’s medHybrid has received e-Health BCS (Basic Command Set) approval from Gematik, the German healthcare organization. It is approved as compliant with the current EMV POS terminal specification from the Central Credit Committee (Zentraler Kreditausschuss – ZKA) in Germany, and approved by BSI (the German Federal Agency for Security in Information Technology).

The medHybrid sets a new benchmark for health card devices. Featuring a large, high contrast, backlit display and embossed keys, it provides an intuitive and highly secure authentication system for patients and healthcare service providers. The device accepts magnetic and chip-based cards, allowing service providers to expedite transactions and reduce capital investment costs. It also features a serial data interface along with USB and LAN connectivity. Also, according to announcements of the healthcare self administration, doctors and hospitals will be reimbursed for their investment in e-Health BCS terminals.

=====================================================

US Department of Defence explores adoption of combined EMV payments and ID cards

"EMV-compliant"

HISTORY:September 28, 2010

http://www.finextra.com/News/Fullstory.aspx?newsitemid=21837

The US Department of Defence is considering adding EMV-compliant pre-paid payment capabilities to its chip-based ID card for military personnel and staff.

The DoD has issued a request for information on the possibility of adding payment functionality to the Common Access Card, which is issued to all military and reserve personnel, civilian employees, other non-DoD government employees, state employees of the National Guard, and contractors.

The RFI document says the Department is "exploring options to provide an end-to-end enterprise solution by adding electronic payment functionality to identity cards using commercially-adopted, standards-based systems to enable the CAC/PIV card to act as an open loop, pre-paid, payment card".

The document stresses the application of commonly applied business standards, to ensure maximum usability and create the conditions for a government-wide platform applicable to all publicly-issued ID cards.

Critically, "the payment solution must be EMV-compliant on both the contact and contactless interfaces and fully functional at all EMV point of sale terminals or ATMs world-wide, where EMV is adopted," the document states.

If the initiative gets off the ground, it could kick-start the uptake of EMV-based chip cards in the commercial and banking sector, which is lagging the rest of world in the move to more secure chip and PIN payment technology.

=====================================================

Hypercom and First Data Team to Step Up Payment Industry's Attack on Card Data Fraud

HISTORY:April 12, 2010

"FIPS 140-2 Level 3 and X509 compliant"

"eliminates the need for off-site secure room key injection by incorporating PKI (Public Key Infrastructure) to securely distribute symmetric 3DES keys"

First Data Approves Hypercom as an Encrypting Service Organization for Remote Key Injection

Hypercom and TASQ to Roll-out HyperSafe(R) Remote Key System

Industry Leaders to Boost Security for Merchants with TransArmor(TM) and HyperSafe

http://ir.hypercom.com/search.cfm?keyword=visa

SCOTTSDALE, Ariz., & ATLANTA, Apr 12, 2010 (BUSINESS WIRE) -- High security electronic payment and digital transactions solutions provider Hypercom Corporation and First Data Corporation, a global leader in electronic commerce and payment processing, today announced that First Data has approved Hypercom as an encrypting service organization for remote key injection and that Hypercom's HyperSafe(R) Remote Key System will be available through First Data's TASQ

Technology. The companies also announced that Hypercom is teaming with First Data to implement the First Data(R) TransArmorSM solution as a significant advance in the payment industry's attack on card data fraud.

Industry's Leading Standards-Based Remote Key Injection

Hypercom's Remote Key System (HRKS) is the industry's leading standards-based remote key injection product that allows retailers to quickly and securely initiate on-site, in-store payment terminal key injection at the point of sale. Available through First Data's TASQ Technology, the system offers a fast and highly secure alternative to the industry's traditional secure room key injection process.

HRKS eliminates the need for off-site secure room key injection by incorporating PKI (Public Key Infrastructure) to securely distribute symmetric 3DES keys. HRKS meets ANSI x9.24 and Visa PIN Security Guidelines for remote key management, and is

FIPS 140-2 Level 3 and X509 compliant.

=====================================================

AT&T, Verizon Bet on Embedded Devices

http://www.wirelessweek.com/Articles/2010/06/Carriers-Embedded-Devices-ATT-Verizon/

HISTORY: June 14, 2010

At a time when nine out of 10 Americans have a cell phone, the country's top two operators are getting creative about finding growth opportunities in an increasingly crowded wireless market.

AT&T and Verizon Wireless are betting heavily on embedded devices, from tried-and-true telematics solutions to wirelessly enabled dog collars. If their expectations hold true, the incremental revenue brought in by nontraditional cellular connections could be the next growth spurt for the wireless industry, helping to offset an inevitable slump in the rate of subscriber growth.

The head of AT&T's Emerging Device segment, Glenn Lurie, believes the addition of machine-to-machine (M2M) and wirelessly enabled devices could take the U.S. wireless penetration rate from about 90 percent to 500 percent. "There are a certain number of customers with a handset in their hand. This space is absolutely going to dwarf that," he says. "There are going to be a lot more connections and a lot more customers in the emerging device space than there are today in the current space of mobility."

=====================================================

Secure POS Vendor Alliance Releases End-to-End Encryption Framework

"Hypercom, Ingenico and VeriFone"

HISTORY:May 28, 2010

http://www.paymentsnews.com/2010/05/secure-pos-vendor-alliance-releases-end-to-end-encryption-framework.html

The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom, Ingenico and VeriFone has announced the release of its End-to-End Encryption Security Requirements related to payment card data in payment card reading devices. The paper is targeted to vendors of POS devices and is intended to help create "widespread understanding of payment security issues and the adoption of best practices."

"The SPVA's end-to-end security requirements guidelines set a baseline for the industry and represent the first step to further strengthen payment security standards globally," said T.K. Cheung, SPVA chairman and Hypercom vice president global quality & security. "We will be enhancing this guideline as the security environment evolves and will announce each update as it occurs."

Prepared by the association's End-to-End Encryption Technical Working Group, the newly released SPVA guideline allows companies to engage different solutions and select products that can be trusted and are secure. Key elements covered by the SPVA-approved standard include:

Data to be encrypted during transmission
Key management
Physical and logistical security of the Tamper-Resistant Security Module and key components
Encryption monitoring and management systems requirements
The SPVA defines end-to-end as: the transmission of cardholder data in an encrypted form, from its point of presentment, such that it prevents the data from being known in plain text until the point of decryption.

"SPVA does not endorse any specific vendor's solution, nor does it have any intention of supporting one solution over another," said Steven Hughes, SPVA president. "We recognize that end-to-end encryption requirements can be complex. Against this backdrop, our goal is to use existing published standards and provide an auditable set of requirements that creates a secure payment environment."

Since its launch in April 2009, SPVA has experienced rapid growth with prominent industry leaders joining, including Atos Worldline, Heartland Payment Systems, Chase Paymentech, Radiant Systems, Inc., Voltage Security and many others. All members are eligible to participate in SPVA's Technical Working Groups and contribute to future industry standard publications.

To download the association's End-to-End Encryption Security Requirements white paper and to learn more about the SPVA, visit http://www.spva.org.

=====================================================


Cellular Machine-to-Machine Communication Module Shipments to Increase Fourfold by 2013

HISTORY: May 16, 2008

http://www.abiresearch.com/press/1131-Cellular+Machine-to-Machine+Communication+Module+Shipments+to+Increase+Fourfold+by+2013

Markets for cellular machine-to-machine (M2M) communication modules – the radio units providing wireless connectivity to a range of devices that communicate without human intervention – are expected to show strong growth in the coming years. According to new market data from ABI Research, shipments will total nearly 80 million modules in 2013.

“The latest cellular M2M module market data collated by ABI Research shows strong growth trends that are closely in line with our earlier forecasts,” says senior analyst Sam Lucero. “We see four applications that will be particularly fertile for M2M and should provide significant opportunities for vendors.”

OEM telematics. While encompassing a variety of services, OEM telematics today is driven by automatic emergency service applications such as GM’s widely deployed OnStar, as well as by in-dash navigation systems. “In the US, the competitive response to OnStar’s success is a major factor in promoting cellular M2M,” says Lucero. Most of the major car manufacturers are responding with their own telematics programs. This will be more evident in the 2009-2010 model years. Later, eCall, despite a shaky start, is expected to create strong demand in Europe. There are also OEMT telematics programs in the Asia-Pacfic region, particularly Japan and South Korea.

Advanced (or “smart”) metering. Rollouts of electricity and water meters that transmit their data automatically via powerline, wireless sensor networks, and cellular connections are powered by utilities’ desire for demand-response functionality, for energy-efficiency purposes as well as operational efficiencies. It is happening in all developed regions of the world.

Point-of-sale terminals including ATMs. The ongoing shift to cashless transactions sees POS applications going increasingly wireless. Lucero notes that, “Traditionally, merchants had to arrange their own connectivity. Now there is a global push to bundle cellular connectivity as an offering to merchants along with the POS terminal.” Major vendors VeriFone, Ingenico, and Hypercom are rolling out their own cellular connectivity services worldwide.

Home security and managed home automation. There’s a trend to add wireless as a backup or replacement option for traditional landline connectivity. Cellular service providers want to get into the (primarily North American/European) security and managed home automation markets.

ABI Research’s “M2M Market Forecasts” tracks the M2M market on the basis of wireless WAN embedded modules and product revenue, as well as wireless WAN active nodes and service revenue.

It forms part of the firm’s M2M Research Service.

=====================================================

Giesecke & Devrient, Nokia NFC Application Management JV

Giesecke & Devrient and Nokia have announced an agreement to form a joint venture to provide services to the NFC ecosystem by enabling consumer applications, such as credit cards or transport tickets, to be securely and easily downloaded over-the-air to NFC enabled mobile devices.

HISTORY: 2006

http://www.paymentsnews.com/2006/06/giesecke_devrie.html

Nokia: Machine-to-Machine "There are billions of machines waiting to be able to communicate"--"Let your machines talk"

http://www.nokia.com/NOKIA_COM_1/About_Nokia/Press/White_Papers/pdf_files/m2m-white-paper-v4.pdf

Ultimately, M2M solutions are created for increasing the profits and competitiveness of a company through more efficient processes, better customer service or new ways of doing things. M2M is about connecting people, devices and systems. M2M is about letting your machines talk.

=====================================================

Wave Systems Demonstrates Embassy® Strong Authentication Technologies at the DoD Public Key Enabling Trade Show

" X.509 & fully certified (FIPS 140-2 L2) TPMs"

HISTORY:Nov 8, 2005

http://findarticles.com/p/articles/mi_m0EIN/is_2005_Nov_8/ai_n15783493/

Wave is demonstrating the hardening of standard Department of Defense PKI systems. Using TPMs, Wave will demonstrate issuing a standard, medium assurance certificate (X.509 version 3 PKI class 3) which is commonly used for network and application authentication. The TPM will bind the certificate to the hardware platform, creating a more tamper resistant certificate. This is the first time that fully certified (FIPS 140-2 L2) TPMs will be shown in this security capacity. Wave is working with External Certificate Authorities (ECA) approved by the DoD C.I.O. to more broadly disseminate this solution.

"Working with TPM security chip enabled PCs, Wave's Embassy software technology can strongly authenticate both the PC and the user in a government or enterprise network," said Steven Sprague, president and CEO, Wave Systems. "Network administrators can benefit from better authentication capabilities by using available biometrics, smart cards, passwords or the TPM, all tailored to specific security needs."

=====================================================

Giesecke & Devrient and Wave Systems Announce Strategic Partnership

(PKI)

"G&D is a well-positioned and highly experienced partner in the migration towards EMV chip technology"

Security -Both G&D software components,the key administrator,and the key station interact with a hardware security module (HSM) certified in accordance with the latest security requirements of the Federal Information Processing Standards (FIPS) mandated by credit card payment organizations. The system supports symmetric and asymmetric keys generated using the proven algorithms triple DES, AES, and RSA.

http://www.gdai.com/pls/portal/Key_management_system.pdf

HISTORY: April 12, 2005

http://www.smartcardalliance.org/articles/2005/04/12/giesecke-devrient-and-wave-systems-announce-strategic-partnership

Security Solutions Combining Smart Card and Trusted Computing Software Technologies to be demonstrated at the CardTech/SecurTech Annual Conference April 12-14, 2005 in Las Vegas

Munich, Germany and Lee, MA, USA April 12, 2005–Giesecke & Devrient (G&D) and Wave Systems Corp. have formed a strategic alliance to offer an enhanced security solution to address the trusted computing market. In the IT sector, high complexity and a wide spectrum of applications are boosting the demand for security solutions among private users and businesses alike. The challenge is to devise comprehensive solutions that can satisfy customers’ security needs. Increasingly, what are known as Trusted Platform Modules (TPM) are being incorporated into personal computers for a more trustworthy computing environment.

The TPM is a processor which is integrated into the PC motherboard as a separate chip. Use of smart card technology adds a further component to the security solution: The card serves as a key to the computer, preventing unauthorized access to system and data. Giesecke & Devrient (G&D) and Wave Systems have formed a strategic alliance to market a comprehensive security solution that integrates both components.

The G&D-Wave Systems collaboration will address the organizations’ joint development activities in the fields of smart card technology and trusted computing software. The aim is to leverage the combination of smart card technology and TPM associated software to offer clients in industry and government a comprehensive, flexible and easy-to-use security solution.

Both partners are members of the Trusted Computing Group (TCG), an organization founded in 2003 by leading enterprises in the IT sector to develop open standards for a new generation of secure hardware and software products in virtually all application areas. “Multifactor authentication enabled by systems with TPMs and with smart cards helps IT managers further secure systems and data in the enterprise,” said Brian Berger, TCG marketing work group chair. “The increasing availability and usage of systems with TPMs has enabled a number of security innovations that will help both IT and users.”

In a secure platform environment, the TPM’s task is to protect and generate secret keys, and store system configurations safely. The TPM also functions as a hardware-based security mechanism that prevents system changes caused by virus attacks. “The combination of trusted computing with smart card technology shows a lot of complementary advantages. As an integrated part of the motherboard, trusted platform modules provide an early integrity control from software and hardware as well as identity control of the entire PC system. The addition of chip card technology, e.g. as smart card or smart USB token, enables portable user identification to achieve a reliable and flexible security solution,” said Andreas Raeschmeier, Head of Business Development at Giesecke & Devrient. Using smart card technology ensures that only users who can authenticate themselves with a card or token, plus the associated PIN, can gain access to the computer or network. “Smart card technology is flexible and easy to use. Users only have

to enter a four-digit PIN instead of a 20-digit passphrase. Possession of the card and knowledge of the PIN provide maximum security, and are user-friendly as well,” said Andreas Raeschmeier, pointing out the advantages of smart card technology.

IT security departments have different security requirements, extending from protection of sensitive data and access control through hard disk encryption to management of hardware and software configuration. In all of these, the trusted platform module can provide valuable support. “Wave is pleased to be partnering with G&D, a leader in the smart card market, which has strong established relationships in enterprise and government markets in Europe and beyond,” said Steven Sprague, Wave System’s president and CEO. “We believe G&D’s technology leadership can help further the adoption of trusted computing solutions in these geographical and business markets.”

Wave’s EMBASSY Trust Suite (ETS) secure software capabilities being demonstrated with G&D at CardTech/SecurTech include security policy management, key archive and management, digital signature, file and folder encryption, secure email, secure wireless authentication and storage and automation of user names, passwords and personal information.

For more information on demonstrations at CardTech/SecurTech, please contact the sales organizations of either company.

About Giesecke & Devrient:

Giesecke & Devrient (G&D) is a technology leader in the field of smart cards, providing smart card based solutions for the areas of telecommunications, electronic payment, health care, ID, transportation, and IT security (PKI). G&D is also a leading producer of banknotes and security documents, and dominant in the field of currency automation. Based in Munich, Germany, the G&D Group operates subsidiaries and joint ventures around the world. In fiscal 2003, the group employed some 6800 people and generated revenue of €1.05 billion. For more information, please visit our Web site at http://www.gi-de.com.

=====================================================

>><<