Joakim Thoren has been in the smart card business from the start of his career. As the CEO of Versasec (an identity and access management provider), he’s seen everything the industry had to offer.
“I saw that the other card management systems that were out there were all using the same architecture,” said Thoren. “And they were all using the same business approach that you sell this large system, and you bring in a lot of professional services to get it started. That was, of course, stopping the small customers from getting into this market.”
Thoren shared his philosophy (and his company’s early success) with Richard Stiennon at the 2016 RSA Conference in San Francisco.
“There are a lot of things left to solve,” said Thoren. “I’m looking a lot at the mobile (bring your own device) market. We’ve focused heavily on BYOD because it’s still a computing device – a real piece of hardware where you can install software easily.”
Versasec uses virtual smart cards to serve those users. Thoren said this is beneficial because they won’t need a special reader to access virtual cards.
“If you come to an organization with your own device, it’s likely that you don’t have a smart card reader,” he said. “Then the virtual smart card fits right in.”
Getting Into the Cloud
Versasec’s next move will be into the cloud.
“[Our architecture] is perfect for being in the cloud,” said Thoren. “One of our core values is that we should have the highest level of security always. No shortcuts. Thus, all the keys used in the system are hardware-protected, at least by using a smart card. If you’re in a larger system, you have a lot of transactions. Fitting that into a cloud service could be a little bit complicated, but we figured it out now, so we’re going to release a cloud version later this year.”
Growing Customer Base
When Thoren moved to the United States in 2012, European customers accounted for all of Versasec’s business. Today the company has been split 50-50 between the U.S. and Europe, with nearly 100 customers in America.
“The largest deployment is a government customer,” said Thoren. “It’s a very large U.S. government customer and they have very interesting requirements with locations – many hundreds of locations – which makes it exciting to manage.”