printer friendly version

Maturing security market requires value add

As an entrepreneur who made an impact in the IT industry in the 1990s and early 2000s, Gary Chalmers has been through the excitement, or some may say the trauma of seeing an industry go through significant changes as it matured.

Gary Chalmers, CEO of iPulse

Chalmers is now the CEO of iPulse Systems, a South African designer of fingerprint biometric readers (which are also manufactured in the country). Chalmers spoke to Hi-Tech Security Solutions about the changes he sees the security industry, and specifically the access control industry going through, which are similar to the changes the IT industry went through about 10 years ago.

A South African company, iPulse designs and manufactures its products in the country and sells them throughout Africa and other emerging markets. The company has recently concluded an agreement with the CSIR which will bring a combination of iPulses’s industry experience and the CSIR’s R&D into the mainstream market.

Industry changes

The first change Chalmers feels the industry needs to take notice of is the commoditisation of hardware. This may seem strange coming from someone intimately involved in hardware production, but Chalmers says the commoditisation of hardware is something already underway in the security industry and only those companies taking cognisance of the changes and the implications thereof will survive.

As with the PC industry a few years ago, the brand on a device soon won’t matter when it comes to hardware because most systems (like biometric readers) will be able to do a similar job. What Chalmers says will matter is differentiation, and this applies across the industry as a whole.

Companies will not be able to drop boxes and make a healthy profit in the future, as many do now. They will have to provide an holistic solution and services to add value to their hardware. Chalmers gives the example of Dell, a startup which took on the then giants in the PC world.

Dell couldn’t outplay Compaq or IBM in terms of technology or pricing, but it came up with innovative services such as a three-day onsite warranty. When your hardware is similar, it’s the services and the manner in which you make your clients’ lives easier or more convenient that wins the deal. Hence, Dell rapidly grew to be the top player in the PC world. Unfortunately, the PC world has changed again and it seems as though Dell may have missed the boat this time.

Software is the differentiator

In the access market, the hardware we use on a daily basis is already at the Peak of Performance level in the Gartner Hype Cycle. Chalmers says this means most do a similar job with no real standout benefits to differentiate them. (This obviously excludes the ultra-cheap hardware that shouldn’t be trusted.)

For companies in the access market that still work on the old distribution model of one company develops and sells hardware, another pays a licence for the right to develop on that platform and sells it to the end user, margins are under pressure. Chalmers says this licence model simply adds to the cost the end user pays, and can even lock users into a proprietary solution without adding value.

By providing access to Application Programming Interfaces (APIs) and Software Development Kits (SDKs) that allow specific partners direct access to your devices, hardware vendors are inviting integrators and developers to create innovative solutions that incorporate their biometric systems and deliver value to clients. Moreover, the solution adds value to the integrators as well by allowing them to add their software to the devices and retain the customer over a long timeframe. This is completely the opposite to selling hardware that still needs additional systems and integration before it can do anything useful.

Changes in visitor management

One of the areas in which these changes are prevalent at the moment and which is itself undergoing significant change is visitor management. In this market specifically, companies that sell boxes, or hardware, are going to find it almost impossible to do business.

When looking for a biometric solution for visitor management, people no longer look for a brand name on the reader. Security and risk managers look at the functionality and benefits the solution provides, and how it makes their task easier. The brand name is an afterthought.

Chalmers says we’re already seeing this happen in the market and old-fashioned box movers are reacting by taking distribution risks in the hope of making their sales targets. The reality is that only those companies that can attract innovative partners focused on solving a problem are going to be able to succeed.

In fact, he sees significant changes happening in the industry over the next year or two that could see some existing market leaders losing their positions. You can’t simply replace a card or PIN with a fingerprint, Chalmers warns, you need to deliver a solution with a clear value proposition.

The impact of PoPI

Another issue the access industry is going to have to take note of is the Protection of Personal Information (PoPI) Act. This was passed by the National Assembly in August 2013 and is only waiting for the President’s signature before it becomes law.

When registering people visiting your company, are you really allowed to keep all their personal information? Moreover, are you storing that information in the proper, secure manner? Questions like this have to be asked with PoPI around the corner as well as the current scandals around the US government’s ‘collection’ of personal information from people around the world.

These questions only become more serious when one considers integrated systems that have access to visitor and staff information across multiple divisions, such as payroll, HR etc. Companies will need to ensure their access solutions, whatever technology they use, are completely PoPI compliant.

One potential solution Chalmers recommends is BioVault. People can register their personal information with the company and whenever they visit an affiliated company, they can have their identities verified via a fingerprint scan. If required, they can agree to have the company download specific information about them. BioVault is a hosted solution, which means your personal information is stored in one location only and once you have been verified via a biometric device, your information is deleted from the reader.

While no changes happen overnight, the history of the IT industry has shown us that commoditisation is a game-changing event and the access control market is already feeling the impact, an impact that will only increase over the next year or two. For Chalmers, he has already ensured that iPulse is geared to meet the industry’s challenges and has partnered with integrators and developers that are using biometrics to deliver value-adding solutions.

BIOVault

BIOVault is a consumer-centric biometric vault, which stores an individual’s information in a highly secure manner and allows individuals to manage this data through a single site, thus enabling them to have complete control over their own identity, and even more importantly, to have control over who has access to this information.

Companies who are granted access to this information by the individual are able to use this biometric information to achieve unique identity matching, thus enabling fraud prevention and fraud detection on a user’s identity.

BIOVault stores multiple types of biometric data, including fingerprints, facial recognition, voice recognition and even vein patterns, and links these to any number of personal identifiers, including national identifiers such as ID numbers, passports and drivers licences, and private identifiers such as membership numbers, account numbers and employee numbers.

The entire system has been designed from the ground up to ensure data integrity, and to fully comply with all major privacy laws, including the South African POPI (Protection of Personal Information) Act.

Share this article:

Further reading: