Put the for­mer Chief Sci­en­tist from Bell Labs togeth­er with a guy who start­ed his career at Com­put­er­land back in the 80’s and you have one of the newest secu­ri­ty soft­ware com­pa­nies to hit the market.

George Waller, co-founder of Strike­force, teamed up with his part­ner when they both real­ized that com­put­er hack­ing had gone from a com­pe­ti­tion to big busi­ness.  With mil­lions of dol­lars at stake hack­ers are becom­ing smarter and smarter and infil­trat­ing some of the most sophis­ti­cat­ed sys­tems regularly.

 

George tells us that “The FBI put out a report about two years ago and they said that they felt that greater than 70% of the world’s com­put­ers have spy­ware on it.” 

Roy Weiss­man of MediaJobs.com spoke with George about how Strike­force has cre­at­ed some com­pelling prod­ucts to help pro­tect every­one from the largest enter­prise firms to one PC households

Lis­ten in or read along as Roy Weiss­man talks with George about why he and his part­ner, Ram Pem­mara­ju, the for­mer Bell Labs Chief Sci­en­tist believe Strike­force will become the mar­ket leader.

You can lis­ten to the inter­view as well as read it below:

 

 

Roy:   My name is Roy Weiss­man from MediaJobs.com. Today we’re speak­ing with George Waller, the Founder and CEO of Strike­Force Tech­nolo­gies.   Strike­Force Tech­nolo­gies is the inno­va­tor of out of band, mul­ti-fac­tor authen­ti­ca­tion and key­stroke encryp­tion for desk­top and mobile devices. That sounds like a mouth­ful, George.

Wel­come, George. Tell us a lit­tle bit about what you guys do and why you got into this business.

George:         I appre­ci­ate that, thank you for hav­ing me, Roy. Just to clar­i­fy, my title is the Exec­u­tive Vice Pres­i­dent and I’m the co-founder of the com­pa­ny, not the CEO and Founder.

George:         I actu­al­ly was the orig­i­nal CEO. Then I real­ized one of the things I want­ed to do is become a pub­lic com­pa­ny and to grow it and I knew we need­ed a lot of help and I knew I need­ed to get some­one with that strong MBA style background.

I actu­al­ly hired to replace myself some­one that came from, his name is Mark L. Kay and he came out of JP Mor­gan Chase. For 26 years he was the World­wide Man­ag­er and CIO of their secu­ri­ty ser­vices. I hired up, as they say.

Roy:               That’s good. How long has he been there?

George:         I hired him in 2003.

Roy:               I guess he’s been there a few years.

George:         Yes. He’s been here for quite some time and doing a fan­tas­tic job.

Roy:               How did you get, why this busi­ness, George? What is your back­ground and how did you end up in this business?

George:         My back­ground has been in the com­put­er indus­try and I’ve done sev­er­al dif­fer­ent things in the com­put­er indus­try, worked it, learned it from the ground, as they say, from the ground up. Start­ed sell­ing in Com­put­er­land back in the ’80s when they just came in with per­son­al com­put­ers just came out.

I was work­ing for Com­put­er­land but back then that was strict­ly just box­es. Net­work­ing real­ly was­n’t an issue. The Inter­net was­n’t out there for pub­lic usage yet. Then I went from a box com­pa­ny to a ser­vices com­pa­ny and start­ed learn­ing the ser­vice side of it, the soft­ware side of it.

Then went and worked for an off­shore devel­op­er where we had sev­er­al hun­dred devel­op­ers out­side the coun­try where we did project man­age­ment and prod­uct devel­op­ment but specif­i­cal­ly soft­ware devel­op­ment from out­side the country.

Then I met up with my co-founder Ram Pem­mara­ju, who is the CTO. He had this absolute­ly fan­tas­tic idea and he pitched me on it about using the phone for the pur­pos­es of authen­ti­ca­tion. He had the vision, know­ing that the Inter­net was going to con­tin­ue to grow and that every­one, every site, whether it’s a bank or your cor­po­rate site would need some form of authentication.

He real­ized that the old method­ol­o­gy out there was­n’t going to suf­fice in this new world so he real­ized that you need­ed to go mobile. You need­ed to have a solu­tion that enabled a mobile device to actu­al­ly authen­ti­cate you into, whether it’s your bank or your cor­po­rate VPN or a social net­work and web­site, he envi­sioned that.

Essen­tial­ly, he’s the inven­tor of what we call ‘out of band authen­ti­ca­tion’, which is essen­tial­ly using a mobile device to authen­ti­cate into a web­site or for a transaction.

Roy:               Are you talk­ing about using caller ID and things like that?

George:         No. I’ll give you an exam­ple. A big prob­lem today, and every­one reads about it every day, is the amount of breach­es that hap­pen around the world. They are just fast and furi­ous and when these breach­es happen.

First thing is for the com­pa­ny that’s breached, it could cost that com­pa­ny upwards of $10 mil­lion in fines, lit­i­ga­tion, not to men­tion brand degra­da­tion and the loss of infor­ma­tion for your cus­tomers because if they breach that com­pa­ny, they’re usu­al­ly going for either cor­po­rate espi­onage or, more impor­tant­ly, they want to get access to infor­ma­tion which they can sell.

The major­i­ty of the hack­ing today is moti­vat­ed by monies. A lot of the big ana­lysts have put out num­bers such as For­rester, Aberdeen, Gart­ner, that world­wide cor­po­rate breach­es and iden­ti­ty theft have now gone into the tril­lions of dol­lars on a year­ly basis.

With that as a back­drop we saw, Ram saw, that com­pa­nies need­ed to real­ly tru­ly pro­tect them­selves and because his back­ground was both tele­pho­ny and secu­ri­ty work­ing for, he comes out of Bell Labs. Pri­or to Bell Labs he was a chief sci­en­tist and chief architect.

Pri­or to Bell Labs he worked for Bell­core, then he worked for a large build­ing con­trac­tor design­ing and invent­ing voice encryptors.

He had two unique dis­ci­plines of secu­ri­ty and tele­pho­ny and he real­ized in the mid ’90s that join­ing the two would be a great, would not only cre­ate a great oppor­tu­ni­ty to cre­ate a com­pa­ny and a prod­uct but more than that to make the world a safer place.

When we met he explained to me the con­cept of what he called out of band authen­ti­ca­tion and essen­tial­ly that is, it’s the lat­est gen­er­a­tion or the lat­est evo­lu­tion of authentication.

When you talk about authen­ti­ca­tion, most peo­ple know that, most peo­ple use the sin­gle fac­tor authen­ti­ca­tion. Essen­tial­ly that’s using user­name and pass­word to log into something.

The prob­lem with user­name and pass­word is that’s too eas­i­ly hacked. The world then did come out with two fac­tor authen­ti­ca­tion but that two fac­tor authen­ti­ca­tion is send­ing, for exam­ple, your user­name, your pass­word and the some­thing else like a token num­ber that the com­pa­ny gives you, this lit­tle phys­i­cal token that you press the but­ton it gives you a six dig­it num­ber and you send it with your user­name and password.

That was good for many years. The prob­lem was that the hack­ers real­ized that all that data is going over the same data stream. Essen­tial­ly, the same com­put­er link when you’re logged in, you’re log­ging into your bank or you’re log­ging into your web­site, that one con­nec­tion over the Inter­net is what they call inbound communications.

If you’re send­ing all your infor­ma­tion over that chan­nel, if a hack­er can hack that chan­nel, they now have all your data.

The hack­ers have devel­oped the con­cept of man in the mid­dle where they get a piece of spy­ware, it sits on your com­put­er and it gath­ers all that data and then basi­cal­ly they can log in as you way before you can log in. What Ram envi­sioned is a much more secure and eas­i­ly deploy­able and very cost effi­cient way of authen­ti­cat­ing by using a mobile device.

Check this out. Let’s say I want to log in. Every night I leave, wher­ev­er I am at night I’m log­ging into my cor­po­rate assets to my com­pa­ny. I pull up my web page on my mobile device or my com­put­er, I type in my user­name, type in my password.

Hit Sub­mit or login and two sec­onds lat­er my phone rings and my phone actu­al­ly says, ‘George, this is Strike­Force Tech­nolo­gies remote access client on the phone. Please put in your secret pin code,’ or it will ask me to use my voice as a biometric.

My user­name went on over the com­put­er chan­nel but my voice or my secret pin code, that I would plug in on the key­pad of the mobile device, goes over the mobile device or the mobile net­work so essen­tial­ly it’s the split­ting up of the user­name from pass­word and send­ing them on two sep­a­rate chan­nels ver­sus send­ing all the infor­ma­tion on one channel.

Because of that con­cept that he devel­oped, out of band authen­ti­ca­tion, it enables any­one because every­one in the world has a phone today, to log in from wher­ev­er you are in a more secure fashion.

Because we’re lever­ag­ing the tele­phone net­work that’s already in place there needs to be no infra­struc­ture put out there and because of that we can deliv­er cost effec­tive, two-fac­tor, out of band authen­ti­ca­tion which makes the world a safer place, less expen­sive than any oth­er authen­ti­ca­tion method out there.

Roy:               Hope­ful­ly, you’re not try­ing to log in where the cell ser­vice is bad.

George:         With the cell services?

Roy:               Where the cell ser­vice is bad.

George:         Well, yes. The good thing of what we’ve done is, Ram actu­al­ly fig­ured out an answer for that. He took our authen­ti­ca­tion tech­nol­o­gy and he turned it into a plat­form for authen­ti­ca­tion which enables you to use mul­ti­ple meth­ods. We do sup­port the old style hard tokens, we have our own.

We also sup­port soft tokens where you can actu­al­ly have a lit­tle applet that runs on your mobile device and you press it and it gives you a six dig­it num­ber instant­ly. You don’t even need to have access to cell ser­vice to log in today with our platform.

Roy:   The applet is kind of like the old school algo­rithm key­pads which came up with a unique number.

George:         That’s exact­ly what it is and we have the four that can sit on the desk­top of your

com­put­er or sit on your mobile device so that today our plat­form offers 14 dif­fer­ent meth­ods of log­ging in and any of the meth­ods can be used as a redun­dant back­up to any of the methods.

Roy:   This sounds great. I guess what I’m won­der­ing is, and again being unso­phis­ti­cat­ed at this so don’t be offend­ed at my ques­tion but it sounds like any­body could set it up. Just tell the com­put­er to call this phone num­ber and get it ver­i­fied.  Where is the secret sauce here?

George:         The secret sauce is you need to be pro­vi­sioned. For exam­ple, it’s­gen­er­al­ly your admin­is­tra­tor in the com­pa­ny pro­vi­sion­ing your phone num­ber into the sys­tem so that when the sys­tem’s going to call you, it’s only going to call one num­ber and one num­ber only in the whole world.

Roy:   No, that I get. I’m talk­ing about with respect to com­peti­tors, from a busi­ness per­spec­tive. What’s to stop a com­peti­tor from just writ­ing their soft­ware so that when you try to log in it auto­mat­i­cal­ly dials your phone num­ber and you have to answer the phone? I guess what I’m try­ing to fig­ure out is what are you doing that proprietary?

George:         First of all, you have to actu­al­ly be log­ging in. Let me ask you this. If your phone rang right now and it said to you, ‘Roy,’ right now. You and I are on the phone. We’re doing an inter­view. If your phone rang right now and said, ‘Roy, will you autho­rize $12,000 to be wired out of your bank account,’ would you do it right now in this instant?

Roy:   No. I get that. I’m not talk­ing about from a secu­ri­ty per­spec­tive, I’m talk­ing about from a com­peti­tor per­spec­tive. What’s to stop a com­peti­tor from just writ­ing the software.

George:         Mak­ing some­thing similar?

Roy:               Yes.

George:         Sor­ry, I did­n’t under­stand your question.

Roy:   That’s fine. I under­stand the secu­ri­ty aspect that when you have mul­ti­ple vari­ables, it’s hard­er and hard­er to dupli­cate it.

George:         We do have some com­peti­tors but the key thing is that in Jan­u­ary 11^th of 2011, we were award­ed the patent on out of band authen­ti­ca­tion. We recent­ly put one of the top law firms in the world, signed an agree­ment with them and they have now start­ed to lit­i­gate against those infringers and the biggest of those infringers is a com­pa­ny called Phone Fac­tor, which was bought out by Microsoft.

We are right now lit­i­gat­ing against them as well as oth­er infringers. We do own a patent and we are very high­ly con­fi­dent that we will win if it ever gets to court. I don’t think it’ll go to court. I think they’ll set­tle way before it goes to court but we will def­i­nite­ly win in this case because we do own the patent and they own nothing.

Tech­no­log­i­cal­ly, there are some infringers but we are aggres­sive­ly, we have an aggres­sive infringe­ment strat­e­gy going on right now and we’re going after any­one infring­ing on us.

Roy:               Now are you con­cerned that as of late the talk is that the patent office is get­ting too loose

and they’re patent­ing things that real­ly should­n’t have been patent­ed and call­ing into ques­tion some patents that have been done prob­a­bly in the last, espe­cial­ly since tech­nol­o­gy and the Internet.

I’m sure you remem­ber years back Ama­zon tried to patent or they did patent the one-click pur­chase and even though they had the patent it would have been very bad if they tried to enforce that, so they kind of backed off.

But tech­ni­cal­ly, they have a patent for that. There’s been talk recent­ly that some of the patents that have been giv­en have just been too gener­ic. Would you have con­cerns that this could hap­pen to your patent?

George:         No. Not at all. It’s a very sophis­ti­cat­ed sys­tem and a patent is, while we have an authen­ti­ca­tion plat­form that allows for lots of things, our patent is specif­i­cal­ly on the out of band stuff and we’re not wor­ried about that or the argu­ment that the patent office is too loose in grant­i­ng their patents in this case because this is, obvi­ous­ly, it’s built in and around security.

We have a sec­ond set of servers that were split into pan­els. That’s not some­thing that peo­ple could say, They just had that,’ or any­thing like that. It’s, when Ram invent­ed this, it took years to build. Many, many years to build it and then get it work­ing so we have no con­cerns about that.

Roy:               How long has this prod­uct been out on the market?

George:         We start­ed show­ing the first ver­sion of it in 2001 but by the time we real­ly, and that was the beta ver­sion of it, it real­ly start­ed hit­ting the mar­ket around 2004ish, 2003, 2004 but as you know most prod­ucts are a work in progress and what we had in 2004 is dras­ti­cal­ly dif­fer­ent than what we have now.

What we have now is dras­ti­cal­ly dif­fer­ent than 2004 so it’s evolved. The first ver­sion was just strict­ly a phone call back to your phone. That was it. Did­n’t do any­thing else.

Then we start­ed adding in oth­er meth­ods of out of band. Then we added in hard tokens. Then we add in soft tokens and then some­thing else that we did which is very unique, it’s the only tech­nol­o­gy, which we call out of band, in the world that can actu­al­ly be installed 100% on premise. Even our infringers haven’t fig­ured out how to do that. They’re all strict­ly cloud based services.

While we also offer a cloud ser­vice, we’re the only tech­nol­o­gy that can be put on premise to run from with­in a com­pa­ny’s fire­wall and that’s got noth­ing to do with the patent, it’s just that no one else has fig­ured out how to do that.

That’s a cred­it to Ram’s strong back­ground in tele­pho­ny where he knew how to make that work so we feel we have a big edge over our com­peti­tors on that as well.

Roy:   Are there any major com­pa­nies that have pur­chased your tech­nol­o­gy, that are using it that you can mention?

George:         Most of them, since it is a secu­ri­ty prod­uct, most of our cus­tomers are all under con­tract that we can’t men­tion them because one of the strate­gies of any sound secu­ri­ty pro­fes­sion­al is nev­er tell the peo­ple what you’re using.

It’s hard enough to keep the bad guys out but when you tell them what you’re using you’re kind of focus­ing in on say­ing, ‘Here’s the lock. I dare you to pick it.’ I can tell you this, we have For­tune banks using it.

We have major health­care insti­tu­tions using it, we have uni­ver­si­ties using it, we have gov­ern­ment agen­cies using it, we have SMBs and mid-size orga­ni­za­tions. We’ve got one of the largest sil­i­cone chip man­u­fac­tur­ers in the mobile space using it.

We have a lot of peo­ple using it around the world, using our tech­nol­o­gy to pro­tect themselves.

Roy:               Are there any names you can mention?

George:         I’d hon­est­ly have to look into see, because I can’t divulge any­one’s name with­out approval.

Roy:               When you say For­tune, you’re say­ing For­tune 100 companies.

George:         No. I’m talk­ing about we have For­tune 10, For­tune 50, For­tune 100. We have banks with­in all of those.

Roy:               I guess they’re see­ing suc­cess or they would­n’t… When you sell, is this a one-time sale or is this, the mon­ey you’re mak­ing from this, you sell them the prod­uct, get a check. Is there ongo­ing pay­ments or is it just one payment?

George:         Well no. There is always some sort of ongo­ing pay­ment based on the busi­ness mod­el.   That’s anoth­er thing, Roy that we’ve been able to fig­ure out. One of the things my CEO had brought, of the many great things he brought to the table, there’s one of them is that if we can’t fit into the oth­er per­son­’s busi­ness mod­el they’ll nev­er buy it and it’ll nev­er work out for them.

While most of our com­peti­tors take, you’re going to pay us year­ly per user, a fee per user. Again, they’re only cloud ser­vice. We offer a cloud ser­vice very sim­i­lar where an insti­tu­tion or any com­pa­ny can take fur­ther employ­ees or users, year­ly per user fee.

But because we also go on site, in oth­er words our prod­uct can be installed 100% inter­nal­ly, well that reduces all those costs of a cloud service.

On site we actu­al­ly enable a user to have either a one-time fee or a three year great­ly reduced fee. For exam­ple, they can take a, I’m just going to say, ‘quan­ti­ty one’, because we’re not talk­ing spe­cif­ic quan­ti­ties here but quan­ti­ty one on our authen­ti­ca­tion on site to be $25.00 and that’s it. It’s a one-time fee and they own it for that user.

Obvi­ous­ly, if you have 500 users it’s less than that and you’ve got 5,000 it’s much less than that. Where­as if the com­pa­ny says, ‘Look. I don’t have $25.00,’ we also have the con­cept of break­ing it up over mul­ti­ple years to pay for it.

The great thing is we’ve come out with mul­ti­ple mod­els, busi­ness mod­els that enable us to offer to our clients options on what works finan­cial­ly bet­ter for them and then in our cloud ser­vice we have some­thing very unique where­as all of our com­peti­tors charge per year per user, as I said, we also have that method.

We also have some­thing else that they don’t have. For exam­ple, a very large bank, one of our For­tune 100 banks, came to us about sev­en years ago, they’ve been our client over sev­en years and they said to us, “We have mil­lions of users and the thing is that we want to run our own risk based sys­tem up front to deter­mine risk­i­ness of a trans­ac­tion so we don’t want to buy authen­ti­ca­tion for all our mil­lions of users, how­ev­er, we need to use it for any of those mil­lions just in case of a risky transaction.”

What we do then, Roy, is we cre­at­ed an authen­ti­ca­tion buck­et so that when peo­ple are doing authen­ti­ca­tions into their web­site, if they deem that authen­ti­ca­tion that access is risky because all of a sud­den Roy’s try­ing to log in from Bul­gar­ia at 4:00 in the morn­ing and that’s not Roy’s profile.

What will hap­pen is they’ll use our sys­tem to authen­ti­cate that user and we charge them on a per authen­ti­ca­tion basis and what we did with them is we cre­at­ed a block of authen­ti­ca­tions so they buy a large block that nev­er expires and they use them on-demand, so essen­tial­ly, they can buy authen­ti­ca­tion, in this case I can say that they buy authen­ti­ca­tions by a 100,000 block of authentications.

Then they use them as appro­pri­ate­ly and when the block of authen­ti­ca­tions runs low they just re-up it but they get to lever­age that 100,000 across their mul­ti­ple mil­lions of people.

Roy:   That sounds great. What would you say your aver­age sale is to a client, when you sell these prod­uct, or ser­vices is? The aver­age dol­lar value.

George:         The small­er ones, if we’re talk­ing to the SMBs it’s typ­i­cal­ly $5,000 to $15,000. If we’re talk­ing in the, let’s say the more mid range com­pa­nies, we’re talk­ing 75,000 to $100,000.

Roy:               What is your aver­age size trans­ac­tion these days is what?

George:         We have mul­ti­ple prod­ucts, that’s anoth­er thing but in the authen­ti­ca­tion specif­i­cal­ly, it’s prob­a­bly in the $30,000 range.

Roy:   That’s good. Now besides the out of band there are oth­er things you do, aren’t there?

George:         Yes. We also invent­ed the con­cept of key­stroke encryp­tion and this I’m very excit­ed for because on this one we have, I’m excit­ed about all of our prod­ucts but in the key­stroke encryp­tion we have both a con­sumer play as well as an enter­prise play.

What I mean by enter­prise I mean gov­ern­ment agen­cies, cor­po­ra­tions, hos­pi­tals, everything.

As you know, Roy, we read sto­ries every­day about all these breach­es. One of the biggest rea­sons that there are all these breach­es and one of the biggest rea­sons for all this iden­ti­ty theft out there in the world is because antivirus, which the world, has been used for about 25, 27 years is no longer effec­tive.  Any virus has lit­er­al­ly not changed much, yet the hack­ers over the last 25 years have improved and grown expo­nen­tial­ly better.

That’s why, if you think about this, I don’t know a com­put­er in the world, they’re billing into com­put­ers, I don’t know a com­put­er in the world that doesn’t have antivirus right out of the box.

If you buy it from Dell it comes with it or you buy it from any­where. I don’t know any­one that does­n’t have antivirus but yet every­day there are tens of thou­sands and hun­dreds of thou­sands of breach­es world­wide every day. How is that pos­si­ble if antivirus actu­al­ly works?

If you watch the secu­ri­ty gurus talk, as I do and I’m one of them, around the world the secu­ri­ty gurus will all say that antivirus is only about 20%, 25% effec­tive at best and an antivirus can­not stop what they call a “zero day attack”.

What a zero day attack is, let’s just say I’m a hack­er. I sit down today and I write a piece of spy­ware and then I intro­duce that spy­ware through an email or I go infect some web­site, a legit­i­mate web­site and they put it out there so that every­one that goes there now gets spyware.

There is no antivirus in the world that can stop a zero day attack because they all work on some lev­el of either known sig­na­tures or heuris­tics [sounds like], basi­cal­ly under­stand­ing what you’ve done before. If I don’t know the sig­na­ture of that web­site that you’re going to go to where they down­load that link that you’re going to down­load and open, if I won’t know that that’s bad, then my sys­tem will auto­mat­i­cal­ly open it up.

The prob­lem in the world, one of the biggest prob­lems is that the antivirus peo­ple have been dol­ing out the feed­ing every­one the, what I call the antivirus Kool-Aid for years, telling peo­ple that they’re safe and sound and they don’t have to wor­ry about any­thing just update your antivirus.

That’s not true. That’s absolute­ly, that is false and they are mis­lead­ing peo­ple to con­stant­ly buy and upgrade their soft­ware to the new­er version.

Roy:               They don’t offer, the antivirus soft­ware does­n’t do any­thing with key logging?

George:         No. Absolute­ly. In fact, antivirus peo­ple are mis­lead­ing the pub­lic because if you pick up and I’ve actu­al­ly com­plained to the attor­ney gen­er­al about this and I hope they do some­thing one day.

If you pick up a box of any antivirus, right on the side of it, it says, “pre­vents key log­ging attacks.” What it doesn’t have is it does­n’t have a dis­claimer which states we could only stop the known key log­gers, we can’t stop new ones that we don’t know about.

Because they don’t put that dis­claimer on there, most peo­ple think that they’re safe and sound but as I said, if you have a zero day attack is writ­ten today, it auto­mat­i­cal­ly bypass­es any­thing on your sys­tem, there­fore, go ahead.

Roy:   What per­cent­age of com­put­ers would you say have been infect­ed with key logging?

George:         The FBI put out a report about two years ago and they said that they felt that greater than 70% of the world’s com­put­ers have spy­ware on it. What we do know is that the num­ber one type of spy­ware that steals the data, which was put out by the Ver­i­zon Report…

They put this year­ly inves­tiga­tive report out. Is that when data was exfil­trat­ed for the pur­pos­es of steal­ing from a cus­tomer, 96% of the time a key log­ger was the cul­prit because a key log­ger is an amaz­ing piece of software.

It just sits there and it copies each and every key­stroke and then it emails it off to the bad guy.

Roy:               Now what does your soft­ware do?

George:         What we do is when we looked at this prob­lem back in 2005, we start­ed look­ing at how the hack­ing was still going on and we knew we want­ed to build mul­ti­ple prod­ucts so basi­cal­ly my CPO and I talked about, ‘Can we stop this new wave of hack­ing via key loggers?’

The way that they get around there is either through phish­ing or nefar­i­ous emails to a per­son with an infect­ed attach­ment or one of the newest ways that they get to peo­ple is through social net­work­ing and/or infect­ing major websites.

Like two months ago, WNBC, Chan­nel 4 here in New York was hacked and their site, the mal­ware writ­ers put a key log­ger called a Citadel key log­ger right to their web­site. If you went to MSNBC site to look up the lat­est SNL skit, you auto­mat­i­cal­ly got infect­ed. You can’t even trust a legit­i­mate site today, that it has­n’t been turned into a har­bin­ger of spyware.

Roy:               Does your soft­ware, do you have a patent on this software?

George:         We have a patent pend­ing so essen­tial­ly what we’ve done is what Ram fig­ured out is that the old con­cept of try­ing to pre­vent the bad guy from get­ting into your com­put­er, that an old con­cept that is flawed dras­ti­cal­ly. What he real­ized is that what we need­ed to do is actu­al­ly pro­tect the data.

Because what are the hack­ers after? They’re after your data so one of the things that every secu­ri­ty guy knows is that encryp­tion is good. What he did was applied the con­cept of encryp­tion to your key­strokes so  essen­tial­ly it took about two and a half years to write the software.

As soon as you down­load the soft­ware, Roy, instant­ly it starts encrypt­ing each and every key­stroke in real time, no mat­ter what you’re doing. You’re on any web­site, you’re in an IM chat, you’re log­ging into your com­pa­ny’s VPN, you’re using Outlook.

Where’s the wealth of any com­pa­ny’s infor­ma­tion? It’s in its email. Any­thing that you do, as soon as your fin­ger touch­es that key, the key­board, whether wire­less USB or PS2, we encrypt each and every key­stroke in real time.

There­fore,  we don’t stop the spy­ware from get­ting in there because you can’t stop spy­ware from get­ting in there. That’s a cat and mouse game that you’re always going to lose.

What we did was we came out with a new par­a­digm, we changed our par­a­digm by encrypt­ing each and every key­stroke so that all your key­strokes between your key­board and the appli­ca­tion are safe and sound.

I’m proud to say that in the last year alone, the last 14 months almost 6 mil­lion, or I think we might have just broke 6 mil­lion copies have been down­loaded to pro­tect both con­sumer and corporations.

Roy:               Now what does it cost for the software?

George:         As a con­sumer it’s $29.95 and they get to put it on two com­put­ers. Essen­tial­ly, it’s $15.00 a com­put­er for the year and then on renew­al it’s $24.00, so it drops to $12.00 a computer.

Roy:               You mean it’s $29.00 a year?

George:         It’s 29.95 for the first year, then it’s $24.00 each year after that.

Roy:               You have 6 mil­lion peo­ple that have paid this money?

George:         No. I said 6 mil­lion down­loads. The deals that we’ve done, let me, I’m going to get right back to that but I just want to answer where I was going but I won’t for­get that. We have a, what I was actu­al­ly say­ing pri­or to that is that we have both the con­sumer and an enter­prise ver­sion so for the con­sumer it’s $29.95 then it’s $24.95 for renewal.

For the enter­prise it’s $39.95 because there’s a bunch of more enter­prise com­po­nents in there for the net­work admin­is­tra­tor but with them, they buy it by the amount of users and they buy it by the per-user but then there’s only a 15%t year­ly main­te­nance on those. They buy it for actu­al­ly 80 users or 8,000 users.

To get back to your ques­tion, because I’ll nev­er for­get that and I want to answer it is that in, what hap­pens is a lot of our big­ger part­ners, like for exam­ple ID Vault, they OEM our soft­ware and they deliv­ered it out to large cus­tomers and in those, we don’t say how much we make but we get per user per month.

They wrote major deals out there like they did a deal with Com­cast. Anoth­er one of our big part­ners is a com­pa­ny called Inter­sec­tions and they have a prod­uct I guar­an­tee you heard of, called Iden­ti­ty Guard.

They’re mar­ket­ed every­where and we’re built right into their prod­uct so a lot of our sales, Roy, are through the OEM rela­tion­ships so we get sub­stan­tial­ly less but we get paid month­ly by those busi­ness part­ners. They use it to make their prod­ucts more safe and secure.

Roy:   That sounds fan­tas­tic, I mean you guys have become real secu­ri­ty mavens here.

George:         Now in about 45 days, 30 to 45 days we’re going to take basi­cal­ly our out of band authen­ti­ca­tion, we’re going to take our key­stroke encryp­tion. We did that already and then we took a cou­ple oth­er things and we’re now intro­duc­ing a prod­uct for your mobile device.

We are once again intro­duc­ing encryp­tion now for a mobile device, the first of its kind in the world. Ulti­mate­ly, what we’re all about, Roy, is we pro­tect access to your cor­po­rate net­work or your web­site, we pro­tect the desk­top from spy­ware and now we’ll be pro­tect­ing the mobile device from spyware.

Roy:               Now how many employ­ees do you guys have now?

George:         We’re now at sev­en and we’re hir­ing today.

Roy:               That’s fantastic.

George:         We’ve been a small com­pa­ny, real grass­roots doing this for 12 years now.

Roy:               Where are you guys, where’s your office space?

George:         We’re locat­ed in Edi­son, New Jersey.

Roy:   Anoth­er thing, can you give us a sense of the rev­enues of the com­pa­ny or any kind of met­rics to help our audience?

George:         We’ve dou­bled and tripled, we dou­ble our sales, just about dou­bled it the last three years. Last year, I’m proud to say that we did just about $1 mil­lion and we are on track for mul­ti­ply­ing that by sev­er­al times this year. We’re very excit­ed and we expect to dou­ble our rev­enues each year for the fore­see­able future, minimally.

Roy:   There is no short­age of a need for secu­ri­ty and tru­ly key­stroke issues are major. I read an arti­cle about a guy, a busi­ness who, some­body got on his com­put­er, logged into his bank account from his com­put­er and wired hun­dreds of thou­sands of dol­lars away from his account and the bank would­n’t give him the mon­ey back because they said, ‘It came from your computer.’

George:         It did­n’t actu­al­ly come from his com­put­er. What it does is, if they key log your cre­den­tials, then, they log in from their computer.

Roy:               No. It came from his computer.

George:         Really?

Roy:               See, as I’m sure you’re aware, with IP address­es and secu­ri­ty for cash man­age­ment they can track your IP address too. They know if it came from your, so there­fore you can’t, in some accounts you can’t log in from any­where but your own com­put­er in your office because of the IP address.

That super secu­ri­ty to pro­tect some­body from Rus­sia log­ging in and wiring your mon­ey. If they can get con­trol of your com­put­er from a remote loca­tion, then they can use your com­put­er to log into the bank and wire the mon­ey out and it looks total­ly secure to the bank.

George:         I hear you and I agree but most banks, they don’t even check the IP, Roy. Most banks and this is what we’ve been see­ing this hap­pen more and more, but you’re absolute right. If I get a key log­ger on your sys­tem and I steal your cre­den­tials and I log in as you from any­where else in the world, guess what?

Your bank does not need to pay you back the mon­ey because one of the things, and this is a big mis­giv­ing on bank­ing. If some­one walks into the bank today and they dress up as Roy and they steal, the teller acci­den­tal­ly gives them all your money.

Lat­er on, when you find out there’s no mon­ey there and the bank pulls their cam­eras and they go, ‘Oh my god. We gave it to some­one that looks like Roy and the guy real­ly was­n’t Roy.’ They’ll auto­mat­i­cal­ly replace all your mon­ey. They have to.

How­ev­er, when you sign on for online bank­ing, 99.9% of the peo­ple don’t actu­al­ly read the EULA, the End User License Agree­ment when they’re sign­ing on to actu­al­ly do bank­ing and in that EULA it says that that long scroll down like eight pages long and you just hit the bot­tom ‘I Accept’.

In that EULA actu­al­ly says, ‘You are respon­si­ble for the hygiene of your per­son­al com­put­er. If some­one steals your cre­den­tials, if spy­ware is found on your com­put­er and they steal your cre­den­tials because of that, we the bank do not need to pay you back your money.’

Roy:               It’s a seri­ous, it’s a seri­ous business.

George:         It’s a big problem.

Roy:               It sounds like you guys are real­ly poised to real­ly grow sig­nif­i­cant­ly. Where do you think the com­pa­ny’s going to be in two or three years rev­enue wise?

George:         I think the com­pa­ny in two to three years with the deals that we’re work­ing on, the con­tracts that we’ve been signed and a lot of con­tracts that we sign they take a cou­ple of months for them to build the com­po­nents on their site to get it up and run­ning. I think the com­pa­ny’s poised to do many millions.

I also think that with all the acqui­si­tions going on in the mar­ket I would think that there are prob­a­bly plen­ty of com­pa­nies that would love to own our tech­nolo­gies and I’m talk­ing about the big ones. Pos­si­bly even some of the ones that we’re suing.

The next cou­ple of years are going to be very inter­est­ing because cyber secu­ri­ty is get­ting bet­ter fund­ed today. I just read an arti­cle two days ago that U.S. gov­ern­ment, the Pen­tagon’s going to be spend­ing anoth­er $23 bil­lion extra over the next year just to help stop fraud and cyber theft.

Our prod­ucts are poised to be enveloped into that by some com­pa­nies. We feel very, we could­n’t be in a bet­ter place at a bet­ter time. That’s for sure.

Roy:   George, sounds like you’re in a fan­tas­tic busi­ness. We’re com­ing down the home stretch. Is there any one last thought you want to leave with every­one before we close out our interview?

George:         I just want to, I will. Secu­ri­ty should always be top of mind and the key thing is always ques­tion every­thing but more than that, we’re glad to work with every­one and espe­cial­ly with the key­stroke encryp­tion because the Inter­net is so woven into our lives today. Email is so woven into our lives.

Social net­work­ing web­sites and social net­work is so woven into our lives. You’re bound to click on some­thing by acci­dent. That’s not your fault. That’s nobody’s fault. Where peo­ple are at fault is if they don’t take the pre­cau­tions that they need.

We’re glad to work with peo­ple and put the key­stroke encryp­tion on every com­put­er in the world. That is the most impor­tant thing I can leave any­one with because that’s the only way that you’ll know that you’re data is safe, your fam­i­ly is safe, your cre­den­tials are safe, your mon­ey is safe. I leave off on that one.

Roy:               That’s fan­tas­tic. How will peo­ple get in touch with you if they want to reach you?

George:         Strike­Force, we’re over here at any­time. They can reach us at 732–661-9641 and our web­site is strikeforcetech.com and we’re glad to help every­one out.

Roy:   George, I real­ly appre­ci­ate, we appre­ci­ate you tak­ing the time. Def­i­nite­ly been an excit­ing call. Secu­ri­ty is a huge thing and you guys seem very well poised to get a big piece of that mar­ket, so thank you very much.

George:         OK. Thank you so much, Roy.

Roy:               Thank you.