VeriSign: seeking SSL dominance with GeoTrust buy

VeriSign plans to increase its dominance of the SSL certificate authority market with the $125 million cash acquisition of rival GeoTrust. VeriSign said the deal was spurred by the desire to acquire GeoTrust's 9,000-reseller channel. Others said it was a "fire sale" prompted by the imminent release of Internet Explorer 7, which could put the squeeze on the low-end of the SSL market.

VeriSign has entered into a definitive agreement to acquire GeoTrust.

GeoTrust is privately held, so its financials are not made public. Hoovers reckons the company had $11.2 million in revenue last year. The company has had at least $45 million invested in it by venture capital firms since 1998.

A VeriSign spokesperson said the main reason the company made the acquisition was due to the channel, and mentioned ISPs and domain name registrars as possible new opportunities.

It also means that VeriSign will take out its closest competitor. GeoTrust has spent the last several years eating away at VeriSign’s market share by selling SSL certificates quicker and cheaper.

It was not until early this year that VeriSign started mentioning GeoTrust in the risk factors section of its regulatory filings, a possible reflection of how successful GeoTrust has become.

VeriSign currently has 47.5% of the SSL market, compared to GeoTrust’s 26.6%, according to Netcraft. If the merger closes, VeriSign’s share would jump to over 74%, and its closest rival would be Comodo Group, with just 12.3%.

It’s not the first time VeriSign has acquired its closest SSL competitor. In 1999, the firm picked up Thawte Consulting, giving it something close to a monopoly. Geotrust, Comodo and Go Daddy have been chipping away at that market share ever since.

You can define the market another way, however. While VeriSign and Comodo sell so-called ‘high assurance’ certificates, GeoTrust’s main business is selling quicker, cheaper certs that do less validation of customers’ identities before issuance.

Comodo’s chief executive and chief security architect, Melih Abdulhayoglu, suggested that GeoTrust sold itself cheap because the low-assurance SSL cert market is about to start shrinking rapidly, due to changes Microsoft is making to Internet Explorer.

All the major certificate vendors and major browser makers are behind a standardization effort for high-assurance certs. The CA Forum, as it is informally known, will specify how cert buyers are authenticated.

Forthcoming releases of IE and Firefox will highlight when websites have high-assurance certs and are therefore considered more trustworthy. In IE7, the address bar will turn green when users visit sites with compliant high-assurance certs.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing