WISeKey S.A. - Annual Report 2009

Annual Report 2009

phot

o : G

eorg

e Jo

hns

/ A

lingh

i

© 2010 WISeKey S.A. 1

Summary

Company Presentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Board of Directors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Management Team . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

WISeKey’s Committees . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Executive Chairman’s Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

WISeKey Historical Milestones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

WISeKey S.A. Corporate Group Structure . . . . . . . . . . . . . . . . . . . . . . . 13

WISeKey Development Offices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

OISTE Empowered Trust Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

WISeKey Strategic Fundamentals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Examples of eID 2.0 and 3.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

What WISeKey Does . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

WISeAuthentic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Public Sector Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

WISeEvents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

WISeKey Online Trust Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

WISeKey Green Initiatives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

WISeKey R&D 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

WISeKey Global Partners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Microsoft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

WISeKey S.A. Annual Report 2009

© 2010 WISeKey S.A.2


WISeKey provides high security for communica-tions, identity and information, using a variety of technologies customized to meet each client’s security level requirement.

WISeKey is the leading global provider of se-curity, identity and trust solutions to companies, government and individuals.

Based in Geneva, Switzerland, WISeKey’s unique geopolitically neutral implementation of its solutions provides a secured communications platform.

Primarily using a Public Key Infrastructure (PKI) designed with Trusted Computing principles in mind and other complementary technologies that enhance security such as biometrics, USB tokens, smartcards and RFID tags (Radio Fre-quency ID), WISeKey is uniquely positioned as a company that uses specialized technologies to identify and authenticate people, organizations and devices over closed networks, physical in-frastructures and the internet for the provision of security, helping to transform the internet into a trusted channel for electronic transactions.

With global e-commerce bouncing secure data between cell phones, laptops and business sys-tems (e.g. bank wire transfers), WISeKey also develops and manufactures encryption and se-curity systems for e-mail software and personal electronic devices. WISeKey extends its appli-cation to projects such as but not limited to NIS (National Identity System), Passport, health card, student card, e-voting, e-registries (e.g. Land registry), and dematerialization of docu-ments, financial applications, telecommunica-tions, industries, legal…

WISeKey is a Swiss-domiciled Company that is backed by the OISTE foundation and partnered with international organizations, giving it a geo-political advantage that none of its competitors can match. The Swiss domesticity and the col-laboration with the foundation and international organizations to guard and manage its root keys gives WISeKey a unique trust model that has been accepted and adopted by leading interna-tional organizations, corporations and govern-ments worldwide.

Since its founding in 1999, WISeKey has deliv-ered projects in partnership with major IT com-panies, including Microsoft, VeriSign, Sun Micro-systems and Hewlett Packard. Through working with these major IT companies, WISeKey was able to determine which of these companies are most complimentary and able to bring value. Consequently it has entered global strategic partnerships with Microsoft and Hewlett Packard as its preferred partners. WISeKey has clients in various business sectors as well as government such as Hawaii and the Governments of Swit-zerland, Vietnam, China, Mauritius, Senegal and Angola to name a few. Some of the case studies, for security reasons, cannot be mentioned.

The Company has also established a respected profile among international trade groups, such as International Chamber of Commerce, UN Economic Commission for Europe, United Na-tionals Commission on International Trade Law, UN Industrial Development Organization, UN Conference on Trade and Development, Inter-national Trade Centre, International Organiza-tion for Migration and the Solidarity Fund.

WISeKey has since 1999 become the world’s most trusted e-security infrastructure and the leading global provider of PKI and security identity management trust services.

Company Presentation


Board of Directors

Carlos Moreira was during 15 years a United Nations expert on IT, eSecurity and Telecommunica-tions, working as expert for ILO, UN, UNCTAD, ITC/WTO, World Bank, UNDP, ESCAP. Internet Pioneer; Since 1999 Founder, Chairman and CEO of WISeKey

S.A. Founder and Secretary-General, OISTE.org Foundation which provides digital identification ser-vices and secure electronic transactions. Founding Member of the “Comité de Pilotage Project E-Vot-ing” of the Geneva Government, Switzerland. - Founding Member of the WorldEtrust.org MoU with the International Telecommunication Union. Found-er of the Geneva Security Forum SA, Member Global Clinton Initiative, Founding Member World Economic Forum New Champions. Member of the Business Advisory Board, International Organiza-tion for Migrations. Vice President Malaga Valley,

CoFounder Association International Mobility AIM. Vice President World Trade Center Geneva. Awards: Carlos Moreira was Nominated by Bilan.ch among the top 100 of Who’s Who of the Swiss Net Economy in 2002, Most Exciting R&D European Company at MERID 2005, Man of the Year, L’AGEFI, Switzerland (2007), Nomination as one of the World Economic Forum World Global Growth Companies in 2007. Nominations as a New Champion by the World Economic Forum in 2007, 2008 and 2009, member of the New York Fo-rum, Commitment holder at the Global Clinton Ini-tiative On Mobile-Banking, remittances, and digital identification for poverty alleviation 2007,2008 and 2009. Adjunct Professor of the Graduate School of Engineering Royal Melbourne Institute of Tech-nology from 1995 to 1998. Head of the Trade Ef-ficiency Lab at the Graduate School of Engineering at RMIT and the Electronic Commerce research project leader at the University of Minnesota.

Philippe DoubreVice President of the Board of Directors of Wisekey S.A. and Chairman of the Finance & Audit Committee

Carlos MoreiraFounder and Chairman of the Board

Mr. Doubre is a Swiss national who has held the position of President and Secretary Gener-al of the World Trade Centre Ge-neva since 1979. He was also Chairman of the World Trade Centre Association (WTCA) Committee on Information and

Communications. Permanent representative of the WTCA organizations to the UN in Geneva. Vice President of the Board and Chairman of the Audit & Finance Committee WISeKey. President of the OISTE Foundation. Prior to this position,

Mr. Doubre held several senior positions in the banking and finance industry including Vice Pres-ident and General Cashier of American Express Paris, General Manager Overseas Development Bank. Philippe Doubre has extensive experience and expertise with servicing international trade and determination of policies and new directions for facilitating international trade. He is a highly respected and well-recognized member of the international community as evidenced by his for-mer position of Vice President of the American Centre Geneva.

Dourgam Kummer Member of the Board and Member of the Finance Committee

Mr. Kummer graduated with mention in Company Manage-ment and Finance at “l’Ecole de Cadre” in 1988 in Lausanne. Mr. Kummer joined WISeKey S.A. in 2005 but became Mem-ber of the Board of Directors in 2003. He handles the entire

financial department of WISeKey S.A. since March 2005, as well as the company restruc-turation; General Management since June 2006. He obtained a degree on Structure Finance in 1998 and on Strategic Finance in 2006 at IMD. He is also a member of the IMD alumni since 1999. Member of the HEC alumni since 2001.


Board of Directors

Christopher WiseMember of the Board and Member of the Finance Committee

Mr. Wise founded a family hold-ing company investing in high technology and health projects in Europe and the United States. President of the Sevene Group (Pharmaceutical) of which the family Holding company is the major shareholder. After 8 years

of professional experience as an assistant direc-

tor with Burberry in New York, then as a busi-ness director in Paris, he was elected member of the Board of Directors and Director for Europe of the Burberry stores in Paris. He was also man-aging director of Rémy Cointreau subsidiaries in Europe (Spain, Austria, Eastern Europe, Swit-zerland, and Italy) for 7 years before his 3 year nomination in 1997 as a director of the Rémy Cointreau S.A.

Daniel Ybarra Member of the Board

Mr. Ybarra assumed his duties as Director of Corporate Com-munications since September 2000. His expertise comprises, among others, brand marketing, targeted PR and general com-munications. He is responsible for the worldwide strategy lead-

ership for the World Internet Security brand and in charge of the global brand management for WISeKey. Some of his achievements within the company were the organization of WiseWord 2000, Telecom 2003, WSIS 2003 and 2005. He

began his career in the United Nations. In 1986 joined the World Intellectual Property Organiza-tion (WIPO). He left this organization in June 2000 to join WISeKey. Additionally, he is a co-founder of the Abanico Foundation; an organi-zation focused on creativity and specialized in the creation of multidisciplinary and intercultural exchange projects. Furthermore, he is actively and pro-bono involved with major initiatives on Corporate Social Responsibility and Sustainable Development, such as ACT (Advertising Com-munity Together).

Juan Hernandez Zayas Member of the Board and Member of the Finance and Audit Committee

Mr. Hernández Zayas gradu-ated in Economics and Busi-ness Administration in Bilbao in 1987, and obtained an MBO at the LSFT (London). In 1989 he joined the Audit and Corporate division of PriceWaterhouseC-oopers. He spent 7 years at

PWC specializing in corporate finance, mergers and takeovers, working with large companies and multinationals as well as important family groups. He is a member of the ROAC (The offi-cial Spanish College of Chartered Accountants). In 1995 he moved to the Eguizabal-Paternina Group, one of Spain’s leading wine producers,

as Director of Affiliates, responsible for national and international expansion and coordinating the Group’s IPO in 1998. In 2001 Mr. Hernández Za-yas was appointed CEO of the Cosimet-Velasco Group, playing a major part in the Company’s diversification strategy and in the consolidation of a large industrial holding, with companies in-volved in several sectors, including, steel, real estate, construction and services. In recent years, Mr. Hernández Zayas has been heading the development of an important division of new techs and renewable energy companies. He is on the board of many companies, taking an ac-tive role in several strategic committees.


Carlos Moreira Founder and Chief Executive OfficerCarlos Moreira was during 15 years a United Nations expert on IT, eSecurity and Tele-communications, working as expert for ILO, UN, UNCTAD, ITC/WTO, World Bank, UNDP, ESCAP. Internet Pioneer; Since 1999 Founder, Chairman and CEO of WISeKey S.A. Founder and Secretary-General, OISTE.org Foundation which provides digital identification services and secure electronic transactions. Founding Member of the “Comité de Pilotage

Project E-Voting” of the Geneva Government, Switzerland. - Founding Member of the WorldEtrust.org MoU with the International Telecommunication Union. Founder of the Geneva Security Forum SA, Member Global Clinton Initiative, Founding Member World Economic Forum New Champions. Member of the Busi-ness Advisory Board, International Organization for Migrations. Vice President Malaga Valley, CoFound-er Association International Mobility AIM. Vice President World Trade Center Geneva. Awards: Carlos Moreira was Nominated by Bilan.ch among the top 100 of Who’s Who of the Swiss Net Economy in 2002, Most Exciting R&D European Company at MERID 2005, Man of the Year, L’AGEFI, Switzerland (2007), Nomination as one of the World Economic Forum World Global Growth Companies in 2007. Nominations as a New Champion by the World Economic Forum in 2007, 2008 and 2009, member of the New York Forum, Commitment holder at the Global Clinton Initiative On Mobile-Banking, remittances, and digital identification for poverty alleviation 2007,2008 and 2009. Adjunct Professor of the Graduate School of Engineering Royal Melbourne Institute of Technology from 1995 to 1998. Head of the Trade Efficiency Lab at the Graduate School of Engineering at RMIT and the Electronic Commerce research project leader at the University of Minnesota.

Dourgam Kummer Chief Operations Officer and Chief Financial OfficerMr. Kummer graduated with mention in Company Management and Finance at “l’Ecole de Cadre” in 1988 in Lausanne. Mr. Kummer joined WISeKey S.A. in 2005 but became Member of the Board of Directors in 2003. He handles the entire financial department of WISeKey S.A. since March 2005, as well as the company restructuration; General Management since June 2006. He obtained a degree on Structure Finance in 1998 and

on Strategic Finance in 2006 at IMD. He is also a member of the IMD alumni since 1999. Member of the HEC alumni since 2001.

Juan Avellan Deputy CEO and VP Public Sector Mr. Avellan obtained his specialization in the field of information technology and law through PhD level research on the global evolution on the laws of electronic signatures at the world renowned Information Technology Law Unit at the Queen Mary College of the University of London. Since joining WISeKey in the year 2000, Mr. Avellan has worked on a number of areas as head of legal affairs and as a member of the manage-

ment that have been key to the evolution of the company. Such areas cover WISeKey’s unique trust model, strategy, corporate affairs, product development, project implementation (in the banking, gov-ernment, health, digital media and other sectors), and the execution of several high profile projects for governments and in the private sector. Mr. Avellan has widely represented the company in seminars, conferences, and high level meetings including task forces and working groups that include UNCITRAL and the G8 Cyber-security working group. His academic work includes several publications in interna-tional and specialized journals as well as forming part of the core research team working for the Euro-pean Commission on the electronic signature and electronic commerce Directives.

Management Team


Daniel Ybarra VP WISeEvents and Corporate CommunicationsMr. Ybarra assumed his duties as Director of Corporate Communications since Sep-tember 2000. His expertise comprises, among others, brand marketing, targeted PR and general communications. He is responsible for the worldwide strategy leadership for the World Internet Security brand and in charge of the global brand management for WISeKey. Some of his achievements within the company were the organization of

WiseWord 2000, Telecom 2003, WSIS 2003 and 2005. He began his career in the United Nations. In 1986 joined the World Intellectual Property Organization (WIPO). He left this organization in June 2000 to join WISeKey. Additionally, he is a co-founder of the Abanico Foundation; an organization focused on creativity and specialized in the creation of multidisciplinary and intercultural exchange projects. Fur-thermore, he is actively and pro-bono involved with major initiatives on Corporate Social Responsibility and Sustainable Development, such as ACT (Advertising Community Together).

Kevin Blackman VP Product Management and Chief Technical OfficerMr. Blackman leads WISeKey technology research and development activities. As CTO he is focused on leading the group that researches, develops and designs next-gener-ation hardware and software technologies for delivering leading platforms and products to customers worldwide. Prior to joining WISeKey, he was project manager of a govern-ment Science, Technology and Innovation Park project. During his career he has partici-

pated in multipartite research work for securing high worth transactions, in conjunction with representa-tives of other States in ASPAC, and North America; and as a team member in several national projects. Mr. Blackman is a Certified Information Systems Security Professional, with ISSAP (Architecture) and ISSMP (Management) credentials, and received a Bachelor of Science degree in Electrical and Com-puter Engineering from the University of the West Indies, Trinidad W.I.

Carlos MorenoVP Business Development WISeAuthenticMr. Moreno has more than 18 years experience in Sales Engineering, Sales Manage-ment and Business Development. He has acquired extensive experience throughout his career by working in strategic projects for both national and multinational companies in the financial and industrial sectors. Along his career, he gathered strong duties in people management, sales coaching, market analysis, establishment and implementa-

tion of account plans. He contributed in designing adequate solutions & architectures, taking into consid-eration needs and budgets. He addressed several projects related to infrastructures, Data, Applications, security, and Identity Management. His negotiation skills on high level instances for complex selling processes related to new technologies permitted Mr. Moreno to achieve excellent sales performance and customer satisfaction. His vision and creativity have contributed to the evolution of the products, as well as the progression of his team and colleagues. His role in WISeKey further commercial relationship with strategic customers also includes responsibility for market analysis and go-to-market strategies.

Management Team


Jérôme DarbellayChief Research/Strategy OfficerMr. Darbellay has in-depth experience in all aspects of the transactional Internet. He has worked for more than six years in the Swiss finance sector, as a team leader and project manager, for the implementation of Internet based banking systems (UBP, Syz Bank, CBES). He has developed real-time data solutions for the Internet and content management systems before such solutions were available on the market. He has con-

ducted Internet development strategy trainings in the financing field, as well as e-business strategy and security trainings. He joins the WISeKey team in 2001, enthused by its long term global vision as well as its dynamism in the e-government field. One of his most recent realizations is the conception and the technical development of an anti-counterfeiting solution for the Luxury Industry branded as WISeAuthentic. He also lead the development of an eVoting solution for illiterates and disabled people, presented at the WSIS by the State of Geneva, using biometrics and voice recognition. By the conjunc-tion of his numerous experiences and his knowledge of specific matters in varied fields of activities, he is an expert in digital strategy through multiple angles: functional, organizational, technical and financial.

Peter WardFinance DirectorMr. Ward is a Chartered Management Accountant with significant international experi-ence in the IT, FMCG, Retail/Distribution, Medical Equipment and Plastics industries, having worked in companies such as ITT, General Electric and Iomega, both in Field & H.Q. locations. He has operated for many years at Executive Staff (Board) level in International, multi-cultural environments. He has in depth experience in Change Man-

agement, Process Improvement, Business Integration & Restructuring as well as extensive knowledge of International Tax, Statutory and US GAAP reporting and Sarbanes-Oxley requirements. He has a B.A. (Hons) degree in Business Administration from Wolverhampton University, U.K.

Management Team


Finance and Audit Committee:Philippe DoubrePresident of the Finance and Audit Committee, Member of the Board and Vice President of WISeKey S.A.

Dourgam KummerMember of the Board and COO/CFO of WISeKey S.A.

Christopher WiseMember of the board of WISeKey S.A.

Juan Hernandez ZayasMember of the Board of WISeKey S.A.

Strategy Committee:Mario GarneroChairman, Brasilinvest Group, Brazil

Leonard SchrankFormer CEO, SWIFT, Belgium

Carlos EsteveCEO, Heritage Bank & Trust S.A., Switzerland

Fernando Chico PardoFounder and President of Promecap, S.C. , Mexico

Carlos MoreiraFounder, Chairman of the Board and CEO, WISeKey, Switzerland

Eric PellatonCo-Founder and Former Chairman, Ismeca, Switzerland

Douglas A. HurstManaging Director, SMH Capital, USA

Martial ChailletFounder & Partner, Mediawin Partners, Switzerland

WISeKey’s Committees


Executive Chairman’s Message

Dear Shareholders,

2009 was an important year for WISeKey as we managed to continue our expansion in PKI 1, ID 2 and ID 3. Despite the financial crisis and the economic slowdown across the globe, WISeKey continued on a path of growth in 2009 showing a considerable degree of resilience. As WISeKey celebrates its 10th anniversary this year, our role as a trusted business and high-end technology partner is becoming increasingly important as our customers focus on future investments that drive profitability, productivity, return on invest-ment, and cost savings.

Under economic conditions that continue to make our environment a challenging one, we have delivered another successful year, at the same time refocusing the company while de-veloping new areas such as anti-counterfeiting with signed contracts in 2009 for the value of CHF 5.5 million. We are pleased to have signed contracts with prestigious brands as significant customers for our proprietary technology and for our patent-pending technology in new areas re-lated to the anti-counterfeiting market.

WISeKey started the year by closing a CHF 5.0 million very high profile deal with Hublot with a new technology that has the potential to revolutionize the anti-counterfeiting market and become of the largest revenue generator for WISeKey in 2009 and 2010. At the Basel Watch and Jewellery Show, Hublot and WISeKey an-nounced a world “first” in the fight against imita-tions. Hublot joined forces with WISeKey with a view to taking radical steps to identify its watch-es electronically. With our technology Hublot watches are protected by a SmartCard, proving their identity and origin. This innovative solution represents a decisive step in the fight against the counterfeit trade. The idea consists of creat-ing an electronic guarantee certificate, which not only contains the watch identity code, but also enables privileged access to a reserved space on the Hublot web site. Both Hublot sales out-lets and clients will be able to use the SmartCard to check instantly via the Internet if the watch is genuine. During 2009 several other companies including LVMH contacted WISeKey with inter-

est to expand this technology to other luxury brands within their Group.

In order to cope with this unprecedented de-mand for WISeKey technology in a new sector, we raised a total of CHF 13.5 million during 2009 as an initial investment for our Mezzanine equity/pre-IPO round with a better financial position than most of our foreign competitors. Our investment resulted in many new products, a new platform with the name CertifyID Trust Center 2010, a new Social network developed for our Alinghi 2010 project with the name HighTrusted.com to be launched during the next Americas Cup, as well as a strong channel of new mass market products and systems for 2010 with many potential leads and great projects ahead. In addition to the anti-counterfeiting contracts, WISeKey closed deals with Microsoft for its new generation semantic validation system which leverages the Web 2.0 functionalities and goes further by taking Citizen services into Web 3.0 interactions. Essentially, citizens can access and transact online with dif-ferent logon mechanisms.

During this year WISeKey affiliates are now in the process of being established in China, India, Rus-sia, UAE and Brazil in cooperation with local ser-vice providers operating at national level, that are nodes for the deployment of trusted communities online. These affiliates use WISeKey’s standards-based technology, products, operating practices and trusted security infrastructures to deliver glob-ally interoperable trust services over the Internet. In essence, it is like the GSM standard for identity and trust online. WISeKey has entered the mass market with a solution that has universal appeal distributed by a global network of trusted affiliates. By combining their national expertise, powerful brands and strong customer relationships with our Trusted Security technologies and services, we are well positioned to enable a wide range of trust-ed secure services and interactions on a global basis. Our network of global trusted affiliates now includes one of the most attractive affiliated net-works on the Internet including government agen-cies, leading national telecommunications compa-nies and e-commerce service providers.


Executive Chairman’s Message

WISeKey’s key stakeholders – customers, affili-ates, partners, employees, and shareholders – remain at the center of our strategy. 2009 reflect-ed our passionate focus on the needs of our key stakeholders, during a time of industry recovery and growth. Our role as a trusted business and technology partner is becoming increasingly im-portant as our customers focus on future invest-ments that drive profitability, productivity, return on investment, and cost savings.

WISeKey has also become a major force in the international community with many high level awards during 2009 as Full Member of the Clin-ton Global Initiative, Founding Member of the Geneva Security Forum, founding member of the New Champions from the World Economic Forum and strategic partner and security provid-er for many international organizations such as IOM, DvD, WEF, WTO, UN, ITU, ICC, etc.

WISeKey’s strategy has included an intense fo-cus on converting the company into an essential player in this space, catching market transitions, developing our affiliate network, and listening more and more to our customers. We helped build the foundation of the Secure Internet by building the trusted mechanism and technolo-gies that fuelled it, and we believe that the best is yet to come in terms of increases in secure productivity and secure interactions that can be created with technology innovation from compa-nies such as WISeKey.

At the end of 2009 WISeKey managed to close a very important agreement with Alinghi and become one of the two main Sponsors of the Alinghi Team with our partner Hublot. We were nominated by Alinghi as the sole provider of se-curity software and services to the high tech sail-ing syndicate, Alinghi, as it prepared to defend its trophy against the challenger BMW Oracle for the 33rd America’s Cup in 2010. WISeKey developed during 2009 state of the art digital security systems to protect Alinghi’s operations and sailing technology during the entire event. The range of services include securing and host-ing the team’s website, creating and distributing biometric-protected electronic tokens to secure Alinghi operational and sailing communications on site, and digital signature certificates to elimi-nate environmental waste for the syndicate’s transactions and facilities. WISeKey also pro-vides secure accreditation devices for all Alinghi facilities, including electronic identity credentials and USB data storage security tokens. This tech-nology will subsequently be used for other high profile events such as FIFA, the Olympic Games and major sport events from 2010 onward.

We are confident that WISeKey is a company that is built to last, and on behalf of our Board of Directors I would like to invite you all to our 2009 Ordinary General Assembly.

Carlos Moreira


WISeKey has evolved it’s technology platform since 1999 enabling it to meet the challenges and needs of the market and proving it’s capacity to meet those needs with very important reference projects, some of which are indicated in the diagram below. We are now on the verge of taking the experience of the almost 9 years to the next level by consolidating the experiences, technology and positioning them squarely in dynamics of the Web2.0 and 3.0 world, which means taking the core of our products and offering solutions focused on adding a semantic and cloud-based services layer to everything we do.

Here are some milestone projects that mark the historical evolution of the company:

WISeKey Historical Milestones

Intelligent cities / access control

DestiNY USABiometrics, PKI, DRM, Physical &

Logical SecurityHigh Security Data Centers

National Identity

Systems NIS

partnership

Microsoft, HP, WISeKey

ID cards, drivers permits,

passports…

WISeEvents

Alinghi, Publicis

Technology Platform

HighTrusted .com

The Identity Convergence

Platform

CertifyID SuiteTrust Service

Validation Solutions

Signing Solutions TrustEcoSystem

Digital Document

Signing Services

Customised Identity & Security

Solutions

eVoting Solutions

Bronze Box (RA System)

Unicert Gold CA Platform

(HP)

eID 3.0Advertising Social Netw.

& Communities Transactions

e-Money Content Management

e-VotingFirst ever

binding Internet Vote

Biometric enabled PKI evoting for

Blind

Object eIDs

WISeAuthenticSecuring objects (silicon,

luxury goods, materials)

Device & Content

ProtectionSecure Video

Processor Alliance

Digital TV Apps

ProtectionSecuring the Digital Video Broadcasting Infrastructure

Standards bodies -

Developing CountriesDeploying

infrastructure with the ITU

2009

2007

2005

2003

2001

1999


WISeKey S.A. is an independent Company with the following established subsidiaries :

Switzerland

W I S e K e y S u i s s e S . A .

W I S e K e yF r a n c e S A S

W I S e K e yU K L t d .

W I S e K e yP S A D

W I S e K e y P r o f e s s i o n a l

S e r v i c e s S a r l

W I S e K e yE L A S L

W I S e K e yU S A i n c .

France Bulgaria United Kingdom Lebanon

W I S E K E Y S . A .

Spain United States

Global BulgariaMacedonia

SerbiaCroatiaUkraine

SpainArgentina

BelizeBoliviaBrazilChile

ColombiaCosta Rica

EcuardoEl SalvadorGuatemalaHonduras

MexicoNicaraguaPanama

ParaguayPeru

Dominican RepUruguay

Venezuela

United Kingdom

Scotland

Ireland

North America Middle EastFrench speakingworld

WISeKey S.A. Corporate Group Structure


Global reach through local trustWISeKey’s subsidiary deployment program en-ables the development of trusted digital identity services and expands the use of secure elec-tronic communications worldwide.

This program allows them to sell value added solutions and services targeting their territorial customer.

Knowledge of the local market combined with superior products and support from head office provides efficient localized solutions. Localized client relationships with a proactive global com-munication channel and market research will en-sure subsidiary venture success.

Additionally, WISeKey has development teams in Bangkok (Thailand), in Bangalore (India) and in Hanoi (Vietnam).

G e n e v a

CSP

B i l b a oM a d r i d

B a r c e l o n a B a n g k o k

Web Design

S o f i a

Global Web Platform

B a n g a l o r e

PKI

Trusted Services

H a n o i

PKI

Trusted Services

VietnamSwitzerland Spain Thailand IndiaBulgaria

WISeKey Development Offices

WISeKey’s Global ReachThrough our partner network and their networks of partners such as Microsoft, WISeKey is able to sell, implement and support projects virtually anywhere in the world, as we have done in places such as Kuwait, Peru, Venezuela, Saudi Arabia, Vietnam, and Angola. Currently, partners with whom we have a direct relationship are located in all regions of the world: most EU Member States and Eastern Europe, Mexico, Brazil, Uruguay, Saudi Arabia, UAE, Kuwait, South Africa, Macedonia, Canada, Peru, Venezu-ela, the USA, Colombia, and Australia, among others.


OISTE Empowered Trust Model

Unique Extended Trust Service value

• Replication in the digital world of what exists and works in the real-world (i.e. Passport or Identity issuance and use);

• Incorporation of Domain Constraint measures for the development of trust in a community (e.g. only Microsoft will be able to issue a certificate to: [email protected]);

• Corporate autonomy: Control of your own infrastructure, you can have a managed services or you can outsource the infrastructure for later migration to your environment;

• The privacy: You control of your own ID database and life-cycle management of identities;

• Development of a trust Community over time.

Effective Authentication = TRUSTTrust in the digital world is a fundamental ele-ment enabled by WISeKey in conjunction with the unprecedented OISTE relationship which is focused around the axis of security, neutrality and political know-how.

OISTE “Organisation Internationale pour la Sé-curité de Transactions Electroniques” or ISETO “International Organization for the Security of Electronic Transactions” www.oiste.org, was founded in 1998 in Geneva, Switzerland. OISTE was the first international not for profit organi-zation in the world, certified by an independent audit, to create a neutral Cryptographic root in close collaboration with the International Tele-communication Union (ITU), the body owning the X509 standard.

WISeKey solutions utilize strong authentication mechanisms, delivered by secure and reliable infrastructures, such as one time passwords, password devices, smartcards, tokens and biometric recognition systems. WISeKey has

developed policies and pro-cedures that form part

of the CertifyID of-fering and based

on OISTE prac-tices to establish absolute trust at technological and legal levels.

Public Key Infrastructure (PKI) technologies are core components of solutions provided, to en-able trust between entities, previously unknown to one another, over electronic communications, including the Internet. PKI has become the ac-cepted technological standard that facilitates confidentiality and data integrity for transactions non-repudiation.

WISeKey solutions are aimed at organizations requiring a higher layer of security including Government, Finance and Defense. WISeKey, with its inherent location (Switzerland) and insti-tutional and policy framework, facilitated by the OISTE relationship, is uniquely positioned to un-dertake projects requiring high levels of authen-tication and security.

WISeKey solutions spearheaded by the flagship product CertifyID enable organizations to rapidly deploy a cost effective infrastructure to issue and manage Electronic Identities (eIDs) within their own environment or outsourced, utilizing the WISeKey infrastructure, without compromis-ing trust.

eIDs provided by the CertifyID product family can be used for various applications such as e-government, e-business and online payments, to more sophisticated integrated projects requir-ing strong credentials such as physical & logical access control.


Relationship with OISTEWISeKey’s relationship with OISTE was initiated shortly after its inception, to become the Global common Root Key operator for the non profit foundation. OISTE was formed for the primary purpose of aiding worldwide secure, trusted and reliable communications, governed by the article 80 et se. of the Swiss Civil Code. This aims to promote trust, security and confidence, being the base elements for supporting sustainable growth and development of the global Internet community.

The following diagram provides a succinct view of the OISTE trust model which in essence, con-stitutes an interoperable but decentralized gov-ernance structure.

Primary OISTE objectives include:

• Adoption, use and promotion of international standards for secure electronic transactions;

• Promotion and establishment of secure Internet for everyone, including disadvantaged communities;

• Ensuring the interoperability of electronic identity and e-transaction systems;

• Provision of global security infrastructures for Identity Management and e-transactions for interna-tional organizations, both in the public and private space.

Case study: Digital Mediterranean SpaceWISeMed a strategic importanceWISeMed responds to the strategic importance that the EU gives to Mediterranean economies and the challenges these regions have to cope with today, in particular the increasing digital and cultural divides. As part of its WISeCities approach, it is launching a project in the Mediterranean region through a platform that provides tools for collaboration that address regional governance requirements to en-hance communications or interactions between Mediterranean economies and reduce the gap between expectations and currently available ICT services.

The “Mediterranean Citizen” is one of the most ambitious projects of the Digital Mediterranean Space Summit: to create a community of 150 million citizens online. The “I am Mediterranean” Project will pro-vide access to all citizens of the region from its hub in Malaga to a wide variety of citizen services with a view to promoting the millennial common identity and culture. Cities from all over the Mediterranean can join this initiative and establish citizen services platforms locally that are interoperable across the region. It is kicking off with some 300 people linked up, of whom 60 or so are mayors from towns and cities around the Mediterranean. Their desire being that their communities can be compatible with this infra-structure and move into the future of remote commerce. The target is to help around 100 million people from 25 countries in the area. Film star Antonio Banderas is the flagship member, leading the region into this new community.

OISTE Empowered Trust Model

WISeKey S.A.

Operator

Policy ApprovalAuthority

IndependentAuditor

Annual Audit

Swiss FederalGovernment

SupervisoryAuthority

Country A Country B Country C Country D

NAT

ION

AL S

OVE

REI

GN

TYG

OV

ER

NA

NC

E

Relationship with OISTE


ContextInformation security is a domain with lots of solutions that are widely deployed and used. Yet, a number of challenges still remain unresolved or require complex solutions that are incompatible with widespread applications or counterparties. Given the ease of storing, distributing, and sharing information, users, corporations and public organizations are still in search for non-complex and interoperable solutions:• to protect against data leakage while sharing data through the web and intranets;• to seal information against unintended readers;• to distinguish forgeries from authentic sources.

Given the ease of creating accounts, web addresses and identities in general, these same users, corpo-rations and public organizations are also in search for non-complex and interoperable solutions:• to protect against identity theft while buying and paying on the web;• to maintain privacy while voting and contributing content on the web;• to make people accountable on the web.

Protection of information and privacy as well as making individuals and trade partners accountable for their actions requires “secure digital identities.”

The industry and public authorities have come to the conclusion that consumers and citizens do not want to be tagged with a “single universal identity.” In fact, someone can be given an identity only when the identity is associated with its context.

For example, in the context of employment, a person may have a personnel file, a CV and an employee number. In the context of filing tax declarations, he may be known as an accountant, accredited by the institute of accounts and mandated to file someone’s tax duties. In the context of auctions, the person may be known as a seller and buyer with a certain track record and payment details. In the context of travel, the person may be known as a frequent traveler with air miles accounts and seating preferences.

A digital identity is thus not universal but is assigned and maintained within a certain context, in fact within a certain “community.”

WISeKey introduces the concept of a “secure digital identity” to be a digital identity that:• is assigned and maintained within a community;• is attributed to an individual in an unforgeable way;• respects the privacy of the individual;• can be managed in a manner that balances privacy with broader security interests (e.g. national security).

Trust is a relationship of reliance between two entities and evolves over time. When one entity puts trust in another, they are confident that the second will and can take up his responsibilities, they have faith. Trust is generally built within the same context as the identity. For example, the employee may be trusted as a solid worker, a good performer and unlikely to commit fraud. The accountant may be trusted as filing correct tax declarations that won’t lead to detailed investigations. The auctioneer may be trusted to sell unfaulty goods and to pay promptly for received goods. The traveler may be trusted as flying often with the same airline and causing little trouble to flight crews.

Digital trust is thus not universal and is built within a certain context, within a certain community. It is the entry conditions to that community (eg. exams) combined with the track record of operating within the community that builds trust in an individual.

WISeKey Strategic Fundamentals


MissionThe mission statement of WISeKey S.A. was redefined during 2007 and is the following:

“Enabling mass-use of trusted secure digital identities in everyday life”.

As an independent organization, WISeKey provides the means to deploy and use secure digital iden-tities for almost every type of community, ranging from employees and consumers to bloggers and auctioneers and to products and assets. WISeKey’s solutions implement and support secure digital identities that:

• can be assigned and maintained within a community;

• can be attributed to an individual in an unforgeable way;

• respect the privacy of individuals.

In addition, WISeKey provides non-complex and interoperable solutions that leverage secure digital identities. While maintaining operational efficiency, WISeKey’s solutions reduce the risks of using digital identities and relying on digital identities and enable organizations, corporations and communities:

• to protect against data leakage and to seal information against unintended readers;

• to distinguish forgeries from authentic documents;

• to protect against identity theft while also protecting against fraud;

• to make people accountable on the web while maintaining their privacy;

• etc.

VisionWith the following mid-term vision WISeKey intends to implement its reason to exist:

“Be embedded in digital identity processes, infrastructures and devices and become the global provider of this technology”.

The longer term vision of WISeKey intends to implement its reason to exist:

“Move from PKI 1.0 to eID 2.0 and 3.0, massively rolling-out secure digital identities”

PKI 1.0 assumes that trust is built solely through a registration process and that the PKI will initiate, proliferate and maintain this trust in its own, dedicated and isolated environment.

As such, PKI 1.0 generally leads to a complex infrastructure of local and central registration authori-ties, a hierarchy of certificate authorities, sophisticated hardware security modules, a web of validation servers and blacklist distribution points and a set of secure protocols between them. PKI 1.0 is being perceived not only as very complex and cumbersome but also as very hierarchical ignoring existing relationships, business rules and traditional ways of building up trust. In fact, the complex infrastructure serves no other purpose than maintaining the initial registration trust and cannot be used for business purposes. As such, most business models for PKI 1.0 are based on a pay-once only.



To stop the escalating complexity of PKI 1.0 and to massively deploy secure digital identities within a more appealing business model, WISeKey introduces the concept of eID 2.0 and eID 3.0 Even though eID 2.0 and 3.0 uses PKI 1.0 technology (X.509v3 certificates and browser-ready root certificates), it no longer assumes a separate hierarchy of trust and does not impose a trust model onto existing busi-nesses and communities. eID 2.0 and 3.0 is a bottom-up model whereby trust is built and maintained by integrating nicely with existing relationships, business rules and communities.

Compared to PKI 1.0, the value proposition of eID 2.0 and 3.0 is that it:

• facilitates business models based on pay-per-use rather than pay-once;

• enables digital identities to be assigned following the subscription rules of a community;

• enables anonymity of individuals, yet keeping their accountability;

• enables the association of secure IDs with innovative business models such as those related to advertising-based revenue.

ValuesThe key characteristics WISeKey builds on are:

• The WISeKey-OISTE Trust Model allows root certification whereby technically the certificates will be recognized by today’s office applications (browsers and e-mail systems);

• The WISeKey-OISTE Trust Model allows root certification with a governance model that ensures independence of political forces and capital and other forces that are generally difficult to control;

• The WISeKey product suites are designed to meet the most stringent PKI 1.0 needs, including prov-ability, auditability and security of the PKI processes;

• The WISeKey product suites are designed to reduce complexity and to maximize compatibility and integration capabilities. Hence, the products are aimed at reducing cost so as to enable mass roll-out;

• Global reach: Together with important partners such as ITU, the leading United Nations agency for information and communication technologies, and other organizations and multinational companies, WISeKey already promotes the deployment of trusted security services in 188 countries and aspires to reach much more.



eID 2.0 and 3.0 Vision in e-CommerceCustomers shop online because they find it convenient, increasing their choice and helping them to hunt for lower prices. Retailers on the other hand sell online to reach more customers, to sell around the clock and to increase their operations, efficiency and overall competitive advantage. Fear of fraud, privacy and security concerns and lack of trust in on-line shopping, however, are acting as a drag on the growth of internet shopping.

Figure 1. Value and concerns for consumers to chose an electronic payment instrument (Source: EC DG MARKT)

Privacy17%

No Id Merchant

5% Other3%

Refund Worries

16%

Insufficient Info 4%

Fraud25%

Security30%

Confidence11%

Other2%

Convenience46%

Speed41%

Consumer's benefits of EPIs Consumer's concerns with EPIs

There are various examples of mature industries shaken up by new entrants. Industries subject-ed to “disruptive attackers” range broadly from steel rods to software operating systems to retail banking. These disruptors often have structural advantages that address a valuable, unmet need or compete by offering fewer features for a lower price. There are also many examples of com-panies that correctly perceive such threats, yet still spend millions on strategies that fail in spec-tacular fashion. We believe a very potent form of disruption is the innovation that can change the competitive framework itself. These innova-tions are often missed or discounted by indus-try leaders until it’s too late. We’ve seen this in software, technology and telecommunications: a new player gains a foothold in an undemand-ing segment, learns and improves capabilities, moves up market without competitive response from incumbents and ultimately turns the indus-try on its head.

eID 2.0 and 3.0 will be an enabler for smart companies (start-ups or established) to disrupt

their market. One of the opportunities enabled by WISeKey’s approach is to protect privacy and authenticity while allowing mass deployment and the exploitation the “community effect”.

This way, consumers can build up trust through their paying track record. In addition, they have the potential to remain anonymous to all par-ties except the registering bank. And last but not least, it allows the consumer to use his (anony-mous but unique) identity to join clubs or com-munities with similar interests, such as user groups, support forums, like-minded bloggers, like-interested consumers etc.

In identifying new opportunities, WISeKey has focused on existing business models that in-volve mass transaction flows and where some notion of identity is already introduced. Further-more, WISeKey has set its eye on domains with high market potential for technology solutions that offer improved security and/or privacy for the transactions together with an improved cus-tomer experience.

Examples of eID 2.0 and 3.0


WISeKey’s eID2.0 and 3.0 Vision in EntertainmentEvents such as the America’s Cup involve enormous investment so there would be huge repercussions if sensitive information leaves a secure area. The challenge of keeping data secure was made more difficult by the sheer scale of information being passed between various elements of the Alinghi team, partners such as the Swiss Federal Institute of Technology in Lausanne, sponsors and supporters. Alin-ghi therefore decided to employ WISeKey to stop vital data getting into the wrong hands as the team prepared for the America’s Cup in Valencia, Spain.

Customer Merchant Check out Service

Bank / Credit Card Companies / Paypal / etc

Secure Digital ID

SSL

WISeKey Account

Credit Card Information- credit card number- expiry date- CVC codePaypal AccountBank InformationEtc.

Figure 2. Flow of data when using an online shopping account.


Many of these concerns can be removed by using so-called shopping accounts. A shopping account introduces a layer of defense: first the account is created in a trusted environment. With the creation, the consumer provides his personal and payment details such as name, address, credit card. Once cre-ated, these details no longer need to be transmitted via the net. Moreover, the details do not need to be provided to the merchant’s website and hence cannot be stolen.

An online shopping account whereby a repository of information is maintained containing: • Name of the credit card holder;

• Number of the credit card, Expiry date, CVV code, etc.

This information can be maintained for more credit cards or can contain banking information or PayPal (or alike) account numbers and passwords. In case a consumer buys a product online and gets referred to the check out service, the consumer only has to select the payment method, enter his online shopping account and authorize the use of the information behind the account with a secure digital ID. The rest will be taken care of by the check out service. The flow would be as mentioned below.

The advantages for the consumer are clear: he no longer needs to transmit personal details to less-trusted websites. The advantage for the merchants is that a buying history and payment track record of the consumer can be built. This not only allows a better evaluation of the purchase risk, it also allows much more targeted marketing to the consumer. PKI Plus may well be a significant enabler for the “shop-ping account” because of its inherent security mechanisms.


Entertainment is a particularly interesting industry for eID 2.0 and 3.0:

• Protecting copyright The content providers (owners and distributors) want their copyrights be honoured in relation to the

use. They therefore want the content to be protected. Digital content may be protected using Digital Rights Management Techniques, Real-life content (such as events, contests and performances) may be protected using anti-forgery techniques. Both techniques may benefit from appropriate consumer identification techniques.

• Protecting privacy Even though they can accept that content providers want to protect their copyrights, the content

consumers (viewers/listeners of digital content or visitors of an event) wish to preserve their privacy. Not only producing but also consuming entertainment content has become unique form of express-ing one’s personality. As such, consumers do not want to be known as consuming certain types of entertainment.

• Enjoying communities Because consuming entertainment content is a form of expressing one’s personality, enjoying enter-

tainment together with like-minded people has proven to be the single most important reason why live sports events and cinema projections are still major entertainment forms, despite the increased sophistication and proliferation of home-based video technology.

• Exploiting communities Not only consumers enjoy this community effect of entertainment; also the content providers have

learned to track consumer behavior for extremely targeted marketing. As such, Amazon tries to pre-dict what other products a consumer may want to buy by tracking what other consumers have bought.

CustomerTicket

BrockerEvent

SSL

Secure Digital ID Smartcard Figure 3. Flow of data when using a WISeKey account for

entertainment purposes

In this model, the advantages for the customer as well as the event organizer and ticket broker are clear: The customer goes to the website of the ticket broker and selects the event he would like to visit. He reg-isters with his ‘WISeKey’ smart card or account number and pays. When visiting the event, he just has to swipe his WISeKey smart card and can enter the event. The customer is sure he can always enter the event, the ticket broker should not send the paper tickets and the Event organizer is sure that a personal smart card will not be sold on the black market. Of course, this setup can be used as well for online en-tertainment as for instance download music etc. This flow can be integrated with the e-commerce flow.



Over the years, WISeKey has evolved through 3 layers: Infrastructure - Applications - Solutions. Although we continue to offer to the market all three layers, we are increas-ingly focusing on solutions as a way of addressing the needs of our customers.

As the diagram indicates, the solution areas mirror the 4 vertical segments the company focuses on but because of the modular approach we take to our Data Governance Applications and Services, we can easily expand our focus to other vertical segments without it representing a complete shift in the company’s strategy.

In our core, what we’re about is described in the titles to the Data Governance and Application Services Layer. We help people and organizations (1) Identify People and Objects; (2) Approve Data; (3) Com-municate Securely; (4) Access Securely; and (5) Archive Securely.

With these core building blocks, WISeKey is able to support virtually anybody to ensure trust and secu-rity for their participation and transactions in the online world.

What WISeKey Does

• Anti-counterfeiting solution for luxury goods• Integration for supply chain security• Integration for Innovative Online Marketing

WiseAuthentic Public SectorSolutions

WISeEvents Online TrustServices

• Identity Platforms & Infrastructures• Identity Systems Convergence• Digital Administration e-Compliance• Next-Generation Data Sovereignty • e-Voting & e-Polling

• The Digital Fun Club• Event Registration• Event Badging• Online Event Platform• VIP Event Social Networking• New Technologies Integration• e-Voting & e-Polling

• Identity Semantics Suite• WISeArchiving• SSL Certificates• HighTrusted Social Networks• Professional Services

• Issue• Manage• Validatee-Identities

• Digitally Authenticate• Ensure Integrity• Digitally Sign• Digitally Certify Time

• Secure electronic messaging.• Secure electronic data transfers.

• Secure electronic access control• Secure physical access control

• High security hosting• Electronic legally compliant archiving• Encrypted mobile data storage

WISeKeySolution

Areas

Data Governance Applications

and e-Services

Infrastructures & e-ID Devices

IdentifyPeople & Objects

Secure e-Identity Devices (smartcards, secure USB biometric tokens, smartcard readers)

Secure Electronic Identity Platforms & Infrastructures(PKI, Infocards, Open ID, Biometrics, SMS OTP)

CommunicateSecurely

AccessSecurely

ArchiveSecurely

Approve


The anti-counterfeiting solutionDuring 2008, we developed a breakthrough technology, called WISeAuthentic® which is patent pending. The idea consists of creating an electronic guarantee certificate, which not only contains the valid identity code, but also enables privileged access to a reserved space on the customer web site to verify if the product is genuine. 2009 represents for WISeAuthentic the market launch and the ability to execute. In March 2009, WISeKey and Hublot revolutionized the watch industry by launching the first ever solution against counterfeiting.

WISeAuthentic

Hublot case study Hublot watches are now protected by a Smart-Card, proving their identity, life-cycle information and origin becoming the first company in the world of luxury goods to attain such a level of protec-tion for its products, by combining state-of-the-art electronic technology and traditional watchmak-ing know-how. WISeKey installed the solution in the manufacturing and after-sales departments and the platform is welcomed by the reseller net-work as a result of the rollout to over 400 bou-tiques around the world. The benefits are not only in reducing the likelihood to be counterfeited but also in providing a control of the grey market. Hublot’s management are very pleased with the WiseAuthentic deployment, since it comple-ments the sales monitoring in real time and gives the opportunity to activate direct marketing activi-ties with the help of such a new facility linked to the exclusive Hublotista internet community.


WISeAuthentic

WISeAuthentic innovative approachWISeKey has therefore conceived a digital approach, based on a certificate included within a cryptograph-ic chip which cannot be duplicated or modified. The certificates issued bear the digital seal of the customer certification authority, and cannot be manipulated by non-authorized third parties.One of the major advantages of this solution is the ability to verify electronically via the Internet the au-thenticity of the watch. The system also enables the verification that the item has not been reported as stolen or lost. Depending on the type of on-line application used, proof of authenticity can subsequently be presented to a third-party.

Figure 1: Evolution of trade in counterfeit and pirated products

USD 0 bn

USD 50 bn

USD 100 bn

USD 150 bn

USD 200 bn

USD 250 bn

USD 300 bn

2000 2001 2002 2003 2004 2005 2006 2007

(Source, OCDE, 2008)

100% AuthenticThe anti-counterfeiting solution

Market potentialThe last report of the OECD indicates that international trade in counterfeit and pirated products totaled USD 250 billion in 2007. This total does not include domestically produced and consumed counterfeit and pirat-ed products and the significant vol-ume of pirated digital products being distributed via the Internet. If these items were added, the total mag-nitude of counterfeiting and piracy worldwide would easily be several hundred billion dollars more.

Many industries are affected by this problem :

WISeKey has defined the luxury industry as its primary objective. In particular watch manufacturers, due to market potential and the proximity, as the key players are located in Switzerland. There are more than 40 million fake Swiss watches made each year compared to 24 million genuine watches. The damage to the Swiss watch industry on a global basis is estimated at between CHF 800 million and CHF 1 billion.WISeAuthentic has been endorsed by the President of the “Fédération Horlogère Suisse” as a best prac-tice application for an anti-counterfeiting global strategy.

WISeAuthentic is actually the only solution able to certify online a product’s authenticity. This is a an im-portant new division for WISeKey since, with our patent pending technology, we will be able to capture new markets with huge potential revenue growth for the company, since counterfeiting represents approxi-mately 5 to 7% of international trade.

Aeronautic spare parts Automotive spare parts Auctions, etc.

Luxury goods in general Gemstones Pharmaceutical products


Public Sector Solutions

Over the last 11 years, WISeKey has built up technology, experience, solutions and part-nerships that allow it to span its offering across the gamut of government departments.

The following is a list of those that were implemented during 2009.

Digital Judicial Processes

Advise on InfoSociety,

Policy & Laws

Immigrant Services

Platforms

Healthcare Electronic Identity

Systems

National Electronic Identity

Systems

Online Citizen Governement

services

PaperlessGovernment

Government Data Sovereignty for Cloud Computing

Secure Government Management


Public Sector Solutions

WISeKey enables civil servants and judges of a judiciary to digitalize the sensitive processes in-volved in judicial processes, including the pos-sibility of electronically publishing decisions in a manner that ensures their authenticity and their time and date. WISeKey worked on important projects in this field in Europe and Latin America during 2009.

Civil servants, citizens, and enterprises benefit from the possibility of eliminating or significantly reducing the need for paper processes by us-ing WISeKey´s products and services. WISeKey bolsters the environmental efforts, cost reduction and efficiency, as well as anti-corruption initiatives of local, regional and national governments.

By providing digital solutions that are legally com-pliant, sensitive transactional processes can be used to facilitate citizen services in a fully custom-ised manner. During 2009, WISeKey helped local and regional governments in Europe to implement next-generation citizen-centric online services.

As specialists in the areas of information tech-nology and information society law and policy, in 2009 WISeKey continued its long-standing role as advisor to governments, international orga-nizations, and non-governmental organizations globally in their definition of law and policy relat-ing to the information society and cyber-security.

As a specialist in electronic identity and the evolu-tion of traditional identity systems (such as identity cards, biometric passports and others) WISeKey designed and installed the core infrastructure used by a government in Asia to issue the secure electronic credentials which will be used in iden-

tity cards, passports, healthcards and other gov-ernment issued identity credentials.

During 2009, among other activities, WISeKey continued to host, support and develop the Healthsign trust infrastructure which is a health-care worker identity infrastructure used for identi-fication and access control to hospital IT systems, online specialised journals, healthcare worker parking garages, among others. Additionally, the credentials managed by the infrastructure is used for electronic medical prescriptions and other such applications being built across the commu-nity. WISeKey’s healthcare offering is expected to expand in 2010 with projects in Latin America.

During 2009 WISeKey developed a framework to enable governments worldwide to maintain sovereignty over the data they host and manage over cloud computing. In parallel, WISeKey has been advising governments and cloud computing providers of the risks and problems of cloud com-puting for the public sector. In 2010, WISeKey is expected to deploy its full offering to the market.

In collaboration with the Association for Interna-tional Mobility, WISeKey has developed a secure and user-friendly online site that serves the needs of mobile populations and diasporas, as well as those seeking to assist and work with them. On a single portal, users will be able to share infor-mation, access administrative and commercial services, perform transactions in full safety and privacy and create an internet community that will give foreign workers more visibility both at home and in host countries. This project is expected to start deployment in at least 3 countries during 2010.

«As identity is rapidly becoming the central organizing principle in the information society, getting Identity Management (IDM) right is key.»

Information Assurance Advisory Council Position Paper on Identity Assurance (IdA) - Towards a Policy Framework for Electronic Identity; IAAC; Cambridge 2006


With the financial crisis, events managers are undergoing difficult times as people and compa-nies think twice about whether going to a spe-cific event is worth their time and money. With WISeKey’s WISeEvents Solution, the decision to go or participate at an event is much easier because the cost can be drastically reduced to the participants and companies (as they can participate virtually, thus eliminating travel, hotel and other expenses) whilst the event organizers can count on the participation (even if virtual) and the revenue.

In partnership with PublicisLive, WISeEvents combines WISeKey’s event registration and badge management system with our smartcards, biometric tokens, trusted certificates, HighTrusted Social Networking solution, our expertise in lever-aging these technologies and other products to provide a turn key managed virtual and physical

event attendance solution. Customer feedback from the successful launch of WISeEvents in early 2008 and the repeat implementation in the 2009 edition of the Global Competitiveness Fo-rum in Riyadh has led us to extend the solution so that each participant can be issued with wireless smartcard badges that are subsequently used to verify their identity when entering the conference, attending keynotes, and other sessions.

Attendees can also use their event credentials, issued within WISeKey’s global ID network at registration, to follow ongoing discussions on the secure social network platform powered by HighTrusted, access the content and the event in real time. WISeKey has built the WISeEvents Solution from its initial experience with the Alinghi base project and has expanded it to apply it to all sorts of events, including large corporate general assemblies, sports events, concerts, and others.

WISeEvents

Flexibility Above All!The WISeEvents Solution has been designed as a platform upon which many technologies and func-tionalities can be integrated. WISeKey can also incorporate e-voting and e-polling services to the plat-forms that allows the event to hold on-the-spot, real time votes or polls on specific topics.

For the event organizers and the customers, a full statistical analysis of the actions of the participants in real time can be provided. The statistics can cover the physical attendance to the meetings and sessions as well as the actions of the partici-pants online, the amount of messages they send, the amount of pictures and other data they upload and the topics that are of greatest interest to the participants online and offline.

This backend of the solution can be hosted locally our out of WISeKey’s high security Data Center in Geneva, Switzerland.

Belonging to a trusted networkHighTrusted.com is an exclusive social network, which is designed for those who require only discuss with authenticated high worth networkers. HighTrusted allows members to interact more effectively with people sharing their profiles. In order to maintain the selection and exclusivity of the social network, strict criteria of selection and admittance are required. To join the social network you will need to be invited by one existing high trusted member.


WISeKey Online Trust Services

O�ine Root CA

SANHSM

HSM HSM

HSM

NLB

NLB

NLBNLB NLB NLB

NLB

ISA

Issuing CAsRealtime backup service

WebService Interface

Cluster

LB on FE App Cluster

CertifyIDGuardian DB

Domain Controllerswith OCSP Clients

WS UniversalRegistration Authority

CRL ManagementOCSP FrontEnd (proxy)

DirectoryServersAdministration

Console

RegistrationTerminal

Federatede-Services

Users

OCSP Server TimestampingServer

System CenterOperations Manager

O�ine Policy CA

CertifyID Trust Center Root Edition

I N T E R N E T

Public DMZ

B A C K - E N D

S T O R A G E A R E A N E T W O R K C H A N N E L

Protec ted DMZ

Managed PKITraditional digital certificate services allowing clients to manage and issue both publicly and privately trusted digital identities (X.509) certificates.

Subordinate Trust Services We continue to offer clients our special Subordinate CA signing service, which brings customer on-premise certifica-tion authorities into the WISeKey OISTE trust network, extending the benefits of OISTE’s global trust interoperability.

Email Archiving ServiceWISeKey offers this service to verify and archive digitally signed e-mails of our cli-ents. Emails are checked for proper sig-natures and then are archived along with any attached documents and data, with a trusted digital timestamp being applied to guarantee date & time.

TimeStamps Repository

TimeStamping Authority

(TSA)

Reliable Time Sources

Email ServerPOP3S

Archive SMTP

Email TimeStamping

Service

TS over HTTP

GPS NTPLW

SQL


De-Materialization We continue to offer dematerialization solutions, particularly in the form of centralized digital signature solutions where we host digital cer-tificates of clients, digitally sign documents to de-materialize their business processes (e.g. invoice signing)

EKey + We extended our line of secure devices, and distinguished them with a new brand called “eKey +”, that include data storage encryption, strong asymmetric cryptographic features (RSA, X.509) and optional biometric authentication. The eKey + lines of devices are a key part of so-lutions such as secure portable office and se-cure remote VPN access.

Many IT solutions, particularly in the public sec-tor, now require the acceptance of digital cer-tificates for access control (user authentication) and de-materialized processes (digital signa-tures). It is often a difficult task to embed such functionality in existing applications, and also to keep pace with new eID issuers, changes in issuer policies and practices, cross-border eID recognition and other factors over time.

WISeKey thus introduced a new line of products primarily focusing on the needs of the public sector for eGovernment security and services, designed to facilitate the use of digital certifi-cates and digital signatures. Extensive localiza-tion and customization services often accompa-ny the deployment of these products in customer solutions.

Identity, Authentication and Access Management (IAM)Currently being deployed in one large EU proj-ect, and being considered for us in others, this product is a suite of components that are inte-grate into large portal solutions to provide iden-tity assurance and access management using a variety of credentials (standard username/pass-word, X.509, etc.)

Secure Log Keeper (SLK)Used extensively in situations where regulations require accurate date-time records with high in-tegrity and assurance, SLK provides customers with secure record assurance using digital sig-natures and tree-based hashes.

Identity SemanticsProvides a central control and interpretation point for digital certificate credentials as part of the security services layer of a project, and used by components to interpret digital identities. It verifies integrity, validity and veracity of a digital identity using client specified rules that can be quite simple, or very detailed using scripts that are interpreted at run-time. New identity issuers can be added consumed by several services through the addition of new rules at the IS point.

Signature Semantics SuiteComposed of a suite of components that are integrated into client-side and server side ap-plications to quickly provide signature creation and validation functionalities. It provides secure server based signature services, including time stamping, supporting both client-side and server side (delegated) private key storage and pro-tection. DLLs are provided for easy developer integration of signature functionality in applica-tions. XAdES applet is designed for use with citi-zen smartcards, secure devices, across a wide range of operating systems and browsers and provides long term signature creation using web browsers in e-citizen scenarios.

WISeKey Online Trust Services


IT Solutions Driving Environmental ChangeWISeKey has taken information technologies and made them eco-friendly not just in their use but also as a tool to help organizations be more environmentally friendly and prove to the world at large that they are doing so. Using creatively it´s knowhow in the information security field, it is enabling organizations to use the new media (e.g. Social Networks, websites, mobile phones, UBS tokens and others) to allow orga-nizations to embark on the environmental, social, political and economic challenges of the 21st Century.

Striving to make your living space environmentally friendlyWith its long and widely tested experience in the use of secure information technologies, WISeKey has embarked on a mission to leverage its knowhow by applying it to 3 IT solutions helping organiza-tions drive environmental change from within. WISeKey´s Environmental Triad enables organizations to 1) eliminate or substantially reduce the use of paper in a legally compliant manner, 2) provide your customers globally through the Internet a mechanism by which they can validate the environmental ef-forts and achievements of your organization, and 3) enabling individuals and organizations to buy and sell environmentally-friendly energy credits and show your ongoing compliance through your everyday online communications. WISeKey and its employees are committed to helping environment in all of its business areas and con-stantly strive to do work both in its commercial endeavors and as a responsible corporate citizen.

Eliminate Paper! An organization of 100 people on average prints enough paper to produce 7.5 tons of CO2 which is equivalent to driving a car for approximately 59’000 Kilometers (36,660 miles) or 1.5 times around the earth! WISeKey eliminates the need for this by providing the digital equivalent of paper in a legally compliant manner across more than 38 legal jurisdictions. Using its state of the art dematerialization solutions, WISeKey allows organizations to create, communicate and archive for the long term, all sorts of legally-relevant documents in ways that can be produced in court, for auditors or in other situations required by law. From day to day communications to electronic invoicing and online contracting, WISeKey helps your organization to establish digitalized workflows that can include multiple signature requirements which can be done in the office or even remotely from anywhere in the world. Imagine that you as a consumer would be able to reliably verify online (and even over your mobile phone) that a specific product you are about to buy complies with specific environmental, labor, quality or other standards. This is precisely what WISeKey is already offering its customers including some lux-ury goods manufacturers such as the watchmaker Hublot. In Hublot´s case, the digital certificate is used to validate the authenticity of a watch but we are now expanding the use of this cutting edge solution to any other attribute that an organization, a consumer would like to verify. Since high security technologies are used, the certified attribute (e.g. ISO 14000) is uniquely linked to the specific unit of the product.

NetCarbonOffset.com is a social network designed to use the Internet and Digital Identification for as-sisting in the offsetting of carbon footprints with the final objective to support greenhouse gas reduction projects and hasten the transition to a clean energy future. The Internet is a great place to reduce carbon offsets as can be more efficient than any other measures allowing an individual to help to assist on the fight against global warming, while reducing the same or more carbon dioxide emissions. Via NetCarbonOffset.com users can purchase a digital renewable energy certificates (WISeKey Digital Certificate) which will allow users to demonstrate during all their internet transactions, emails, and web sites that they are contributing to reduce Carbon offsets allowing to take urgent actions on global warm-ing. This digital certificate will become very visible and will be promoted by a series of VIPs, celebrities and major personalities around the world. The digital renewable energy certificates will also be visible in all web sites of all companies participating.

WISeKey Green Initiatives


Masdar, the ecocity in the desertNo carbon dioxide, no cars, no waste products: Mas-dar (Arabic for “source”) has been designed from scratch as an ecological city that is only dependent on renewable energy. Of this, 80% is solar energy and the rest is gained from wind energy installations and the conversion of waste materials. An ultramod-ern infrastructure and building technology will lower energy and water requirements by around 70%. In terms of transport, the urban area of Masdar is ac-cessed using electric vehicles and is linked to the public transport network by a light railway.

The aim of Masdar is to prove that a high standard of living is also possible with clean energy and, in addition, to turn Abu Dhabi into a precursor of renewable energy. Masdar will thus have a university for environmentally oriented sciences, which is being developed in conjunction with the “Massachusetts Institute of Technology (MIT)”. The “Masdar Institute of Science & Technology (MIST)” is the first univer-sity worldwide that is focused exclusively on research in the field of sustainability. In this setting, Masdar wishes to attract companies from all over the world that are active in the field of Clean Tech & Services. Abu Dhabi has already made a name for itself as the location of the “World Future Energy Summit”, one of the world’s largest Clean Tech conferences.

As a visionary project, Masdar has attracted major interest worldwide, last but not least be-cause renowned British architect Sir Norman Foster is responsible for overall planning. Swiss companies were also significantly in-volved in the design of Masdar. Construction of Masdar has already started with the open-ing of the “Masdar Institute of Science and Technology” scheduled for 2009. The first part of the city will be completed by 2011 and the eco city on the edge of the desert will be fully ready for occupation in 2018.

WISeKey is also member of the swisscleantech Association. swiss-cleantech is a Cleantech Business Association. It was founded in autumn 2009 by the Foundation For Global Sustainability (FFGS, www.ffgs.org). A number of companies which think and act in a

sustainable manner contacted FFGS and voiced their need for effective political support. As a result, swisscleantech now represents its members’ political interests. The term Cleantech encompasses all industries. It fosters Eco-Innovation and addresses all companies which apply the principles of sustain-able development (products, services, processes). swisscleantech aims to support the transition of the Swiss economy into a Cleantech role model. In a Cleantech role-model economy, Swiss companies will benefit from rapidly growing markets and their ensuing demand for sustainable products and services. Consequently, Swiss companies will gain competitive advantage. The association encourages Switzer-land to set an example in sustainability. In summary, swisscleantech makes a valuable contribution to Switzerland’s prosperity and to sustainable development worldwide. swisscleantech counts Swiss com-panies across all industries as its members. Each member has direct online access and can take part in the debate and the decision making processes of the association. A patronage committee and three advisory boards support members in this decision making. The three advisory boards are (1) the political advisory board, including members of both Houses of Parliament of all major parties, (2) the advisory board (including specific NGOs) and (3) the scientific advisory board (multiple disciplines).

WISeKey Green Initiatives


WISeIDWISeID for iPhones and iPods touch is a mobile application that provides a conve-nient, easy to use, encrypted place to store usernames, passwords, PINs combinations. An easy to use interface will allow users to store their passwords quickly and securely on their mobile device. Users can directly and seamlessly logon to their favourite web site within the WISeID application. All the data is stored securely using the AES encryp-tion algorithm with a strong 256-bit key. The first release for market testing will be for the iPhone and iTouch, with releases for Windows Mobile, BlackBerry and Android following af-terwards. WISeID will allow users to register for a WISeKey CertifyID account, and future versions will use these credentials to access WISeKey cloud services such as secure data backup and restore.

WISeKey R&D 2009

WIsePhone+WISePhone+ will bring Swiss trustworthiness to the world of Mobile communications by securing mo-bile phone communications (Voice, SMS’s, E-mails). The application will secure information stored on mobile devices (contacts, e-mails and attachments) using strong encryption, and provide a strong level of end-to-end encryption. It will support commonly available mobile devices, particularly Nokia Symbian models. Windows Mobile, BlackBerry, and Android support should follow later in the year.

Mobile Money Transfer (MMT)The goal of this new solution is to provide secure mobile money transfer and payment services. Money transfer and remittances are performed all over the world, widely done using bank fa-cilities or specialized money transfer operators (Western Union, etc.). However customers of these services typically pay high transaction costs, which is especially onerous for low in-come earners. This solution wants to enable money exchange particularly for the unbanked working in devel-oped countries, members of the international migrant community, who wish to transfer funds abroad, typically back home.

This solution will leverage the use of a mo-bile phone for this activity for its several ad-vantages:• A mobile phone network is deployed and pres-

ent in most countries

• In developing countries, many people do not have a bank account and/or an internet ac-cess but do have a mobile phone

• Secure solutions can be found even for first generation handsets

Cellphone Network

WISePhone+Gateway

Normal Connection

Internal VoiP External PSTN


WISeKey Global Partners

WI HARPER GROUP

SAN FRANCISCO • TAIPEI • BEIJING • SINGAPORE


WISeKey is a Microsoft Global Lead Partner for Electronic Identity solutionsAs a pioneer in this field, WISeKey has quickly become one of only a few global trust providers and is now Microsoft’s Lead Partner for e-ID Solutions, with a view to broadly accelerate the deployment of secure digital identities in innovative and practical ways. WISeKey is working closely with Microsoft to provide governments and private sector organizations with the critical information security infrastruc-tures needed to meet high level information security requirements. This is made possible by low cost and easily implementable solutions through a combination of WISeKey’s products and services and core Microsoft components.

Built on top of the Microsoft® Certification Services in Windows Server, WISeKey’s CertifyID enables governments, large organizations and small to medium-sized businesses to provide trusted digital iden-tities to their citizens, employees, partners, and clients. Digital Identities can also be issued to devices and objects. Additionally, WISeKey has developed its Identity Semantics Suite which addresses the most complex e-government transactional issues governments face today.

The combined strength of WISeKey and Microsoft makes their combined offering the most trusted solu-tion in the market. Major e-security projects based on this platform have been done and are presently under way.

The Microsoft and WISeKey solutions are showcased at the Executive Briefing Center for European Innovation in Brussels, and is promoted at Microsoft Technology Centers around the world along with other infrastructure partners.

The two companies are also capitalizing on the IT community developing around Microsoft’s Partner Market Place (http://www.partnermarketplace.com/emea). This website, created to showcase a broad range of IT products and services geared toward the public sector, is enabling the two companies to identify potential partners in Europe, the Middle East and Africa that can extend WISeKey’s security of-ferings on the Microsoft platform.

WISeKey is also identified as Microsoft’s lead e-ID Partner for their Citizen Service Platform at http://www.mspscommunity.com/en/Government/citizenservices/Pages/default.aspx

Microsoft


Notes


© 2

010

WIS

eKey

S.A

.

WISeKey S.A. - World Trade Center II - P.O. BOX 853 - 29, route de Pré-Bois -1215 Geneva 15 - SwitzerlandTel: +41 22 594 30 00 - Fax: +41 22 594 30 01e-mail: [email protected] - www.wisekey.com

Documents

WISeKey S.A. - Annual Report 2009