Symantec to buy VeriSign's security business

The security heavyweight eyes VeriSign's SSL, PKI, and other authentication services in a deal valued at $1.28 billion.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
Elinor Mills
2 min read

Symantec on Wednesday said it will buy VeriSign's security business and take a majority stake in VeriSign Japan for about $1.28 billion in cash, in the hopes of becoming a leader in the growing market for authenticating people and servers on the Internet.

Under the agreement, Symantec will acquire VeriSign's identity and authentication business, including the Secure Sockets Layer (SSL) certificate, Public Key Infrastructure (PKI), and VeriSign Trust and VeriSign Identity Protection Authentication services.

"The acquisition creates the most trusted brand for protecting information and identities online," Enrique Salem, president and chief executive at Symantec, said during a conference call. The VeriSign check mark has 250 million impressions each day on more than 90,000 Web sites globally, he said.

The deal, which will require regulatory approval, is expected to close by the end of September, according to a statement.

The businesses of Mountain View, Calif.-based VeriSign being acquired represent more than $400 million in annual revenue and about 900 employees, James Beer, Symantec's chief financial officer, said in an interview. The VeriSign services are complementary to Symantec's existing services and products, focusing on antivirus and other security for desktops and servers, he said.

"When you look at our portfolio today, we are very strong in two areas: at the end point, where information is in use, and in the data center, where information is at rest. What VeriSign's business brings to us is the ability to secure information in motion, bridging the two other areas."

Symantec, also based in Mountain View, Calif., expects the transaction to be 9 cents dilutive to the fiscal 2011 earnings per share on GAAP (generally accepted accounting principles), which include all items.

"Without that accounting construct, this deal would be accretive immediately," Beer said. "It's a highly profitable business, generates good cash flow, and has high renewal rates. It's our entry into the large, new addressable market, which IDC projects can grow to $1.6 billion by 2013."

Meanwhile, the deal is being funded with cash to use about $300 to $400 million of offshore cash, Beers said.

Rumors of the news were first reported by The Wall Street Journal.

Updated at 2:48 p.m. PDT with information from a Beers interview and a conference call.