Nexus – Enabling Trusted Identities
As Magnus Malmström, vice president of products at Nexus Group tells us, Nexus is an established European security company that underwent a significant “makeover” a year ago. They now focus on providing total security solutions – both hardware and software – to meet today’s current and emerging security requirements. This includes empowering the modern workforce to login to cloud applications, log in to Windows, or access a physical environment through one trusted identity.
One area that I personally found very interesting is the Nexus product offerings and involvement in the IoT (Internet of Things) space. They are already involved in numerous real-world IoT projects with large companies.
Before we talk about Nexus, please tell me a little bit about yourself and your background.
I am currently responsible for all of the products at Nexus – R&D, product management, and product marketing. I have a team of 90 people.
Before joining Nexus, I was in product marketing at ASSA ABLOY, where I helped the ASSA ABLOY group companies and partners with the transition to mobile access control.
As a company, Nexus has been around for over 30 years, which is a pretty long time for this industry – correct?
Yes, that is correct. Nexus restarted itself about 18 months ago with a new CEO and a new management team, but the company still has a history and an excellent customer base.
How many employees do you have today? Where are they located?
We have about 300 employees today, mainly in Germany, Norway and Sweden.
Can you give me an overview of your product offerings?
Our offerings support an organization’s employees or end-customers with physical and logical access control and also help the organization to comply with the GDPR, PSD2 and eIDAS regulations. Our products also help protect communication between things.
Our products integrate into many core systems, such as the HR (Human Resources) system, Active Directory, and physical access control system. We also have the technology and the products to provide secure, multi-factor authentication. A big part of our business is providing and provisioning access cards. In the Nordic countries alone, we deliver millions of cards per year and we are the leading provider of access cards in that region. We are very innovative in how we are providing access cards.
It is interesting that you offer both hardware and software products. What is the percentage breakdown between those two categories? Are you seeing a shift in demands?
The breakdown is currently 50-50 and the trend we are seeing is to sell more and more combined solutions. Where in the past we would have customers that bought only access cards from us, it is now more common for us to provide both the cards and the systems that manage them. Being able to also provide the hardware and software and infrastructures is a big advantage for us.
Are you pursuing biometric security devices?
Right now, we do not go beyond using the biometric identity functionality built into commercial mobile phones and biometric in access cards.
I noticed that you already have a specific offering for IoT (Internet of Things). What is that offering? Are you already seeing a lot of demand for IoT security products?
What we provide for IoT security is PKI-based credentials and automated tools to manage large numbers of them. This is important for the industry sector, which wants to remove passwords, and it is used for train brakes, ATM machines, e-charging stations, or telco base stations. We are very involved in the development of the emerging protocols for communicating with both powerful and resource-constrained devices. Many of our partners benefit from our secure, multi-tenant approach, allowing them to manage each of their end-customers independently from the same investment.
We are currently working with 30+ large companies (many telecommunications companies and enterprises in the automotive industry) who are paying customers and using these products in real-world scenarios. We are well positioned to be at the forefront of the IoT revolution by enabling secure communications.
How do you define your target market?
We are particularly strong in several markets:
- Military and defense.
- Public sector – Government, municipalities, and education.
- Industry – Predominantly in the automotive and energy industries.
- Financial services.
What methods do you normally use to attract and engage with new customers?
In addition to traditional partner and direct sales programs, we are big users of HubSpot as our market automation and CRM (customer relationship management) system. Our marketing team works hard on content development and inbound marketing. We also engage a lot at various technical and partner conferences over the course of the year.
Some of our new customers go directly from direct marketing to our new cloud customer portal Nexus GO, where we allow key services to be consumed through self-service.
How many active customers do you have today? Where are they mainly located?
We have two different categories of customers. Firstly, we have about 50,000 small-sized companies, primarily for our card business.
Secondly, we have about 1,000 large enterprise customers, where 90% of them are located in the DACH (Germany, Austria, and Switzerland) and Nordic countries. Other customers are located in India, the U.S. and France.
How would you describe your current typical customer?
A typical Nexus customer operates in the industry sector, public sector, higher education, or financial services. They aim to establish a chain of trust for their user identities, with focus on automation and self-service for their work force, visitors and temporary workers. The visual ID is important, but there is an increased interest to use the user credential to log in into cloud services, accessing physical entrances, log in to Windows, and/or to digitally sign documents. They are touching on the enablement of the mobile work force and they want to go beyond passwords. Finally, they tend to ask us to provide these features as a service, rather than a long and complex project.
Whom do you see as your main competitors?
The simplest answer is that there are a few very large global players and also several small local players in each of our markets. But Nexus is unique, since we are in the middle – there are not a lot of European companies of our size that deal with both physical and digital access. We are one of the few one-stop shops for security solutions.
We have competitors for each of our components, but we deliver complete solutions to our customers, which individual product vendors cannot provide without including several players which makes the project risky and costly.
How do you see the security market evolving in the next 3–5 years?
I will try to address what I see for the next three years. However, our industry is changing so quickly that I do not usually even try to plan more than six months ahead.
- There are several significant initiatives that are currently driving our industry, including GDPR (General Data Protection Regulation) and PSD2 (Revised Payment Service Directive). GDPR is meant to strengthen data protection and control for individuals within the European Union, while PSD2 will bring great changes regarding access to customer information in the banking industry. Both of these initiatives will have game-changing effects both within and beyond the boundaries of the European Union.
- We are seeing more password-less environments, since passwords are considered less secure.
- Everything (i.e. all physical objects) will have a digital identity.
- Everything that can be automated and digitized will be.
- Security products will be in greater demand, but they must become easier to use.
You mentioned earlier the Nexus GO portal. What exactly is that?
The basic concept of the Nexus GO portal is to make security easy to consume. Nexus GO is a self-service platform that makes it easy and cost-efficient to embed authentication or digital signatures into business processes. It is also possible to order personalized authenticators. Customers and partners can make purchases online with only a few clicks and then instantly use the service. Everything is designed with simplicity in mind. Our ambition is to allow play before real use and with low up-front investment, and our mission is to help society with cost-effective security for the digitalization transformation.
We have already launched the Nexus GO portal for several services and we plan to continually add new services.
What are some of the future plans for Nexus?
We actually have a very well defined and aggressive set of goals prepared, that includes the following:
- Continue to expand the services we offer on the Nexus GO platform to secure the digitalization transformation happening right now in the European market.
- Enter additional global markets through local partners.
We are a very lean and agile company, which is necessary in order to compete in such a dynamic and changing industry. I cannot say for sure what Nexus will look like in three years from now. Just the elimination of passwords for people and things is a huge process, which represents a very big market by itself.
How many hours a day do you normally work? What do you like to do when you are not working?
On average I work about 12 hours a day.
When I am not working, I like to go running, spend time with my family, or just sit quietly and read a book.