Access Management , Customer Identity & Access Management (CIAM) , Digital Identity

Thales Buys OneWelcome for $101.6M to Enter CIAM Market

Thales Plans to Extend OneWelcome Beyond Europe and into North America and Asia
Thales Buys OneWelcome for $101.6M to Enter CIAM Market
Sebastien Cano, senior vice president of cloud protection and licensing, Thales (Image: Thales)

A French conglomerate plans to enter the customer identity and access management market through its purchase of an emerging European CIAM player that was formed last year through a merger.

See Also: Beyond MFA: The Trick to Securing Machine Identities

Paris-based Thales plans to capitalize on OneWelcome's strong cloud-native SaaS product by extending its market footprint beyond Europe and selling it to existing Thales clients in North America and Asia-Pacific, says Sebastien Cano, senior vice president of cloud protection and licensing at Thales. The company will pay $101.6 million for the Netherlands-based OneWelcome in the deal, which is expected to close by December.

"We had no CIAM offering at all, and we started to feel the pain," Cano tells Information Security Media Group. "Many customers have some vendor fatigue and they want to have a limited number of vendors when they can, and many vendors now in the IAM space offer both workforce IAM and CIAM. So we had to really step up to the challenge here."

OneWelcome, formed in July 2021 through the merger of Dutch companies Onegini and iWelcome, is currently the largest CIAM vendor in Europe, according to Cano. All 105 OneWelcome employees will join Thales, and the company plans to leverage OneWelcome's 80 million users and references from the Netherlands, Belgium, Germany and the United Kingdom to expand beyond the European Union.

Europe has been one step ahead of the rest of the world with security and privacy regulation. Privacy rules adopted by jurisdictions in other regions often copy or are inspired by the EU's General Data Protection Regulation. Cano says OneWelcome's success in Europe will give Thales credibility as it attempts to bring the technology to other parts of the world (see: Extending Encryption and Key Management Into the Cloud).

Taking OneWelcome Global

Thales plans to make a large investment to deploy and sell the OneWelcome software in the United States. Cano says that will require an extensive transfer of knowledge from OneWelcome personnel to Thales' North American sales team. Cano plans to focus on global expansion of the OneWelcome product before turning his attention to integrating the OneWelcome and Thales platforms.

OneWelcome's capabilities aren't present in Asia-Pacific today, and Cano says the company should take advantage of the trained Thales team already selling workforce identity products in places such as Japan, Hong Kong, Singapore, Indonesia and India.

Being one of the few identity and access management players covering all authentication needs across workforce and consumer should make it easier to create synergies and grab deals, Cano says. Thales had been unable to serve rapidly growing gig workers, contractors and temp workers with its workforce IAM platform since it was not on the payroll or part of the enterprise perimeter, Cano says.

But Cano says OneWelcome is perfectly suited for gig workers, as the company's know-your-customer technology is capable of authenticating in a safe and reliable manner through a website or mobile phone. This will make it easier for Thales to help customers in highly sensitive industries such as payment and finance to avoid impersonation attacks.

Bringing Data Security to CIAM

In the long term, bringing Thales' data security and OneWelcome's CIAM technology together will make it easier to ensure the data being stored and managed by CIAM vendors is tightly secure and controlled, Cano says. Thales' encryption capabilities offer a high level of assurance that the information being fed into the CIAM engine cannot be tampered with by any third party, he says.

Security and privacy regulations emerging globally put a strong focus on both user authentication as well as data and content management, and Cano says being the only vendor offering workforce IAM, CIAM and data security will give Thales a leg up on rivals. Specifically, regulators want to ensure that personal and sensitive data aggregated by CIAM vendors is properly encrypted and protected, he adds.

Thales hopes to integrate its data security and CIAM capabilities over the next 18 to 24 months. From a metrics standpoint, Cano says, Thales plans to track annual recurring revenue, profitability and cross-sell opportunities. OneWelcome had been barely breaking even as a stand-alone company, and Cano hopes Thales' added scale will increase the firm's profitability over time.

OneWelcome had been targeting ARR growth of 30% prior to the being acquired, and Cano expects that plugging the technology into Thales' global sales machine will accelerate growth. As far as cross-sell is concerned, Cano says Thales plans to start by bringing OneWelcome to its top 100 workforce IAM customers and then extending it to the top 500 and top 1,000 customers to increase its wallet share.

"We're going to grow the number of capabilities and function this platform offers to the market, and we are offering CISOs the ability to optimize the number of vendors they have by aggregating several capabilities," Cano says. "CISOs are tired of the very fragmented landscape they see in cybersecurity today, and we can help address a little bit of that."


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.