authID Inc. (AUID) Q3 2022 Earnings Report, Transcript and Summary

Good day, and thank you for standing by. Welcome to the Q3 Fiscal Year 2022 Earnings Conference Call and Webcast. At this time, all participants are in a listen-only mode. After the speakers’ presentation, there will be a question-and-answer session. [Operator Instructions] I would now like to hand the conference over to your speaker for today, Grace DeFries. You may begin.

Thank you, operator. Good afternoon, everyone. With me on today’s call are Tom Thimot, our CEO; Tripp Smith, our President and CTO; Annie Pham, our CFO; and Graham Arad, our General Counsel. By now, you should have access to today’s press release announcing our third quarter 2022 results. If you have not received this, the release can be found on our website at www.authid.ai under the Investor Relations section. Throughout this conference call, we will be presenting certain non-GAAP financial information. This information is not calculated in accordance with GAAP and may be calculated differently from other companies similarly titled non-GAAP information. Quantitative reconciliations of our non-GAAP adjusted EBITDA information to the most directly comparable GAAP financial information appear in today’s press release as well as explanations of our VAR and ARR KPIs. Before we begin our formal remarks, let me remind everyone that part of our discussion today will include forward-looking statements. Such forward-looking statements are not guarantees of future performance, and therefore, you should not put undue reliance on them. These statements are subject to numerous risks and uncertainties that could cause actual results to differ materially from what we expect. Some of these risks are mentioned in today’s press release, others are discussed in our Form 10-K and other filings, which are made available at www.sec.com. For those on the webcast, please note that we will advance the slides on our end. We will have a Q&A session following our presentation. To participate in the Q&A you must be registered on the telephone. Telephone number is listed on our Investor Relations section of the website. I’d now like to introduce our CEO, Tom Thimot.

Thank you, Grace. Turning to Slide 3. Legacy MFA doesn’t cut it. Yes, legacy multifactor authentication and passwords no longer create a safe digital world. Nearly every day, we read about a significant data breach at large organizations, including Twilio, Cisco, Intuit, and just yesterday, American Airlines. All of them have one thing in common. They all use social engineering attacks that exploited human behavior, and in particular, vulnerable legacy MFA technology. As quickly as Chief Technology and Information Officers, and the identity access management architects supplement password with phishable onetime passwords or clunky push MFA apps hackers are finding new ways to exploit security human elements. In the 2022, Verizon data breach investigation report, the human element was identified as the root cause of 82% of the 4,000 data breaches study. So after 60 years of passwords, we are in the midst of a fundamental evolution in the science of authentication, with a renewed push to replace those aided and insecure credentials with cryptographic FIDO2 pass keys or a FIDO token found to a device. According to research and markets, the market for passwordless authentication is projected to grow over the next 10 years, at a CAGR of more than 16% to almost 54 billion by 2030 from approximately 13 billion today. North American is expected to dominate the global passwordless authentication market, currently accounting for at least 38% of the worldwide market. In addition, with new research data showing that banking and healthcare are dominating the shift to passwordless authentication. We feel confident that we are targeting the right market segments. Turning to Slide 4. Q3 technology enhancements. With passkeys replacing something you know with something you have, it is an improvement. But deploying passwordless authentication alone creates security and usability challenges, including limited portability and complex account recovery methods that often fall back to insecure identity authentication. For instance, with the Cisco breach, it appears that once the hackers gained control of a user’s device, they enrolled and redirected step up to new devices. Device authentication was now something that hackers had, not the users. The White House zero trust mandate also specifies that strong authentication includes both device and identity authentication. These shortcomings of passkeys create a tremendous opportunity for authID and allow us to differentiate our solutions. In anticipation of the ramping passwordless evolution, we made a strategic decision mid year to significantly upgrade and innovate our Verified platform. Our stellar product and engineering teams quickly developed and receive certification of our platform by the FIDO Alliance. In October, we launched Verified 3.0 and Human Factor Authentication or HFA, which we believe is a pioneering solution. HFA binds strong unphishable passwordless authentication with cloud biometric identity to authorize the human behind the device. HFA fortifies something the user has with something the user is which is their unique face. If the human element is the problem in 82% of breaches, then solving for the human element with cloud biometrics is the ideal solution. Verified 3.0 and our differentiated human factor authentication, address cyber risks that exploit human behavior with passwordless authentication, boundless strong identity assurance, offer adaptive authentication that balances high security with speed and ease of use. Driven by customer demand, these features are designed to improve workforce productivity, and reduce friction for customers. Include support for the OpenID Connect authentication protocol, allowing our customers to integrate our solutions in under 10 minutes. Further, Verified 3.0 makes the move to zero trust easier, because it offers our customers streamlined access to the ecosystem of identity, access management, privileged access management and endpoint detection and response providers. A few of the identity ecosystems providers we are now working with include Okta, Auth0, BeyondTrust, Senhasegura and VMWare. As we complete the launch of these services, we will provide more information in the coming weeks. Turning to Slide 5. Rather than simply talk about HFA, I want to share a video of Verified HFA in action. Using our recent CloudConnect integration with Okta, the Identity Access Management for either. Watch how an enrolled Verified user seamlessly logs in with our FIDO2-certified passwordless authentication on any mobile device or desktop device. Once the user is inside the corporate network, Verified seamlessly elevates authentication with a quick selfie to authorize user access to sensitive applications. Let’s see HFA in action. On the left hand side of your screen, operator can you play the video? [Video Presentation] Turning to Slide 6. There that’s the beauty of HFA in less than one minute in the same interface with no searching or recalling a password, no fumbling for a secondary authentication application, or looking for a phishable one time passcode. The Verified users simply enter their username and use their passkey and device biometrics in this case Touch ID to log into the company’s network. To authorize user access to the company’s gated asset, their intranet Verified seamlessly elevated authentication in the user’s browser. The user accepted the activity request and then captured a quick selfie. Now on that selfie was something you might have missed, a key UX change that we made with Verified 3.0 that users no longer need to smile during a selfie resulting in instantaneous image captures that are secured with our IBeta PAD level 2 liveliness detection. That’s it. That’s Human Factor Authentication. Human Factor Authentication secures both log-in access with a FIDO2 passkey and seamlessly gates use of enterprise assets by verifying the human behind the device. Delivering enhanced enterprise security, Human Factor Authentication also offers the ease of use and portability both workforce and consumers and all of us are demanding. Turning to Slide 7. Verified 3.0 is now a market compelling product and our sales efforts and marketing campaigns continue to focus on two offerings, workforce and consumer. Verified HFA closes security gaps for both enterprise workforce and consumer applications by combining passwordless authentication with biometric certainty to shut down access privileges and lateral movement for unauthorized users. Chief information security officers need solutions that replace legacy MFA solutions and stop hackers from logging into corporate production systems with stolen credentials. We believe that these needs will outweigh the hesitancy with buying decisions in the current uncertain macroeconomic environment. We have also taken a very targeted and thoughtful approach to the markets where we can best impact sales. These three markets, financial services, healthcare and cyber security have been identified by industry researchers as ready for passwordless and are the segments we believe can most benefit from Verified Human Factor Authentication. With highly valued assets and data, these segments are frequently targeted by social engineering and account compromise attacks that can cause significant damage to reputation, positioning and market trust. Turning to Slide 8 where we are on our journey. In early 2022, we started working with early prospects to foster product adoption. Our efforts to harden our platform security and comply with ISO 27001 Standards, IBeta PAD specifications and FIDO2 protocol have strengthened our competitive positioning. Of further note, the successful transformation of our platform has not gone unnoticed by industry experts. In October, Juniper Research awarded authID, the gold winner for Best Biometrics Use in Payments. Juniper’s Future digital awards recognize the most impactful financial products and services that are driving innovation across banking, retail, fintech payments. The increased cyber security attacks exploiting human behavior have also helped significantly to advance the understanding of why products like Verified should be adopted. We are moving along our journey with customer wins and implementations within financial services and healthcare, admittedly not as quickly as we would all like to see. During the quarter, we signed several new financial services customers including various regional U.S. credit unions and as we announced in September compliant U.S. based AI driven business onboarding and risk scoring company. We continue to work on developing and closing opportunities generated by our marketing activities. Our customer success team is actively supporting our new clients with a streamlined implementation plan. They’re also diligently working to upsell our new passwordless authentication services to existing customers. Now let me turn the call over to Annie who will give you an update on our financial results and KPIs. Annie?

Thank you, Tom. Turning to Slide number 9. The following highlights comprise results from continuing operations, and reflect our previously announcement that we are exiting the company non-core businesses in South Africa and Colombia. The Cards Plus business was sold on August 29, 2022, and the exit from the non-core business in Colombia is in process. These businesses are classified in authID’s financial statements as discontinued operations and assets held for sale. Accordingly, all of my remarks will compare results from continuing operations for the quarter and nine-month ended September 30, 2022 with a quarter and nine months ended September 30, 2021, unless otherwise specify. For both the three and nine month periods, Verified software license revenue increased year over year. Verified revenue for the quarter increase over the prior year by 144% to $0.03 million for the nine months in 2022. Verified revenue increase over last year by 158% to $0.1 million. Total revenue for the quarter comprised of Verified software license revenue was $0.03 million compared with $0.2 million for the prior year, of which $0.1 million was from licenses of Verified software. For the nine months in 2022, total revenue was $0.3 million of which $0.1 million was from licenses of Verified software. This compared with total revenue for the same period in 2021 of $0.5 million of which $0.5 million was from licenses of Verified software. The reduction in total revenue was due to the discontinuation of a legacy product. Operating expenses for the quarter totaled $5.7 million compared with $5.6 million for the prior year. Operating expenses for the nine-month period totaled $16.9 million compared with $11.2 million for the prior year, as we accelerated our investment in staff technology, sales and marketing, starting in the third quarter of 2021. Net loss for the quarter was $6.3 million compared with $5.2 million for the prior period. For the nine-month net loss totaled $18.2 million including non cash charges of $8.3 million compared with $10.7 million, which include non-cash charges of $5.3 million for the prior year. Net loss per share for the quarter was $0.25 compared with $0.22. For the nine-month period, net loss per share total $0.73 compared with $0.50. Adjusted EBITDA loss for the quarter was 3.3 million compared with $2.6 million. For the nine month period in 2022, adjusted EBITDA loss was $9.1 million compared with $5 million. Now let me present our KPIs. Booked annual recurring revenue or BARR, as the amount of annual recurring revenue represented by the minimum or estimated amounts payable under contracted orders for our Verified products. The cumulative amount of BARR through September 30, 2022 is approximately $0.2 million, up about 25% over the second quarter. Annual recurring revenue or ARR is the amount of recurring revenue as determined in accordance with GAAP and divided from sales about Verified products during the last month of the quarter, multiplied by 12. ARR as of September 30, 2022 is approximately $0.1 million, now about 14% from the second quarter. Deferred revenue, a GAAP metric is the cash collected or billings from customers for our verified products, which will be recognized as revenue in future periods. Before revenue recognized as of September 30, 2022 is approximately $0.1 million up approximately a 100% percent from the second quarter. With deals in our pipeline, we expect our Verified subscription revenue will continue to expand. Turning to our balance sheet. At September 30, 2022, cash and available credit facilities totaled $17.1 million. Looking ahead, our cash burn rate will reduced to approximate $0.9 million per month. We then expect to improve our cash flow as we add revenue from Verified 3.0 sales. Our previous guidance of having sufficient financing to fund operations through 2023 remain unchanged. Our revised target is to achieve positive cash flow on a current basis by late 2024. Let me now turn the call back to Tom for additional remarks.

Thank you, Annie. Before we move into Q&A, I wanted to say a few words. Certainly, we are disappointed that our sales goals have not been achieved on the timeline we anticipated. But our goals have not been lowered. We have seen macroeconomic conditions extend decision making and delay sales cycles, but we know the opportunities remain. We have taken steps on several fronts to achieve our goals. Now that we’ve invested in a highly competitive and compelling platform, there are several areas where we will reduce costs. This year we performed a number of costly activities including expanding our platform capabilities, hardening security and performance, securing compliance with ISO 27001, FIDO2 and IBeta standards as well as running brand awareness marketing campaigns. A number of these areas will not be as costly in 2023. We firmly believe that Verified 3.0 is the right product for the right time and that with its launch we will start to make headway in achieving our sales targets across the right vertical markets for Human Factor Authentication, financial services, healthcare and cyber security. Our work remains focused on converting opportunities generated through our pipeline and made more accessible through our expanded CloudConnect ecosystem. Now with Verified 3.0, we are well positioned to take our share of the vast total addressable market for passwordless authentication secured with identity assurance. And with that I will turn it over to the operator and open the call to Q&A. Graham?

Operator, if you can just explain how people can raise for questions if they wish.

Thank you. [Operator Instructions]

Thank you. Whilst we’re waiting for questions to rise, Tom, perhaps you could take a few minutes just to explain the – with respect to Verified 3.0, what makes it, what gives it competitive advantages in this market? Obviously, there are many, many competitors out there with claiming all kinds of different benefits of their products. What really makes our product different?

What makes Verified 3.0 very different than the many, many passwordless authentication providers that you see at all the trade shows today is that most passwordless companies and the FIDO standard itself calls for you to bind an identity to a specific device. Basically a passkey key or think of it as a software token is put on your phone and when that phone is present, it logs you in. You don’t need the password anymore. That’s great, except for when you’re accessing a particularly sensitive area or you don’t have that device or you want to access that information from a different device. The fact that we also bind a biometric that is stored in the cloud, not on the individual device, gives you a second layer of authentication, a multifactor authentication that we have now branded ourselves as Human Factor Authentication because that second factor that multifactor is now human, it’s your biometric, it’s you. And that allows us, unlike every other password – passwordless provider to buying that identity and allow you to recover your passkey on a new device, allow you to have your authentication stepped up to make sure it’s really you before you access a very sensitive area of your company’s intranet or you make a very sensitive transaction as a consumer. And this greatly differentiates us. In the past with Verified 2.0 and since we’d launched authID at Money 2020 in 2021, we were focused on the step up. We talked a lot about Twilio and the one time password and how we were going to replace it. But in the passwordless world, people view both factors together. The factor that is tied to your phone and the factor that steps you up. And that is the difference that we shifted with Verified 3.0 to also offer a password list fundamental that we can add all of the biometric step up capability that we originally developed. We’ve made a platform that is now turnkey and allows our customers to come to one provider to replace their passwords and replace their PIN codes in one step. Thanks, Graham.

Thank you, Tom. I have one more question. You mentioned the expansion of the CloudConnect ecosystem and some of the new partner relationships that we’ve developed and integrated to over the last several months. Can you expand a little more on the significance of those relationships and how they’re going to help us with our future sales?

Absolutely. One of the key ones is being able to integrate seamlessly with Okta and all of their partners. You will recall in the past we talked an awful lot about REST API and low – going from low code to no code. What that means is you used to replace a call that is today done typically to Twilio and REST API call, you would have to have programmers in your IT staff go and program that integration, test it, integrate it, trial it before they could roll it out. Now for anyone that works with OIDC, you can integrate our solution in minutes, because it’s already integrated. And this is a huge step for us. One of the keys of Verified 3.0 is to partner ecosystem. And an example was at the Gartner identity and access management conference, we developed a relationship with Senhasegura, two CEOs and we said let’s integrate this. And they expected that it was going to take us. We’ll get a team of product people and engineers and we’ll do it over Zoom over the next few weeks. The two engineers got together in our booth and did it in seven minutes. That’s the power of OIDC. That’s the power of our Verified offering and it really opens up a broad market to us that’s very, very simple for our customers to implement.

Thank you. I’m showing no further questions at this time. I will now like to turn the call back over to Tom for closing remarks.

Thanks for the questions. And I appreciate everyone’s time today. I think I speak on behalf of the entire management team here, that we believe that we have the right product for this market. The macroeconomics has made some headwinds, but this is a change that will happen in technology. It will move to passwordless and it will need to step up to a biometric. And we’re the only company that offers those integrated together with a great platform of partners. Thanks for taking the time to spend with us today.