Multi-factor & Risk-based Authentication , Security Operations

Authentication Vendor Yubico to Go Public at $800M Valuation

80% Growth & Turning a Profit in 2022 Set Up Yubico Well While SPACs Have Struggled
Authentication Vendor Yubico to Go Public at $800M Valuation
From left, Yubico CEO Mattias Danielsson, ACQ CEO Henrik Blomquist and Yubico co-founder Stina Ehrensvärd (Image: Yubico)

Hardware-based authentication vendor Yubico plans to go public at an $800 million valuation by merging with a special purpose acquisition company.

See Also: Shift From Perimeter-Based to Identity-Based Security

The Swedish company said becoming publicly traded will accelerate Yubico's push to enter adjacent authentication markets, land new customers across different verticals, work more closely with third-party suppliers and increase the number of people using its multifactor authentication hardware token. Yubico expects to complete its merger with publicly traded SPAC ACQ Bure AB in the third quarter.

"Becoming a listed company on the Swedish stock market will add opportunities to fuel our growth journey going forward as well as add a further quality stamp for our company," Yubico CEO Mattias Danielsson said in a statement. "We see continuous revenue growth, we are profitable, and the need for our technology and our position in the cybersecurity market has never been stronger."

Sales Surge in 2022 for Yubico as Company Turns Profit

Yubico's revenue skyrocketed to $151.3 million in 2022, up 80% from $84 million in 2021 and 157.5% from $58.7 million in 2020. Since 2016, sales have grown at an annual rate of 50%. The company also turned a profit last year for the first time in recent history, generating earnings of $24.8 million. That's in stark contrast to 2021 and 2020, when Yubico had losses of $5.8 million and $23 million, respectively.

The company was founded in 2006, employs 409 people and has raised $88 million of outside funding, most recently completing a $32.5 million venture round in July 2020 at a valuation of $604 million, according to Crunchbase. Yubico was founded by Stina Ehrensvärd, who transitioned in February from CEO to chief evangelist in conjunction with Danielsson's promotion from chief operating officer to CEO (see: Authenticate 2022: Experts Share Path to Passwordless Future).

"We are proud and humbled to have built and established a global gold standard for strong authentication," Ehrensvärd said in a statement. "Our technology protects access for the world's largest enterprises, critical government infrastructures, human rights organizations, and millions of individuals around the world."

ACQ shareholders are expected to vote on the transaction June 20, and entities holding 67% of ACQ shares have already pledged to support the deal. Entities representing more than 80% of Yubico's outstanding shares also have agreed to support the deal. ACQ will pay for the $800 million transaction with 58% stock shares and 42% cash to existing Yubico shareholders.

"Yubico is a trusted global brand in cybersecurity with a unique blue-chip customer base and is led by a strong management team with a proven track record of profitable growth," ACQ CEO Henrik Blomquist said in a statement. "By listing Yubico through ACQ, we create a solid foundation for the company to continue its successful growth journey and create value for all our shareholders."

Yubico's signature YubiKey product is manufactured in Sweden and the United States and deployed across more than 160 countries worldwide. More than 55% of Yubico's workforce is based in the United States, and much of the remainder is located in countries such as Sweden, according to IT-Harvest. YubiKeys have been adopted to meet government relations out of the United States and Europe, Yubico said.

YubiKeys are compatible with multiple authentication protocols including FIDO2/WebAuthn, Universal 2nd Factor, PIV/Smart Card and One Time Password. Amazon, Google and Microsoft all use YubiKeys to protect sensitive information from cyberattacks, and in recent years Yubico has diversified its customer base beyond technology to encompass financial services, manufacturing, retail and the public sector.

Track Record of SPAC Mergers in Cyber Tell Cautionary Tale

Despite Yubico's financial traction and customer wins, the track record of cybersecurity vendors going public through merging with or being acquired by a shell company has been bleak. One in five proposals encountered turbulence prior to launch and never even made it off the ground, and the four cybersecurity SPAC mergers that did make it off the starting blocks haven't fared much better (see: SPAC Woes Continue With Hub Security's Sluggish Nasdaq Debut).

Risk analytics platform Qomplx in March 2021 acquired two companies and agreed to become publicly traded by merging with SPAC Tailwind Acquisition Corp. at a $1.4 billion valuation. But in August 2021, the two sides "mutually agreed" to call the deal off due to "market conditions preventing certain of the closing conditions from being satisfied." Qomplx's headcount has fallen by more than 32% since then.

Secure access vendor Appgate was spun out from data center vendor Cyxtera in January 2020 and went public in October 2021 by merging with Newtown Lane Marketing at a $1 billion valuation. Since then, Appgate has laid off 130 workers - or 22% of its staff, weathered the resignation of CEO Barry Field and President and COO Jawahar Sivasankaran, and seen its valuation fall by more than 80% to $197.7 million.

"The need for our technology and our position in the cybersecurity market has never been stronger."
– Mattias Danielsson, CEO, Yubico

It's been a dramatic fall from grace for network detection and response vendor IronNet, which went public in August 2021 by merging with a shell company at a $1.2 billion valuation. Since then, IronNet has removed co-CEO William Welch and CFO James Gerber from their posts, excised more than half its workforce through multiple rounds of layoffs, and seen its valuation fall by 97% to $26.5 million.

External threat intelligence vendor ZeroFox went public in August 2022 by merging with a publicly traded SPAC at a $1.4 billion valuation, but the only cybersecurity company to go public last year faces an uphill battle as investors shift to more conservative bets. In recent months, ZeroFox's profitability fell far below expectations and its valuation sank more than 85% to $156.5 million.

Israeli confidential computing cyber vendor Hub Security agreed in March 2022 to start trading on the Nasdaq Stock Exchange by joining forces with SPAC Mount Rainier Acquisition Corp. at a $1.28 billion valuation. But before the transaction even crossed the finish line, CEO Eyal Moshe and Vice President of Human Resources Ayelet Bitan left their posts. Hub today has a valuation of just $114.5 million.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.