Cloak and Dagger Exchanged for Career With Security
BALTIMORE — You could say Doug Kozlay holds the key to the U.S. Treasury.
Four million times a year, Uncle Sam makes computerized payments to private companies, totaling $2 trillion. Not a dollar goes through unless the electronic key Kozlay invented turns in an electronic lock, verifying that the transaction is authentic and hacker-free.
A former researcher for the cloak-and-dagger National Security Agency, Kozlay turned espionage into entrepreneurship and founded Information Resource Engineering in 1983. Now he makes the codes and scrambling devices that let seven of the nation’s top 10 banks and 1,400 European financial institutions send financial transactions safely across computer networks.
Analysts say the little-known Baltimore company’s ability to peer into the future makes it one to watch. And Kozlay, IRE’s chief technical officer, is behind the crystal ball.
As a member of the American National Standards Institute, Kozlay ponders things like what money will look like in the future. He carries one likely form: a prototype electronic checkbook.
“People are counterfeiting checks using a lot of new technology that everybody has access to today,” such as personal computers and laser printers, he said.
He envisions future consumers using electronic cash cards with all the anonymity and easy spending of paper money. He sees us wearing tiny personal computers as we now wear wristwatches.
“I have a feeling that this little screen is just a beginning,” he said, flipping open a hand-held computer he keeps in his shirt pocket.
All the new devices he imagines would be protected by IRE’s encryption technology. Electronic cash would have to include coded chips that make each electronic dollar unique and verifiable. Electronic books could be coded to scramble after a single reading or, for a higher price, after a dozen.
“There is a whole new structure of the way we shop and buy things that I expect to be enabled because we have the cryptography to do it,” Kozlay said.
The 56-year-old researcher has many of the eccentricities of a celluloid scientist. His colleagues say he routinely works through the night, pausing to nap in shirt and tie on a nearby couch or conference table. After he worked on an encryption system for a Wall Street firm, brokers took to calling him “cave man” because he never left the office.
“It doesn’t surprise me if I walk in in the morning and Doug is here before I am,” company marketing executive Roberta Bowersox said. “Chances are he’s not in early, he’s been here all night long.”
Loyal to his erstwhile employer’s code of secrecy, Kozlay says he worked for the federal government or, when pressed, the Department of Defense, the NSA’s bureaucratic parent. But a former NSA colleague and an IRE prospectus describe him as the former manager of a research lab for the nation’s code-breaking agency.
“I can neither confirm nor deny,” he says with a smile.
Before working for the government, Kozlay made another, less successful business venture.
In 1969, he helped found Isis Corp. to make desktop computers. They became standard office equipment 20 years later, but Kozlay said Isis was a little ahead of its time.
“Besides, I was better at coming up with new ideas for building products than knowing how to build a company or knowing how to go out and sell them,” he said. “I think we sold maybe 10 of them.”
After four years as president of IRE, Kozlay turned over marketing and financial planning to corporate managers in 1992. With Kozlay’s ideas and the corporate instincts of chief executive officer Anthony Caputo, the company has made some major changes.
Since going public in 1989, it has expanded into Internet security and in October bought Gretacorder Data Systems, a Swiss AT&T; International Inc. subsidiary that gives IRE an entry into the European market. The company plans to continue expanding through similar acquisitions, Caputo said.
The company has reported losses the last two years. Analysts say a loss of just under $1 million in 1995 was due to the $3.9 million Gretacorder acquisition and expect 1996 to be the year IRE moves more strongly into the black.
A $12-million deal to encrypt long-distance giant MCI Communications’ new Internet access service should help lift sales to $24.5 million this year and $35 million in 1997, according to Friedman, Billings, Ramsey & Co., an Arlington, Va.-based securities firm. That compares with $2 million to just over $3 million a year in sales from 1990 to 1994.
In addition to safeguarding financial transactions, the company also makes devices that code sensitive government data, from Internal Revenue Service reports to FBI and Pentagon communiques.
When Secret Service agents investigating the Oklahoma City bombing sent computer reports to Washington, they used a $750 IRE modem that prevents electronic eavesdropping, confirms that transactions aren’t altered in transit and verifies the identity of the sender with a digital signature.
But analysts say it is IRE’s low-cost Internet security products that make the company one to watch.
“This market is big enough and fragmented enough that a small company like IRE with a blue chip client list can continue to penetrate it with their encryption products and grow rapidly,” said Bill Loomis, an industry analyst with Ferris Baker Watts.
The global computer network has fallen short of its potential as an online bazaar largely because consumers remain skittish about giving their credit card numbers online.
“Last time I counted [there were] 74 basic ways--and there are probably more subtle ones that I’ve missed--that people can abuse the Internet in order to send bogus messages, modify messages in transit or just eavesdrop on what’s on the line,” Kozlay said.
Cryptography is changing all that, said Paul Saffo, director of the Institute for the Future in Menlo Park, Calif.
“Personally I feel more secure giving my credit card number to a known company on the Internet than I do giving it to a waiter at restaurant,” Saffo said. “This is a fertile ground for crooks. And the nice thing is that data encryption so far has made it very hard for crooks to do business in.”
Nonetheless, hackers are expected to keep the electronic cop on the beat.
“There will always be a race between the security providers and the people trying to attack it,” Kozlay said.