1. GuardiaNet Systems An Application Service Provider Business
Case Executive Summary - 1 -
2. Executive Summary Company Overview GuardiaNet Systems, Inc.,
(GSI) is a leading application service provider (ASP) of shared
public resource management technology serving the public library
market, with recent entry into the education market (K-12 schools
and universities). The US revenue opportunity for these markets is
estimated at over $1.4 billion per year. GSI has become a
recognized market leader in servicing managing shared public
resources and has sold subscriptions for its services to some of
the largest library systems in the US. GSIs leadership team has
managed numerous successful and profitable investor exits and has
postured GSI to quickly become a success by implementing a single
smart card or token-based card strategy of its patent-pending
technology called GuardiaNet. The best example of an ASP of shared
public resources is the personal computer (PC), but other examples
include shared printers, audiovisual equipment and meeting rooms.
GSIs core software and token-based solution, known as GuardiaNet,
provides multiple functions and capabilities including
scheduling/time management, user specific customization, remote
storage of personal documents and files, privacy controls, e-purse
applications and Internet access control. GuardiaNet is the only
service provided in the market that utilizes a smart card interface
to secure access to, and management of, these resources. After
multiple discussions and meetings with GSIs staff, it is confirmed
that the companys patent-pending GuardiaNet technology can use 3Ms
RFID technology in lieu of, or in addition to, an IC chip in the
patron card and thus serve as the self check out solution that
includes payment of fees and fines. The RFID substitution for the
IC chip in the patron card enables 3M to maintain a consistent
strategy within 3Ms Library division and maximize sales of D-1
tags. The single most important trend in public libraries and
universities is the need to secure and manage public resources such
as Internet PCs. Carroll County, Maryland, one of GSIs customers,
is planning for a statewide library card service contract and has
indicated that more than half of their patron traffic comes to the
library for the express purpose of using the services of publicly
shared PCs rather than books. Currently, public schools,
universities and libraries manage these growing public resources
manually, thereby increasing operating costs and reducing user
satisfaction. By providing a feature-rich set of tools to automate
the management of these resources, GSI became the solution of
choice for these applications. By building on GSIs existing
patent-pending technology and the additional patents that we have
been told are in process, 3M should be able to deliver unique
services at compelling prices and attractive margins to a large and
growing installed base, while positioning 3Ms library division as
the sole provider of the unique services and turn-key solutions
that comprise the GSI suite of products. The Market Need The
problem: Scheduling/time management for publicly-shared PCs The
administration of public PCs is being done manually, making
librarians, teachers, professors and administrators computer
nannies. These computer nannies have to manually schedule PC use,
including limiting the time a user can spend on a PC, all of which
is a terribly wasteful use of their time. GSIs solution The
GuardiaNet system (correctly known as a subscription service)
allows users to reserve PCs (and other public resources) on a next
available basis, or at a specific time. The length of the session
is set by the university/library, and the user is periodically
notified of the time left in the session via a - 2 -
3. window on the PC. This removes the teacher/librarian and
administrator from the scheduling and monitoring process. The
problem: How to personalize a publicly-shared PC Personalization of
the PC creates a much better user experience for the patron.
Historically, publicly- shared PCs could not be personalized. The
public PC is just that: a public PC with no personal attributes
relating to the library patron. GSIs solution The GuardiaNet
service uses IC chip (smart card) and other token-based
technologies such as RFID technology and GSIs patent-pending
technology to allow users to personalize a public PC, including
favorites, history, Internet home page, cookies and address bar
history. Users can even save documents without affecting the
library/schools servers or creating security hazards. The problem:
How to protect privacy when using a publicly shared PC GuardiaNet
can personalize a publicly shared PC but the personalization does
not become public information to the next user. Librarians and
teachers currently must reboot the machine after each user (the
current practice) to avoid making private information public, and
to protect new users from inappropriate content. GSIs solution When
the user removes his or her smart card, the PC is reset and all of
the personalization information is removed from the PC. The data is
secure and is saved on GSI servers and is recalled by the PC the
next time the user inserts his or her smart card. The users
experience is personalized, and confidential. Subsequent users are
also protected from the content of previous users. The problem: How
to manage access to publicly-shared PCs Users are not really
authenticated and institutions, parents or others cannot insure
that the individual is limited in his or her Internet access. GSIs
solution GuardiaNet uses two-factor authentication: something you
have (the patron card) and something you know (a password). By
recognizing the patron, access rights can be determined. For
example, if parents want to limit their childrens access to safe
content, the parents can set access rights. Alternatively, if the
library wants to designate certain PCs as kid-friendly, they can
set the default user parameters of the PC. The problem: Print/cost
management Printing services in libraries, schools and universities
are costly and frequently unmanaged. Even when they are managed,
the institution must have highly-trained professionals collecting
nickels and dimes, which is not an effective use of their time. In
many cases, the institution is unaware of a user abusing the
ability to print, and therefore must absorb the significant cost of
printing, including paper, toner and ink cartridges. Additionally,
some vendors of print management software manage the bank account
of the patrons account that leads to the vendor earning money from
float (interest earned on the balance of all patrons balances) and
from breakage (the amount of money abandoned on a patrons stored
value card). With GSIs solution, the money derived from the float
and breakage, both associated with the patrons purse functions, can
be used by the library to help fund the acquisition of the
library's equipment, software and supplies. - 3 -
4. GSIs solution GuardiaNet technology and services include
tools to control the number of prints, the type of prints
(color/B&W), where pages are printed, and how they are
retrieved. Fees for printing can even be deducted from an e-purse
on the GuardiaNet smart card. Print Management controls printing
and allows the hosting facility to set printing prices based on the
printer or document type. Printers can be directly connected to
each PC, network connected to each PC or connected via a print
server. Print Management can be set up to pay for printing at the
originating PC or at a centralized print server. GuardiaNet is able
to apply its technology and services to not only publicly-shared
PCs, but also to other public resources available in the school and
library. For example, GuardiaNet can be used to schedule or reserve
labs, resource rooms, even audio/visual equipment in addition to
computer and computer resources. Also, GSI can provide the same
services to the university market to address these very same
issues. Large addressable market Shared public resources such as
PCs in public libraries, K-12 schools and universities represent a
large and growing information technology market. The US revenue
opportunity is over $1 billion per year. There is also a large, but
unquantified, foreign opportunity for GSI core markets, as well as
an opportunity for extension of the technology into other markets
such as the corporate, medical, legal and security markets. Prepaid
subscription revenue model GSI customers pay in advance for an
annual subscription to use GSI products, making cash flow much
higher than accounting earnings, and also giving GSI a recurring
revenue model. Proven technology - tested and validated by major
customers With over thirteen libraries installed and currently
using the GuardiaNet system, including the 4th largest county in
the United States, and six more libraries under contract and in the
process of installation, GSI is well positioned to capture a large
piece of the public library/education market. GuardiaNet is the
only service that combines the power of a smart card with shared
resource management software so that public facilities (libraries,
schools, and universities) can effectively manage their resources.
We are clearly recognized as the market leader. GSIs technology is
not just an idea; it is proven. Customer involvement in product
development GuardiaNets services and product features are developed
with the customer involved at every stage of the process. GSI has
formed alliances with the American Library Association and the
Public Library Association, and has been invited to present topics
at trade shows relative to shared resource management and content
filtering. - 4 -
5. Executive Strategy Overview 3M OneCard The Future of
Authentication, Payment and Personalization A proposed strategy
that combines the proprietary technology and services of GSI with
the 3M Digital Materials Flow Management System. The following
concept is the result of discussions with librarians, IT
professionals and GSI management. Preamble The 3M OneCard, using
either an RFID D-1 tag or IC (Integrated Circuit) chip or smart
card), is a combined solution using GSIs technology and application
service provider solution with 3Ms DMFM. The combined technologies
create a transaction platform that allows a single rules-based
authentication and payment scheme to integrate with self-check
services and a librarys customer database. This unique solution
provides automated payment services and user personalization in a
secure and authenticated manner. By distributing a smart card that
can contain multiple technologies such as contactable or
contactless IC memory, you can integrate positive identification, a
stored cash value purse, and an RFID materials tagging scheme and
optical scan coding, enabling the library to completely automate
all services into one convenient technology. In this case, a one
card solution - the 3M OneCard. The 3M OneCard can be as simple as
a user card that is enhanced with the simple application of the
self-adhering D-1 tag, embedded RFID, contact IC chip, magnetic
strip, optical bar code or a combination of any and all, depending
on the need of the customer. Library Market It is easy to
understand the need for patron self-check in most libraries. Not
only does it enable savings with the management of staff time, but
also affords the patron with the ability to borrow materials in a
private and secure manner. The patron simply inserts his or her 3M
OneCard into the reader (or lays the card on a smart mouse pad) an
action that is ubiquitous to most users, as it resembles the same
action currently used in Automated Teller Machines and certain PC
applications. The self-check machine will recognize the unique
serial number on the chip or RFID tag and check the patrons has
privileges. The patron will - 5 -
6. then be challenged for the Personal Identification Number
(PIN) that is associated with the patron database to complete the
authentication. This form of secure two-factored authentication,
coupled with positive card presence sensing, gives a very high
degree of certainty that the borrower is the actual cardholder.
Rules can also be applied during this process. As an example, a
parent would have the ability to allow rules to be centered on
their individual children, requesting that videos that are MPAA
rated above PG-13 could not be checked out, or specifying that
items in a specific collection such as audio materials or materials
from the childrens collection only, are available to this
cardholder. The problem arises when there are fees associated with
materials such as video and audio items, or when a patron owes a
fine due to overdue materials. Without the ability to collect these
fees in an automated manner, the librarys self check system falls
short and the customer must revert to the more time consuming
one-on-one traditional checkout with the library staff. Using the
3M OneCard, the library will have the ability to communicate with
the librarys automated circulation database, using a wide variety
of protocols, to determine the fee or fine and prompt the patron of
the charges. The patron can then use cash stored on the 3M OneCards
purse to make the necessary transaction. The 3M OneCard allows the
self-checkout process to truly become a one-to-one relationship
between the customer and the library in a completely automated
manner, saving staff time while protecting the patrons privacy The
3M OneCard will also be fully configured with GSIs LibraryGuardian
PC management and cash management system. GSIs technology is
token-based authentication, which means that it can work with
tagging technologies like 3Ms D-1 RFID tag, an IC Chip smart card,
optically scanned barcodes, or proximity cards, either as "one
technology" or a combination of technologies. Again, being
token-based, GuardiaNet's proprietary technology can take advantage
of any technology that has the ability to communicate a token to
its server scheme. This design flexibility gives GSI, when combined
with 3M, a clear lead in the authentication market. Another
advantage of GSIs technology is the simplicity of its
authentication design. With a very thin client application, GSI has
developed a proxy-less system that is nearly transparent to a
network and its current installed customers report little or no
network degradation, even when hundreds of computers are online and
in use. The LibraryGuardian brand was developed completely around
the critical needs of the library market and can be welcomed in any
library from K-12, universities and public libraries. GuardiaNets
modular segments allow for complete process control of electronic
media including the Internet, applications, and subscription
databases. The Library Guardian product has received industry wide
accolades as a true library solution that has correctly identified
the needs of libraries. The suite of applications includes: o Time
management, allowing the library to define multi-tiered time limits
for PC usage, with optional automated extensions if other terminals
are available when the specified time expires. The library also has
the ability to group PCs into queues that make sense for their
particular library. Each group can have different time parameters,
warning messages, and access control settings, e.g. express PCs,
Internet PCs, Word Processing and other applications. - 6 -
7. o GSIs scheduling of PCs is, according to librarians,
perhaps the most advanced PC scheduling system developed to date.
This system allows patrons to use any available PC if no one is
waiting simply by walking up to the machine and inserting their 3M
OneCard or, if all the PCs are in use, allows the patron to reserve
the next available PC or schedule a PC for a date and time in the
future. The system also allows for patrons to request a specific
PC, and reservations can be made from any Internet accessible PC
inside or outside the library. The system is so intelligent that it
knows if a PC went off line unexpectedly during a session and will
automatically place that patron on the next available PC with the
exact time remaining from the failed session. o The Terminal Reset
feature is another module of GSIs GuardiaNet technology. Since the
card is required to be in the reader for the entire session, the
system will interpret the removal of the card as a signal that the
patron intends to end the session. Upon card removal, the system
will prompt the patron if they are pausing the session or ending
the session. If pause is selected, the monitor will blank with only
the time remaining showing, the keyboard and mouse will become
inactive and the patron can leave the PC for a short period of time
(configurable by the library) without sacrificing privacy. No one
can see or access what the patron was doing, except the patron when
they return to the PC and re-insert their card. When the session is
ended, the PC will close all applications and perform the terminal
reset, removing all traces of the patrons activity. o
Personalization is a module that allows a user to configure and
save his or her Internet settings, i.e. their home page, favorites,
cookies, history, and address bar entries. This means that once the
librarys PCs are installed with GuardiaNet technology, a patrons
authentication will cause the PC to be instantly configured to
their needs. The GuardiaNet scheme for personalization is
simplistic in design, using the tools that are already integrated
into the operating system, thus making it very easy to use by the
patron. When the user ends the session, all personal settings are
purged from the computer. o Secure remote file storage on the
GuardiaNet server farm is also referred to as virtual storage. This
module allows the user to save and retrieve documents and files on
a central server that can only be accessed after a correct
token/PIN combination is used to authenticate the patrons session.
Thus, a patron can be working on a project at location "A" in the
morning and open it up from location "B" later. In the public
access market, a patron rarely has the opportunity to use the same
computer from session to session, and with the size of files
growing due to increased capabilities of document creation, 1.44MB
floppies are rapidly becoming obsolete to store image and text
projects. Adding the virtual storage module to a library system
greatly increases a patrons ease of use, since carrying and
managing removable media is no longer necessary, as well as
enhancing the security of the library network be removing one of
the most common sources of virus infection removable media. The
module also takes care of the need of patrons who do not have a
computer at home by allowing them to work on a project in one
place, such as work or school, and use public access at times when
they are not at work or school. o GuardiaNet's access management,
i.e. what can be viewed or used by the authenticated user, is the
most flexible and unique access management system in the
marketplace. GuardiaNet is the only system that enables the library
to facilitate the patrons choice to allow for individualized access
controls unique to each and every patron without requiring
time-consuming staff intervention. GuardiaNet allows the patrons
computer experience to be managed around individual patron (or
parental) wishes, the policy of the facility, or a combination of
both. So strong is its design, it was the only technology solution
singled out in the American Library - 7 -
8. Association memo on Internet filtering. GuardiaNet's access
management has been widely reviewed by almost every "watch dog"
organization, as well as by Congress, and found to both fit
Constitutional needs while allowing a community to apply local
policies and giving concerned parents a true (down to a single web
page) choice. o When used with patron-directed services such as
self-check machines, GuardiaNet has the ability to customize the
experience to the needs of the patron. These services can include
everything from instantly displaying screens in a different
language to, communications from the automation circulation service
to inform the patron that reserved / hold materials are available.
It can also facilitate other information that the library wishes to
be displayed to the patron, such as age of user specific messages
and instructions. o Printing, copying and other payment services:
Depending on the carding technology that is selected by the
facility, GuardiaNet can offer either an electronic cash purse on
the card or simply facilitate authentication to a server-based cash
system. This means that all cash services in a facility can be
rules-based (have different rules depending on the user or service)
and completely take the facility out of the expense of daily cash
handling. GuardiaNet is currently working with several cities to
respond to the needs of communicating financial transaction data to
ERP systems like SAP. Many communities are looking at expanding
this cashless system outside of the library. This means that the
GuardiaNet technology has the ability to be utilized for other
community services such as parks and recreation, vending, civil
fees and parking. o As thin client technology advances, GuardiaNet
will offer a turnkey solution that incorporates all of GuardiaNets
modules delivered via thin client technology. When you consider
that GuardiaNet can perform tasks like terminal personalization and
document storage, this will make thin clients friendly in the
marketplace. Other distributors of thin client technologies,
e.g.Veicon have contacted GSI about including its application suite
on GSIs server farms and services. To further strengthen its
position in the marketplace, GuardiaNet is working with library
automation vendors (LAVs) to further integrate their systems with
GuardiaNet's technology. Libraries are truly a place of
"one-to-one" needs, and with so many services becoming automated,
the LAVs recognize that GuardiaNets technology can bridge this gap
by privately and securely recognizing a patron using the system.
This means that the LAVs OPAC and other services can now recognize
that the patron is a child or an adult on their system and
customize the information that is transmitted from their system,
irrespective of the origin of the request. Several LAVs are
actually working with GuardiaNet to embed the technology into their
automation system. The first vendor will be released in January
2003 and GuardiaNet will be marketed to their customers as a
standard product in its sales presentation. Currently GuardiaNet
has interfaced with all of the major automation systems through SIP
protocols or custom APIs. GuardiaNet is enhancing its position by
developing XML / NCIP to offer more personalization features, such
as single authentication, which will allow the user to log on to
the PC once and use all available services without having to
re-authenticate when going from OPAC to subscription services.
Without GuardiaNets integration benefits, a patron is constantly
prompted to re-enter his or her 14-digit bar code. Another
development will be "single point of reporting" which will allow
the library to have better data on asset usage, both physically
installed devices (computers, printers, copiers) and licensed
subscription databases. In light of the increased need for
electronic media and continuing budget constraints, this
information is invaluable to the library facility, and yet - 8
-
9. currently is not tracked in any logical way. By providing
this level of reporting and enabling the data to be customized by
the facility and transmitted to the cities ERP, GuardiaNets
technology will greatly assist in the understanding of how to plan
and subscribe to what the library needs the most. One area of
growing importance for libraries is specialty databases that have
high value to a smaller number of patrons. With the GSIs two-factor
authentication and cash purse features, the library can begin to
negotiate with subscription data vendors for services that may be
important to a few users on a "pay per view" basis. GuardiaNet can
integrate with 3Ms DMFM for authentication and cash purse services
as a front end for 3Ms Library Systems. By facilitating the
authentication for self-check and self-return, GuardiaNet can be 3M
OneCard solution, incorporating the rules that determine what can
be checked out down to the individual patron and at the same time
handle any fees and fines associated with the patron. This will
move 3Ms system beyond a "self-check" system, and become a true
self-service station. Add to this the functionality of the entire
GuardiaNet application suite, all facilitated by a single patron
card, and the benefits and overall cost savings becomes instantly
evident to the librarian. Since October 1, 2002, GuardiaNet has
negotiated and priced almost a million smart cards in the library
market alone, at a retail price averaging $1.08 each. GSI does the
one thing that is of utmost importance to public access usage of
electronic media; allow a true "one-to-one" relationship between
the facility and user. GuardiaNet's technology, and the logic
applied to the design of the LibraryGuardian application suite,
allow a one-to-one relationship and still remain well within the
privacy needs as demanded by civil libertarians and library
associations. The design is so sound that GSI management has been
invited to speak with the U.S. House of Representatives, Department
of Justice, the White House Summit on Internet, National Academy of
Sciences, U.S. Department of Education, and U.S. Department of
Commerce as well as testified to various Congressional Commissions.
- 9 -
10. currently is not tracked in any logical way. By providing
this level of reporting and enabling the data to be customized by
the facility and transmitted to the cities ERP, GuardiaNets
technology will greatly assist in the understanding of how to plan
and subscribe to what the library needs the most. One area of
growing importance for libraries is specialty databases that have
high value to a smaller number of patrons. With the GSIs two-factor
authentication and cash purse features, the library can begin to
negotiate with subscription data vendors for services that may be
important to a few users on a "pay per view" basis. GuardiaNet can
integrate with 3Ms DMFM for authentication and cash purse services
as a front end for 3Ms Library Systems. By facilitating the
authentication for self-check and self-return, GuardiaNet can be 3M
OneCard solution, incorporating the rules that determine what can
be checked out down to the individual patron and at the same time
handle any fees and fines associated with the patron. This will
move 3Ms system beyond a "self-check" system, and become a true
self-service station. Add to this the functionality of the entire
GuardiaNet application suite, all facilitated by a single patron
card, and the benefits and overall cost savings becomes instantly
evident to the librarian. Since October 1, 2002, GuardiaNet has
negotiated and priced almost a million smart cards in the library
market alone, at a retail price averaging $1.08 each. GSI does the
one thing that is of utmost importance to public access usage of
electronic media; allow a true "one-to-one" relationship between
the facility and user. GuardiaNet's technology, and the logic
applied to the design of the LibraryGuardian application suite,
allow a one-to-one relationship and still remain well within the
privacy needs as demanded by civil libertarians and library
associations. The design is so sound that GSI management has been
invited to speak with the U.S. House of Representatives, Department
of Justice, the White House Summit on Internet, National Academy of
Sciences, U.S. Department of Education, and U.S. Department of
Commerce as well as testified to various Congressional Commissions.
- 9 -