cVidya, the Israeli revenue assurance vendor, is seeking an injection of between USD10M and USD15M, and is possibly looking to attract buyers, according to Globes.

Let me lay my cards on the table. cVidya says a lot of things about how great they are, but few of them add up. Past experience of their actual products have made me wary of the claims made publicly by cVidya and its employees. I approach this latest news with my spin set to counter that of cVidya’s PR representatives. On February 15 they told us the following:

London, February 15, 2012 – cVidya Networks, (www.cvidya.com) a global leader and innovative provider of Revenue Intelligence solutions for Telecom, Media and Entertainment service providers, announced today that the company has seen growth of 25 percent in revenues and 20 percent in sales compared to 2010.

But there was no mention of profits, or cash generation. Searching for another USD10M in finance suggests cVidya are still fundamentally a loss-making and cash-burning outfit. When cVidya completed its merger with ECtel at the start of 2010, they inherited ECtel’s cash pile – and their burn rate. If nothing changed, ECtel’s cash reserves would have lasted 18 months. Now, 26 months later, cVidya needs more cash. This suggests they slowed the burn, but after 12 years in business they still have not turned cash-positive.

Also, the story of growth is not as good as it first sounds. The thing about announcing growth is that, even with an unlisted company that does not present reliable and transparent numbers, the good news given in the present day can be compared to the good news given in former times. When cVidya and ECtel merged, I speculated that the pre-merger cVidya generated similar revenues to the pre-merger ECtel, and hence that their combined annual revenues would be USD40M. My analysis was prompted because cVidya claimed to be the market leader at that time – a claim I thought unlikely given the more transparent revenue numbers available for WeDo and Subex. Soon afterwards, cVidya CEO Alon Aginsky publicly stated that the firm’s combined revenues were ‘in the area of USD50M’; see here. He also reiterated the claim that cVidya was the largest vendor by revenues and customers. I still think that was a bare-faced lie, and I take this most recent press release as corroboration. Whilst nobody else is claiming growth rates like cVidya, cVidya has stopped claiming to be the largest vendor and has now reverted to saying it is a market leader. Furthermore, the numbers make little sense, unless we assume low or negative growth during 2010. Currently we are told that the 2011 revenues were 25% higher than they were for 2010, and Globes tell us they are in the (very broad) range of USD60M to USD70M. Notice something? For 2009, the combined revenues were USD50M according to Aginsky. So, considering the stellar growth in 2011, what was the rate of growth in 2010? Was it nil? Was it small? Did revenues fall in 2010? Even if we take the top of the range for 2011 revenues, at USD70M, then a 25% rise means 2010 revenues must have been USD56M. At the bottom of the range, for just USD60M revenue in 2011, then a 25% rise means 2010 revenues were only USD48M… which is ‘around’ USD50M but only just. So perhaps there was revenue growth, but we can also say, with some certainty, that this company’s growth is far from steady or consistent. Also, we do not know how foreign exchange movements alter the USD-stated figures. For example, the US dollar fell 7% against the shekel during 2011; has the influence of extraordinary gains on forex been stripped from cVidya’s reported growth?

It should also be noted that the Globes article repeated their earlier report that revenues doubled as a result of the merger with ECtel. ECtel’s 2009 revenues were USD20M, something we know because ECtel was publicly listed. So was I wrong when I said combined revenues would be USD40M? How did USD20M ‘double’ to USD50M? Now the range for revenues is somewhere between USD60M to USD70M. I am willing to hypothesize a kind of consistency here. The real revenue number is always going to be around 10M less than the top number that cVidya touts publicly.

Anyhow, now that we learn cVidya is looking for a buyer, at a reported price of between USD150M and USD200M, the thinking behind their press release is clear.

Since their acquisition of ECtel in January 2010, cVidya has shown a consistent increase in its global customer base. In 2011, cVidya added 26 new customers, including some tier-1 CSPs in Europe, Africa and the US. In addition, cVidya extended its offering to include Analytics and Sales Performance Management beyond its traditional Revenue Assurance and Fraud Management solutions.

This ‘consistent increase’ in customers was not matched by consistent growth in revenues, for the reasons given above. More importantly, it seems that over the last two years cVidya can only name one of the new CSPs buying its products: Alaska Telecoms. Why are the other 25 customers so shy?

During 2011, cVidya has launched ProactiV™, the first solution that incorporates risk management methodologies within Revenue Assurance and Fraud Management, which has been deployed at several operators in North America, Europe and APAC.

Do not get me started on this. A well-meaning employee of a telecoms operator goes to the TM Forum, donates his intellectual property, and soon afterwards this is twisted into a justification to bolster the sales price of cVidya. Another round of applause for Gadi Solotorevsky, shameless pirate… I mean ‘selfless contributor’ to revenue assurance.

In addition… [snip the waffle about this new product and that new product, all with unnamed customers]… In 2011, cVidya has also introduced its cloud offering and already deployed its FraudView®/Cloud solution at leading providers such as Alaska Telecom.

Like I told you, Alaska Telecom is the one new customer whose name they can mention in public. So they did.

In addition, cVidya has managed to become the leader in expert training for Revenue Intelligence when launching the Education Center with its eLearning courses in Revenue Assurance and Fraud Management to address the market demand.

How peculiar. When this freebie was launched I was told it was not a blatant attempt to pirate TM Forum intellectual property into a training course that competes with TM Forum training courses. The weak explanation was that, supposedly, cVidya had no intention of aggressively competing in the field of training. Now they say they are the ‘leader in expert training’. Still, there is some comfort in hearing that Pirate Gadi is more popular than Papa Rob. Now he just needs to back up the hyperbole by showing stats to justify his claim to more members/trainees/certificates/courses/whatever than Papa Rob’s GRAPA.

“2011 was a fantastic year for cVidya,” said Alon Aginsky, CEO and president of cVidya. “cVidya has kept growing and continues to stay ahead of the market by extending its offering and entering new markets. While we have seen a slowdown in our marketplace, cVidya has kept driving and continues to stay ahead of the market. We continue to look forward into 2012 and foresee more positive improvement and progress.”

Slowdown? Excuse me? Cut through the waffle, and this quote says three things:

• cVidya “continues to stay ahead of the market”.
• There was a “slowdown”.
• cVidya “continues to stay ahead of the market” (again).

This tells me two things:

• This press release is a bodge, and was not properly proofed before it was issued.
• In the middle of the bodge, cVidya let slip something they should not have mentioned – they are suffering some kind of slowdown.

Unfortunately for us, this deepens the mystery about cVidya’s future, but offers no clues to solve it. We are told everything is ‘fantastic’ for cVidya. On the other hand, I would say investors should be wary of buying companies that concentrate on a market suffering a slowdown. This is how I interpret current events: people like to sell when they can get the highest price. cVidya is a business that has been running for 12 years. For most of that time, cVidya has told people that it is a start-up, even though the claim got more preposterous each year. Indeed, in 2009 Globes said cVidya was the 10th most promising start up in Israel. cVidya has never been profitable, and never generated cash. There is no possibility of an IPO; circumstances are even worse than when ECtel was listed, and the problems at Connectiva have highlighted how exaggerated growth estimates for the RA market are no guarantee that investors will get their money back. With no reason to be optimistic about a reversal in the ‘slowdown’ – a euphemism for the realization that actual market size is not as great as cVidya has previously promised its backers – cVidya’s top team spent one year trying to boost revenues by selling any and every barely connected offering they could think of, with the result that these additional sales had little synergy to their core offerings and hence did not contribute to profits. The news of revenue growth could then be turned into their last and best opportunity to sell the business and deliver some kind of return for investors. But that is just my opinion; there is too little fact on offer to properly analyse cVidya’s performance. I can only observe that cVidya’s report of its own performance has never been reliable. As always, the maxim should be caveat emptor – let the buyer beware.

In October, the Managing Director of Teleonto, the fringe Indian RA vendor, was arrested by police for allegedly siphoning INR18.6M (USD340k) of investor funds; see here. The CEO is also reportedly wanted by police. Teleonto’s website has seemingly disappeared, but their corporate LinkedIn profile is still visible here.

Newsgopher holds his paws up and admits this story initially slipped by him. There are dangers when dealing with unproven providers, because they may make grossly inflated claims about their business. Teleonto were always something of a mystery, despite the fact they called themselves “innovation leaders” in the field of revenue assurance. For several years they occasionally obtained publicity for supposed product developments and for their fund-raising efforts, but their history appears to be that of a venture which entered the market too late and never developed a viable offering. A year ago the CEO gave an interview where he stated that the company had focused its strategy on providing RA SaaS; see here. This scandal highlights the need for care in determining who has access to sensitive RA data. It also highlights the importance of thoroughly checking the viability of suppliers, especially now that the RA gold rush has come to an end and unprofitable suppliers find themselves unable to secure investment to keep themselves going.

Full disclosure: Newsgopher has a Teleonto-branded mug at the back of his cupboard. They were handed out free at an RA conference several years ago ;)

The astonishing news from China is that 10% of all Chinese web users had their passwords compromised over the Christmas period. Hackers stole data on the 40M users of Tianya chat site, and separately on the 6M users of the CSDN programmer’s forum. In both cases, the user details were stored in plain text. You can read more here.

It seems that old pal Nixon Wampamba cannot escape the evils of simboxes. Last December he was in the news after the arrest of eight fraudsters. This year, Nixon’s Airtel team is being described as ‘less vigilant’ than his Ghanaian peers… and indirectly held responsible for USD9M of simbox losses suffered by MTN Ghana between March and October; see here. According to the story:

Figures from the National Communication Authority (NCA) indicate that in September, 2011 alone, it detected 5,454 SIMS being used for SIM boxing, out of which 21 (0.39%) were Vodafone SIM cards, 64 (1.2%) were MTN and Tigo SIMs combined, and the remaining 5,369 (98.44%) were Airtel SIM cards.

When approached by the press, Nixon gave as good as he got, and managed to turn the tables on his would-be detractors by highlighting the expensive retail tariffs of competitors:

“Since we launched our 8-8 flat tariffs the SIM Box fraudsters have gravitated to Airtel, so maybe if any telecom operator beats our rates, then they may also have the SIM Box fraudster gravitating towards them…”

Nixon went on to say:

“It is true that our SIMs still remain the most attractive to fraudsters due to affordability, but I can tell you that over time the NCA’s detection of Airtel numbers in SIM Boxes has reduced from about 500 a day to 100 day – a clear sign that we are winning against the fraudsters gradually…”

Both Nixon and the fraudsters are engaged in a long and hard fight. Good luck to Nixon, and let us hope that by next December, Nixon will be enjoying better headlines.

As previously reported on talkRA Malawi’s regulator is imposing a ‘revenue assurance’ system on its operators, even though the operators insist it infringes customer privacy. In a new joint statement, the operators have reiterated their position:

“We therefore continue to alert our customers and members of the general public that, once the system is implemented in its current form, the operators will no longer be in a position to safeguard the privacy and confidentiality of customers’ communication activities, as we understand it to be our obligation under our respective operating licenses, subscriber contracts, the Communications Act (1998) and the Constitution of the Republic of Malawi.”

There is no sign that the Malawi Communications Regulatory Authority (MACRA) intend to back down. MACRA Director General Charles Nsaliwa reportedly told the press that:

“The system will ensure quality services from operators and will only monitor Call Detail Record (CDR) which operators already submit to Macra on request…”

Meanwhile, Malawi’s Nyasa Times has reported excerpts from the legal advice given to MACRA about the new system. If reportedly accurately, the advice suggests the need for law reforms and public consultation before the system is implemented. It also suggests that Malawi’s operators are already paying their fair share of tax:

“Operators already submit all the information required by the system, both as regards revenue and quality of service. In respect of the former, they are audited annually by reputable auditors and do submit accurate revenue data to MACRA…”

Something smells rotten. CDR data cannot be used to ensure the quality of services. National regulators habitually determine service quality through tests that simulate the user experience, not by scrutinizing operator CDRs. It looks to me that Malawi’s regulator has stopped serving Malawi’s public, misleading them that their privacy should be threatened for a ‘quality’ benefit that cannot be delivered in the way they are suggesting. The real purpose of the system is evidently to prevent tax evasion by Malawi’s operators, which begs the question of why the system is needed if existing audits find no discrepancies. Customers deserve to be told the truth of that, and not told some nonsense about improving service quality. Malawi’s citizens can then decide who they think is less trustworthy: the operators when paying tax, or the government when reviewing every call made in Malawi.

Look here for the Nyasa Times’ article on MACRA’s legal advice, and here for more on the public statements made by operators and the regulator.

It is getting to the point where smartphone users would be safer binning their radio-enabled computers and just walking around town wearing t-shirts emblazoned with the PIN numbers for their ATM cards. Several popular Android phones by HTC have been added to the roll call of complacent phone security, thanks to the investigation work of Trevor Eckhart. The video below shows a simple app created by Trevor for HTC Android phones. By giving the app the innocuous-sounding ‘INTERNET’ permission, you also give the app access to extraordinary and excessive volumes of data, much of it having severe implications for the user’s privacy and security.

In short, once given the ‘INTERNET’ permission by the user, the app gets to know the list of user accounts and email addresses for each them, your last network and GPS location, phone numbers from the phone log, encrypted SMS text (which may be possible to decrypt), system logs (with all the sensitive data they capture), your shoe size and your favourite colour of underwear (okay, I made the last two up). And the permission also allows the app to send data across the internet (the clue is in the name of the permission) which means one dodgy app + one unguarded button press = all that data being fired off to a remote server for heck knows what purpose (spying, crime… you get the idea).

You can read more about this story at Android Police. However, I predict that repeated stories about lax security can only lead users to switch off from all the bad news – and switch off their phones as well.