Packet Inspector Kindsight: We’re the Google of Web Security

Kindsight CEO Mike Gassewitz cringes when he hears his company described as a deep packet inspection firm. Yes, that is part of what the company does, but he believes the technology is an integral aspect of Kindsight’s primary mission: free computer security and identity theft protection. Where the company has some confused is that it is also using deep packet inspection to also help target ads for consumers. In that way, Kindsight is similar to Google: it offers up a free service and then monetizes it by delivering ads against its customer base.

“We’re very similar to Google; they get a lion share of revenue from advertising,” said Gassewitz told me. “But Google’s search engine isn’t an incentive for advertising and our security product isn’t an incentive for us. We do real hardcore analysis to look for malware. If we didn’t have that, we wouldn’t have a business.”

Kindsight —  a spin-off of Alcatel-Lucent (s alu) preparing to deploy with Internet service providers — will serve as a great test for how well it can utilize the controversial DPI technology to serve two distinct goals whose operations are intertwined. Deep packet inspection involves monitoring Internet data traffic down to the deepest layers and can be used for security, traffic management, spying or behavioral targeting. If Kindsight finds traction, it may signal the way companies can leverage DPI to good effect without stirring up the controversies in the past associated with companies like Phorm and NebuAd, who caused outrage when they monitored people’s online behavior and targeted them with ads.

While Kindsight is looking to sell its Internet security solution through the ISPs, it believes it needs the advertising component to be successful and help ISPs pay off the investment in the technology. It’s gone to great lengths to make its use of DPI not only palatable to users but appealing by offering free, enterprise-grade, network-based, security to consumers. Six ISPs in North America, Europe and Asia are trialing the technology, and Kindsight is talking to many more. By installing its deep packet inspection appliances inside the network, Kindsight said it can pick off tell-tale signs of malware traffic that get overlooked by traditional consumer security software that resides on a computer.

Where things get interesting is when Kindsight leverages its position inside the network to serve up ads. For users who take the protection service for free, Kindsight looks at the web traffic from a customer and builds an anonymous character based on their activity, from which Kindsight can infer their likes and interests. Kindsight then uses that information to help target ads for its base of 100,000 advertisers. Gassewitz said Kindsight doesn’t track individuals, doesn’t store any information and avoids scoring data on users from visits to sensitive sites that deal with politics, health, religion or children. Even without that information, Kindsight can glean a lot of good inferences because it inspects packets down to layer 7 of the OSI model.

The ad portion of the business is essentially what Phorm did but without informing users. Kindsight has learned from Phorm’s faux pas: it makes its service opt-in. Users will get prompted by the ISP, which will take them through a lengthy process if they want to sign-up. If they agree, they will get monthly reports on security and immediate alerts for intrusions. Users can opt-out at any time but will forgo the security service. Or they can choose to pay a monthly fee to keep the security protection while avoiding the targeted ads.

If Kindsight can get the formula down, it believes everyone can win. ISPs, who get a cut of the Kindsight’s revenue, can monetize their data and avoid becoming dumb pipes while users can get a valuable service, and Kindsight can make money selling the service. “From an advertising perspective, being inside the network is sensitive so you shouldn’t do this unless consumers understand what is occurring,” Gassewitz said. “Why we’re getting traction is the value to the consumer. There is a real value in network-based security.”

There is some irony in a company that uses DPI to sell security considering Phorm was called out as a provider of adware and spyware. But Gassewitz believes he can essentially redeem the reputation of DPI technology with Kindsight. Looking at the model, I can certainly see the appeal for Kindsight and ISPs. Consumers will have to get a straight pitch from their Internet provider and see clear results over time for this to work. And they have to be assured that Kindsight’s claims of anonymity are fulfilled.

But pairing deep packet inspection with online security is about the best way to use DPI technology for advertising and lets ISPs tap into the goldmine of user data they’re sitting on. It’s better than Phorm’s attempts to sell consumers in Brazil on DPI-based targeted ads. Phorm is working with two ISPs there to give customers personalized content on partner websites if they opt-in to the service. That seems like a less valuable offer compared to online security, which many people worry about. I’m not sure Kindsight can have Google-like success but it’s got a better shot than previous DPI companies.

Related content from GigaOM Pro (sub req’d):