F-Secure Oyj ($FSECURE)

Welcome to the F-Secure Investor Day deep dive. My name is Timo Laaksonen. I'm the President and CEO of F-Secure. Welcome here in the room as well as online. We're going to be focusing today on something that frees our mind and it's a new life in a way for F-Secure as you just heard in the song that opened the event. It's our Tier 1 business. It is relatively new. It's only 2 years that we have been active in this market 2.5 years roughly. And now we want to give you a bit of a deep dive how that business is going, what kind of progress we've made, where -- how do we see the future and the related offering. I will be joined later by my colleagues, but we'll get back to that a bit later. So growth and scale through Tier 1 partners. My co-presenters today, Bruno Rodriguez, our Chief Revenue Officer; and Tirunillai Viswanathan, our Chief Product Officer. Now as always, I don't expect to read through this. But more or less, we are making statements here, and there are all kinds of uncertainties in the world, and nobody can guarantee that all of this happens. That's it in short. It's the executive summary. Now I will set the scene by talking about how we are accelerating F-Secure growth through Tier 1 partners. So let's get going. 1.5 years ago, we had our previous Investor Day, so about time, you say, and in that Investor Day, we had 4 topics that we covered, 4 strategic priorities. We wanted to accelerate our profitable growth. We have seen very low growth for the past years. And we wanted to also make sure that we can fund further growth investments. Secondly, we wanted to deliver the #1 security experience vision. And I'll get back to this, and my colleagues will get back to this in their presentations, but we wanted to set the experience are. We know that consumers have felt that cybersecurity and consumer cybersecurity is just way too complex to understand. So we wanted to make it simple and understandable and relatable. Thirdly, we said that we're going to be focusing on our partner business and especially for growth on the Tier 1 partnerships and thus, the theme of the day. We also said that we want to optimize our direct business revenue and make sure that it is a strong profit generator for the company. while we're focusing more of our new investments onto the partner business side. So we had 3 things that we felt that are absolutely fundamental to be able to deliver on this, we need to expand our addressable market, both through Tier 1 and new verticals and provide the best partner experience, value increase through scan protection solutions, getting our partners and end customers to convert into total from the separate applications that we previously provided. And we came up with a new product category altogether, embedded security or embedded experiences. And then in terms of company culture, this is all done by human beings, and we saw that we naturally in our culture, we want to make sure that we have a growth mindset and agility in the changing world. More adapt to what we're seeing right now in the market than ever maybe. So that was the setup in, let's say, 18, 19 months ago. Now let's get back to what we've done. So the rest of my presentation is very much about how we see the situation today and how we see our strategy developing in the future. So when you're in any business, you need to understand what are the kinds of challenges and opportunities that your customers/partners are facing in their own business. So here, you can see that we have listed a number of partner challenges. On the revenue side, their average revenue per user for the communication service providers out there is forecasted to decline 2% per year through 2028. So that's never good. Their growth is hitting the ceiling. In terms of retention, this is across the industry worldwide, roughly 22% annual churn. Replacing a lost customer costs 6 to 7x more than being able to hold on to a customer. In terms of capital, vast amounts of money have been invested into 5G infrastructure and the payback has so far been relatively meager and in terms of differentiation, everybody is fast, everybody has great prices. So how do you work in this world? Now we see that we are offering to our partners. Trust as a service, trust as a business is actually a very, very good answer to all of these things. In terms of revenue, our services are high average revenue per user it's recurring. In terms of retention, there is absolute wealth of information, which confirms that customers who have gone for security services are more likely to stay with you. In terms of capital, embarking on the journey of providing consumer security services is fast and very lightweight compared to practically anything else that you can take out to market through a communication service provider. And in terms of differentiation, the number of players that we see out there, I believe that Bruno is going to refer to this in his presentation. More and more of the big communication service providers are starting to talk about trust as a core value proposition, not only as a value-added service, which I have practically banned as a term within F-Secure but as a core service. So branded trust experience is something that the consumer feels and remembers. So it goes way beyond a commoditized offering. So that's why we believe that we are as topical as -- and in a good place, the right place right now in the market. Now I already mentioned this. So AI fraud is actually now visible in such a scale that consumer expectations, regulator agendas and Tier 1 product strategies are shifting as we speak. The problem of scams hasn't gone anywhere. $442 billion were lost to scans across the world in 2025. And AI fraud attempts, that's a pretty big number, 2,000% up since 2022. The response is that of consumers out there expect their communication service provider to take care of their cybersecurity needs. 93%. And we've been very partner-centric all this time good place to be, I would dare say. Then Tier 1 reaction, we've just picked up 3 here. So Orange Verizon and Vodafone all highlight now trust as a very critical and core proposition in their offering to consumers. So this, from our point of view, the very good development. Now then we claimed 1.5 years ago that we will be going after Tier 1. So how have we done? I'm sure that you've seen this picture of a globe before if you followed any of our previous streams. All of these names that you have on the slide are our partners. This is not the target segment. These are the ones that we're serving. In the lower left-hand corner, there may be 1 CKH that you don't recognize, it's Hutchison 3. But we now serve 10 out of the 20 largest CSPs globally, and out of 20. Pretty good hit rate. Once again, Renaud is coming back to this. We're excluding China from these numbers as we don't find it tolerable for us to actually go to the Chinese market because of the authorities and the regulation. Now the journey continues. We've won a lot of partners. Now what's happening now? So if you look at the journey on the slide here, we set the bar at the end of 2024 to go for leadership in the Tier 1 segment we won practically every single deal, practically every single deal that we've gone for in '24 and '25 and beginning of this year since then. I can't guarantee that we will win every single deal going forward, but this is a pretty striking track record that we have here. So our value proposition and something in the way that we operate in the market has clearly struck a cord. Now what we're actually doing now is that once we have signed a deal we work very, very hard to get that service launched together with our partner, and we want to be growing user base. Very often, when we signed the deal, there is no users to begin with, and then we have to ramp up over time so that we get the volumes of users and our license fee is growing. So we are now naturally, we're focused on carrier-grade delivery activating users, attaching users and running retention activities for those who have been out already for a longer time. And now we have a pipeline. We don't leave it here. when you get the domino going, you naturally want to continue it, and you know it's only 10 out of 20 right now. So there are both expansions and extension deals that we're working on and projects that we're working on with the partners we're already serving. And then as always, we're also looking to expand the partner base with new logs. And Bruno will talk a little bit more about all of those topics I had on the previous slide. Now our midterm target, as you may remember, is that we will have high single-digit revenue growth and our targeted adjusted EBITDA level will approach 40% when our revenue approaches that EUR 200 million. And this growth towards EUR 200 million is very much anchored on the Tier 1 business and the Tier 1 growth. It's not the only source of growth for F-Secure, but it is by far the fastest growing. It's solid double-digit growth. And this growth in hindsight, I would say, is largely built on the Lookout Life acquisition that we made precisely 3 years ago. The first logos we got DOCOMO and AT&T were valuable, the understanding of how to build mobile-first experiences, important, working to expand our embedded security portfolio, very important and a position in the U.S., which was strengthened through the acquisition price less. So from that perspective, I would say that we would not be here talking about this topic had we not made that acquisition. Now U.S. is our single largest growth driver right now. in double-digit numbers and partner business as a whole is the one that drives our growth for now. Something that may have gone unnoticed for many of you online and here in the room is that we actually refreshed and updated our vision and mission as a company, some 4 or 5 months ago, and it's now as follows: the vision, leave your best digital life, trust for a world, AI keeps rewriting. There's a lot of small text in there, which is actually very relevant. So I will make an exception here and I will read through it because I feel that it's very crucial. We are building the invisible layer of trust in consumers' digital life, embedded by the world's largest digital service providers, delivered through AI and scaled to every digital moment, shopping, banking, messaging, investing, socializing and so forth and the emerging [indiscernible] world. So this is what we're working on. And if you think about this and you read through that, we don't mention the world security a single time, whereas we talk about trust. And from our point of view, we feel that it's time to start shifting our view from protection to resilience and from security to trust. And this actually opens up much faster potential for growth in the ecosystem where we function. We're not leaving security behind. We're just going one dimension further up in the logical succession. Now when we talk about trust, we believe that we have reached a trust inflection point. And when you go to any kind of event these days, pretty much of the talk is around I bet there are lots of key notes being given around the world right now where everybody is praising how AI is taken on the world and changing the world. And it does. But 1 of the things is that the defining constraint for consumers in AI is not necessarily their capability to use AI. It is trust or rather the lack thereof. So there are already 900 million weekly users of Chat GPT, some EUR 650 million Gemini from Google, monthly users. 2 billion -- actually 2.5 billion prompts are written to AI assistance every single day, 2.5 billion prompts. So everybody is using but they trust it. I mean it's quite a paradox, I would say. So 84% of people according to our global survey, almost 10,000 consumers, of the people don't trust what AI is telling them or they don't have the capability anymore to know what's real online because of AI and deep fakes and so forth. So the mistrust is there. Only 18% of the claim that they would be willing to give AI the capability to act on their behalf online. When we look at market surveys, they state that 2027, which is no more than 7 months away now, by 2027, End-user activated activities online will be surpassed by agentic activities, right? It's like 2027, it's million to 19 months away. That's very, very fast. And if we see that the disconnect here between people not trusting AI and the expectations that Agentic will take on the world, there's a big problem here. And we believe that when this fundamental mistrust exists now in this AI emerging ecosystem, whoever now holds already consumer trust to begin with, is in a good position as the market evolves. And what our partners have is a long-term local maybe years, if not decades, of a relationship that they have and they can play on. Now we believe that in addition to everything we've done so far in F-Secure and we continue doing it, by the way, there is a once in a generation window right now to create a new category of services and solutions that we can develop and take to market. a new tech stack, naturally lots and lots of AI-related capabilities are going to be crucial over there, like edge computing or you could say, on device computing federated learning and so forth to drive down cost, to drive down latency and to protect people's privacy. Tier 1 distributions or Tier 1 distribution. So Tier 1s want to be on the AI boat. You already know that there are multiple big players out there who may be resaid services to AI assistance for the better versions or premium versions of these products. They want to get on this -- and naturally, because we are already there, we want to leverage this moment. Securing AI that acts on your behalf. That's going to be crucial to create a trust that we get consumers along the journey. And finally, we see that also in the direct-to-consumer category, there is no category leader for providing trust in this AI driven world. And from that perspective also, this provides us opportunities to combine partner and direct business, direct-to-consumer types of channels to market. And there may be more that Bruno will talk about. So that was all for me. And now we have a Q&A for anybody who wants to clarify something or have further questions. We will also have a Q&A at the end of each of the sessions. My colleagues will be running, and we will have a joint Q&A at the end of the session. So you will have multiple opportunities to post questions. But now the floor is open to people here in the room. Will Ina be providing the microphone to ones who may have questions and then also online. You can also post questions to me.

Waltteri Rossi from Danske Bank. I'll start with the Tier 1s. So what needs to happen for you to get the other 10 out of the top 20 CSPs?

We believe that we had to be able to built the networks that are necessary to get access to these players in the first place. I would say that, that is something that you can't just repeat an autopilot. Every single case is different. So people in these big players are that we don't necessarily know. And that needs to happen. We need to find inroads. But then again, the world travels fast, and we naturally believe that there is a compounding effect of so many players already working with F-Secure, but the word spreads that will help. So nothing comes easy or fast in this world. But I would say that the most important thing is that when we're looking at new players, for instance, in Europe or in Asia, we need to make sure that we have the inroads to get to the C level and the SVP level of these players to talk about what we could do. I would say other things we have. solutions, scalable service model, knowledge of how to help them ramp the service and drive value. So that part, I would say that we're in a good place now.

All right. Did you say that CSPs did not include Chinese ones? And what is the reasons?

The reason is that the Chinese regulator typically requires back doors into any security-related systems, and we do not go for that.

5 So you are currently not considering kind of the Chinese market.

We aren't.

Understood. Then 2 questions about the partner business. You said previously that the total conversion total conversions are done, but how many of your partners actually ended up upgrading for the total? And how many of those roughly are today selling the total package?

I don't know the precise numbers today. But my estimate would be that somewhere between 85% to 95% have already converted into total. But the things that are still happening to increase the value of that business is that we have multiple different modules in total. And practically, every single month, we have new ones, for instance, who are going for scan protection, which they did not have before. So there is value increase even in the cases where partners have already gone for total. And there are many who don't necessarily have the password vault in use or VPN in use. So on that front also, we can expand our offering. But the conversion has proceeded well.

And last one, you had a slide showing the partner challenge. And then you showed that there is this ARPU forecast, which was a 2% decline year-over-year. Did that relate to their revenue.

Okay. So when they are selling about subscriptions, broadband, content and so on and so forth, that related to theirs.

And what is your outlook on your partner, channel?

Now our partners are clearly seeing ARPU increase through the introduction of security services. So it's ARPU increase and better retention. And the facts are facts are clear.

[indiscernible] May be about the 10 missing partners from Tier 1. So I'm not sure if you have commented this, but how big are the ones that you are missing compared to the ones you have in terms of revenue potential?

Yes. So the way that we have built this 20 list is are some of the biggest in the world and the ones we're missing are of similar magnitude.

All right. Then maybe about the use as a growth driver that you mentioned. So do you see a trend that CSPs would anyhow prefer U.S.-based cybersecurity companies? Or do you have to prove yourself somehow more because you're European.

No is the short answer. They want the best partner and best solution.

All right. Then maybe about the competitive landscape in Tier 1s and maybe how fast they are working with their AI capabilities compared to do you see yourself as a first mover here?

A bit difficult to say. I think that as you follow tech, you see that any and every company is very quick to say how they are focusing on AI and how they have AI-powered services. All of our competitors have AI-powered services doesn't come as a surprise. Any self-respecting tech company would do so and make that claim. Now the difference maker really is that are we solving the same problems as we did before, more efficiently with AI, which is good, and everybody does that, by the way. Or are we creating completely new kinds of solutions because AI allows to do something or the threats that AI poses the consumer trust, for instance, in a way, merits for a new kind of category of solutions. There are big differences. So I see much more of the first 1 where we're building better solutions with AI. But the new -- completely new kind of solutions that you never had before, I would claim that we are at the forefront.

This is Henrik Gernan from SEB. Do you see -- what do you see are the risks of criminals using AI to sort of front-run the security development? Do you see any risks associated with that?

It's constant cat and mouse. It's just the situation changes day by day. And you saw the picture where I had the number, 2,000% increase of AI-powered threats or attacks from 22% to 26%. So it's massive. But I would say that we have kept pace. You can never -- of course, you can make forecasts about the future. But we've kept pace. And for instance, now in May, we launched the press release that 1 of our Tier 1 partners, DOCOMO in Japan, has just gone out with deep fake protection services. So that's a completely new category that -- of protection that we built. So as the criminals move into that kind of area, so do we -- so I wouldn't say that there is awful concern.

All right. Then one more question. Have you seen any key arrivals reacting to your Tier 1 partner first strategy.

We have competition in every single case. Our Tier 1 partner have massive procurement departments, and they at least make sure that there is always some competitor or several competitors playing I would say that there's competition. They have good technology. They have good people. And we do need to work very hard to keep on winning business the way that we have. They are good. But so far, we've managed to find that margin of differentiation. And I would say that, that stems now from the fact that just the mere number of references we have, our embedded portfolio, our partner centricity in how we help them build their consumer business, consumer security business. That's that I would say is the differentiation that has helped us. But naturally, still, every battle is a battle I believe that we are now ready to move on to the next section. So [indiscernible] Bruno. So our Chief Revenue Officer, will now take the stage and talk about how we're actually running this business. Over to you.

Thank you, Timo. Okay. So good afternoon, everybody. we're going to talk about winning launching, but especially, we're going to talk about growing. So okay, so at last Investor Day was if I recall actually November 2024. So that was quite some time ago. I think it was my second month in the company. when we did that Investor Day. And a lot of things have changed since then. And there's a couple of, I could say, important miles that we have here related to , which is what we're going to talk about today. It's all going to be about the Tier 1 CSPs. First of all, last year, we signed an agreement with Orange Europe as the preferred partner, cybersecurity partner for the group. And we have planned in the second half of the year, the launch of at least 2 countries inside the Orange Europe group. At the beginning of this year, there was another significant milestone where we signed an agreement with AT&T currently or was one of our biggest customers to expand our solution that we have active Armour, include also financial monitoring, which is a completely new service okay? This was a significant expansion of our current agreement with AT&T, very, very important. Then April this year, just a couple of months later, we both signed and launched a new security service with Verizon. This was the largest deal in F-Secure's history. So we announced that already, significant win with one of the biggest telcos in the world, Verizon in the U.S. And we will enhance their digital secure capabilities. with identity secure or identity protection and several other security and scan protection modules into their app. And then the final one, just last month, we signed and launched a new security solution with TOcuMo in Japan. DOCOMO was already our partner. We were powering their [indiscernible] security app. And now we are enhancing as Timo said before, we are enhancing that app also with very innovative scan protection and deep fake detection capabilities, which are first to market in Japan. And then final we also announced that we signed a new Tier 1 CSPs. Unfortunately, we cannot disclose yet the name of this one, which is confidential, but the launch is now in planning. So significant traction with the Tier 1s in the past 12 months, as you can see. Okay. And [indiscernible] a bit of my thunder here when he talked about compounding effect because it's not only the fact that we are signing these 4 new deals recently and going to market with these advanced solutions with our embedded portfolio is that these references are actually enabling us to also participate in significantly more projects in Tier 1s. So this is addressing the question of how do we get to that other 10 that are not working right now? But there's 2 ways of doing it. One is using the references. There is no other security company in the market right now with these references in Tier 1. There is no weather in our market. So this will advance us. This is a compounding effect. The fact that we'll be able to win all of these allow us to be better positioned to win also new Tier 1s in the future. And here's another number for you. So we've won all of these deals. But what is really the business behind all of these teams and what is our addressable market right now. And this is a very important -- this is a very important number. So if you take all of this is the globe that Timo was pointing out, if you take all of the combined subscribers from all of these customers that we have right now as our partners. You take all of their numbers, there are approximately 1 billion subscribers that we now have access to that we didn't before. So this is a significant increase. If you take all of these there are approximately 1 billion end-user subscribers that we have access to in the 3 geographies that we are focusing now, North America, Europe and Japan. So not only we have 10 out of 20, but we have now a significant user base that we can help the -- our partners penetrate with cybersecurity. Okay. And take into account that significant or a couple of years ago, maybe 4, 5 years ago, this was not the case for F-Secure. So this is a big change and a big step in moving forward. And again, this is a huge untapped potential in this $1 billion base for both F-Secure, but also for our partners because we are here to make business with our partners. Okay. But not only we have access to that user base, but we believe we also have another advantage, which is our business model. So Tal is going to talk later about our embedded portfolio and what capabilities of this portfolio has. So I won't steal his standard, but I just want to talk about the business model. There's a difference between traditional cybersecurity apps that you resell and embedded portfolio. So other consumer cybersecurity vendors. They work with CSPs basically reselling their applications through the telcos channels. So then you have compete, you are, like Timo said, we're not saying the word value-add service. In that case [indiscernible] a value-added service and you are competing with other value-added services in that CSP. This is not our best model without it. Business model with Embedded is different. What we are doing is we are taking our security and technologies and integrate them, integrating them into the telcos apps, be it their dedicated security app or even other apps that they may have. So this is a completely different business model from just reselling an existing app. And this is what turns a solution from a value-added service to a core service in the CSP. Okay. It's very difficult to turn a security service into a core if you're just an app that you're trying to resell. In this case, we are embedded, we are integrated and what the CSPs are doing in their apps. So really important. Okay. Going back to the EUR 1 billion, which is an interesting number, how can we turn how can we turn that EUR 1 billion into potential revenue for us because those are subscribers that we now have access to with our products, with the CSPs products, how do we, we could say, convince those customers to adopt security. So F-Secure has been working with CSPs for decades now. So you know about this. During all this time, we have created a playbook, which includes all of F-Secure's knowledge on how to successfully market security solutions through CSPs. And this is this compound knowledge that you have there with the 5 steps. So our plan now is to apply all of that knowledge that Secure has to that EUR 1 billion addressable market that we have now in subscribers and convert those subscribers or, let's say, help those subscribers increase their protection with cybersecurity solutions. Probably the next question is going to be how many of those do you think you can convert? And I'm already seeing here the audience thinking about that. This varies from one to another partner. We have partners that have 2% conversion, and we have partners that have 20% conversion or even more. And this depends on the focus that they put on cybersecurity, the executive engagement that we have with them, how they are promoting cybersecurity in their channels and many, many different factors. The point is that we have -- we know exactly how to get to this 20% and we have a playbook that allows us to get there. Okay. So now I'm going to go and [indiscernible] that a step further, and we're going to talk about what this potential revenue would look like. So if you look at Secure's revenue from Tier 1 business in 2025. So last year, it was approximately $50 million from all the revenue that F-Secure was doing. What we believe is that the potential we have now with these references in this new subscriber base, applying the playbook that we already have, we leave that we have a future growth potential of around EUR 200 million. It's not going to be next year, but this is the potential that we have. And of course, this is with the current embedded portfolio that we have. Later, Tal is going to talk about some other future growth opportunities related to new AI solutions evolving around trust, which is also really, really important. But I don't want to steal his thunder. Okay. So what about -- so we've been talking about Tier 1 CSPs. What about other channels? So we've talked about other channels in the past as well, and we are not completely, I could say, abandoning the strategy at this moment. So we are now also looking at given the embedded portfolio that we have and the flexibility that this portfolio gives us, we are now also looking at other channels, other adjacent partner channels that we can address. So it's not only talking about how do we capture the 10 of the 20, but can we also explore other verticals that could benefit from this embedded portfolio that we now have. And that has proven to work in really, really large CSPs, that's one. And then the other one, of course, are the AI native solutions, which we also need to explore, of course, how do we take those solutions to our current channel but also how do we take those solutions to completely new channels that these solutions will enable for us? Because you will see later, these are very, very different solutions from what we have right now. So a completely new way to deliver protection to our customers. Okay. So let me wrap it up. So first of all, our right to win in the Tier 1 business has been confirmed. We have 4 new Tier 1 commitments in the past 12 months. That is very impressive, taking into account how difficult it is to win and launch solutions with really big Tier 1s. Second, we have a growth playbook that has been proven through decades in our existing partners and can now be applied to this new $1 billion addressable base that we did not have access to before. This has just opened up a new opportunity for us to actually get the most out of these futures. And then finally, we have future growth available, thanks to these Tier 1 new Tier 1 channels that we are looking into and also exploring new AI solutions for existing and new partners. So as a closing remark, so we have closed, we have launched and the next chapter is to grow. And now we have the system that is able to deliver that growth. That's all I had for today. Any questions? So I've given a lot of numbers. So probably there's going to be some questions on those from Indus again. We have addressed these new verticals has made is that now we have the possibility to embed ourselves into these new channels. We have to find the right dilutions, and there's also a significant new market driver, which is the raise of scans that are now really affecting a lot of verticals like, for example, banking, financial verticals and several others, that now we have a solution for that. So I think the product market SP-29 Million revenue potential. So was that with the current Tier 1 partners or does it include other [indiscernible]. That includes the whole the whole base, not only the current, but also the new ones. Thank you. There's another question.

Yes. Atte Riikola from Danske Bank. You showed that the adoption rate varies between 2% to 20% between partners. And you also said that you know exactly how to get to the 20%. So please tell us how.

I won't say exactly how to get to the 20% because that really will give some close to our competitors. But why is -- maybe the question is why some have and some have [indiscernible]. Well, it tends on many factors. First of all, we are working with some partners that yet do not take advantage, take fully advantage of the playbook. The playbook have different steps. So we may see partners that, for example, it's not -- this is not yet like an executive level topic for them and it starts from there. So the first thing is you need to have executive buy-in from the top level of the CSP. That's one thing that makes everything else trickle down. But then, for example, we've seen some CSPs that are enabling some of their channels, for example, online but they are not enabling physical channels because maybe it's a bit more difficult to do it because you have to do trainings and persons, you have to do the things. So the point is that, right now, we are seeing some of our partners in the things of the playbook, not all of them. Our job also in my team is to make sure that we have consistent adoption of this playbook across all of our parts. And we have a dedicated team to do that and help them adopt that. And we know that if all of them will follow those rules, they will get to those penetration rates. Okay. Thank you very much. TL?

Thank you, Bruno. Looks like I have to deliver a few thunders on your behalf. Good afternoon, everyone. Let's talk products. In this section, we will speak to how we are delivering the market leadership to the lens of the portfolio and the products. Like Timo started as well. I want to talk a little bit about 2 but with the lens portfolio. Tim spoke to the company priorities. But from a portfolio perspective and focusing a bit more on embedded keeping with the theme of Tier 1s, we set out very clearly to build the best portfolio in this industry, 1 that's broad, 1 that's relevant one that's scalable and repeatable. We also spoke about how embedded and the emerging scam pandemic is what -- the name we gave it. And how is it that driving our primary addressable market. So let's look at how have we done. As you have already heard, we are the undisputed market leader in this segment with not just the broadest but also the deepest SDK portfolio in this industry. And I want to draw your attention to 2 key points here. By the way, if it's count the number of modules there, it's probably 1 a month from the time we made the announcement. So pretty rapid. Sam protection, entire portfolio, probably covering all channels that today we find exposure with and now including deep fake, that just went live with DOCOMO. We've also introduced a completely new category under financial protection that is now live with AT&T, right? And all of this, like I mentioned, in give or take, 2 years or so, right but it's not just the product or the modules or the capability and technology. Those are critical foundations but it's about also the how we lend into the experience for partners and developers. What you see on the right is the moving image is actually an actual live sample app that has every single module that you see here, embedded it, which is then available to develop on our partner side who can then build their experiences on top of it. test it in a matter of days and weeks and now maybe even hours with agent coating. So we have collapsed the time to launch. This is, of course, from a product build perspective. There's a lot more that needs to happen to go to launch, including the channels that are marketing and like Timo, sorry, as Bruno said, executive buying. But from a product standpoint, the time to value is the fastest that we have seen in this market. I remember talking about this specifically with some of you last time on there is investments that is to be made, build this portfolio up. Where is the ROI? Can you repeat it? So for all the opportunities that Bruno touched upon that we're working on in Europe, in Asia, we have over 90% repeatability of this portfolio. And what that means is that we are able to compete win these opportunities without net new engineering work needed to build our capability. It doesn't go to that we have to do to integrate and ensure that the product is ready to be taken to market. But from a pure capability standpoint, that's the level that we are at. And this is a KPI we track extensively in the product organization and also at the company. And any deviations to those are taken into account with very strict guidance on why. So this is not just the KPI we have landed at. We have maintained it, and we intend to keep directionally a very high level of repeatability going forward. But just building the portfolio of capabilities and STK's modules is not sufficient, right? Another area of of investment for us and fundamental investment has to build what we call as a Tier 1 atom, which gives us the availability, scalability and resilience needed to deliver these services to the names that Rune and Timo mentioned. the likes of AT&T, Verizon and we are well on track to hit the golden rule of the for consumer services in the market, right? That is less than an hour of downtime in the whole year. And just to give you a sense, I won't go too much into detail what this entails -- this entails our services running on multiple AWS regions in the world to in the U.S. It means the ability for us to run services, move traffic seamlessly without any data loss or service degradation if sites go down. This means ability for us to ensure that we can manage overload auto scale based on volumes that go up and down. It means the ability for us to monitor and maintain our services end-to-end across this portfolio. So if you put these 2 together, the portfolio, which is broadest and deepest and the platform that now looks like this. That's the real moat. This is that's not easily replicable, and this is also the 1 that brings a very high entry exit barrier in this business. And this is where we've been investing at a rapid pace and delivering what you see [indiscernible] touched upon this, but I will go a little bit deeper. What does the scalability bring in terms of opportunity? And I'll mention to, one, what you see as a picture as a visual. We have 160-plus CSP partners that we serve. The top half, 20, 30, 40, they want embedded as well. They want embedded to be sitting alongside total, and that's an opportunity to pick the right selected embedded capabilities that would make sense in the My CSP App that drives higher engagement that drives higher usage, and we build call to action to total to drive adoption. So that's 1 clear opportunity that we're able to tackle with a portfolio that is elastic, and we are able to scale down the capabilities and the volumes as needed. I think there was a very good question about is embedded giving us an advantage with new channels. In my opinion, it absolutely is because all the basics that you see in the portfolio which is a capability needed for protection and trust and the scale that is needed with new digital service providers, fintechs, e-commerce, you name it, these companies that are digital natives. They operate at scale and rate at availability and latency figures that only this platform can serve. So from a portfolio standpoint, this does give us the options. We still need to make the channel, but this gives us the option portfolio that as us to start looking at those options as and when it's the right time. Timo spoke about the 93% of users, especially now as camps are accelerating wanting to get that trust and protection from their CSP partners, and we see that. We see that Scam has a problem to solve, embedded as a way to solve it. and Tier 1 as a channel to take it is really that product market fit sweet spot that we have now found and we see that both through the lens of consumers wanting to spend to Tier 1s and Tier 1s themselves doubling down on security and trust as a portfolio. And that's reflected in our growth guidance this year, where we are guiding to grow twice as fast as the overall cybersecurity market and in line with where we see the growth for our CSP led consumer spend. You have seen this picture before, but I just wanted to bring this embedded portfolio in the context of the larger overall portfolio that we run as a company. A couple of very important points. What you now see that did not happen 24 is that the embedded security STK is not only a product SKU that is being used for delivering to Tier 1 partners, we use it ourselves. We use it ourselves to build total, and we use it ourselves to build Halo that was recently launched as our new AI native consumer product, [indiscernible]. Now what this means is that the return on the investment that we made into Embedded is now broader than just the partners themselves. This means that now total as a unit, halo as a unit are not spending engineering effort to build core capabilities. They have the best-in-class capabilities coming from Embedded and they focus on building the partner and the user experiences on top. So we are dogfooding our own portfolio. That's an important aspect. The second one, horizon. Bruno spoke about it. There was a question regarding adoption. Horizon represents an AI-native industrialization of that 38 years plus knowledge at F-Secure carries. The data that we have as a bedrock, and we put that together to drive that adoption with these partners. There was a question of how these partners get to these levels of adoption. Of course, we have amazing people who are in the partners to them about it. But now we have an industrialized AI-native platform that gets them the data that tells them where to focus, that tells them which cohort they can go after to try and make those adoptions happen, right? So the portfolio overall is now it integrated, highly mature and a portfolio that can support multiple business models across all of our segments. So the levels of efficiency and repeatability we are now aiming for at a portfolio level is also very high. Where is this going? And I will take the trust topic that Timo introduced a bit further. I think it's needless to say that AI has stably the single biggest diffusion and disruption, pick your word, in our lifetime when it comes to technology. And one of the best -- one of the biggest impacts to consumer behavior we see is the way users consume information. search for information. That has changed. 1 billion-plus weekly active users, 900 GPT alone. If you add the rest of it, well over 1 billion. That's a lot of people using AI every single day, many hours in a day, but do they trust it. Do we trust it in this room and we get an answer back from one of these AI assistance, our instinct says -- let me double check. Let me make sure this is fine, right? But the consumer behavior has changed. The trust is not, but the behavior has. What we expect Everywhere, we speak about agents. And clearly, in lots of spaces, the single biggest that we hear about is how Agentic coding has been one of the silver bullets so far. But what we also see clearly is agentic interactions for consumers, surpassing app interactions in '27. And that's again a massive pivot. So if introduction of Chat GPT was the moment for this inflection, Open Claw earlier this year is the point of inflection for that. where you will start to see a lot more consumer use cases, shopping, investment, banking, already, there are so many agents trying to manage your equities is it mainstream [indiscernible] No. But is that a trend? Yes, right? So those are the 2 big movements we see. And question is how do we prepare for it. On 1 side, we see scam accelerating because of AI. We have users were unable to trust this, but still have changed their behaviors to use it. All this means that there are fundamental capabilities that we need to tackle this inflection that did not exist before. And that's the direction of travel for the embedded portfolio. The SDGs becoming agents where we can action, Timo spoke out action. It needs to come from the capability that we have the ability to take actions. How do we orchestrate across various touch points at the user face, right? Gateway, right? And MCP is now -- it's essentially model context protocol is like a gateway of how agent and AI systems talk to each other. If you think about user talking to multiple AI systems, how do we build a trusted gateway that they could put in front of them so that they're not exposed and they can trust what comes back. So this entire stack -- and there was another pressure we had a couple of weeks ago, partnering with Q2. And together, this is the foundational work that we're doing to make sure that the embedded portfolio goes even further and deeper, not just from security like Timo said, but to deliver trust. And that's the direction of travel, right? We look to build the portfolio for trust and for delivering trust with fundamentals built as embedded capabilities. And we have 2 concepts that are already in work for the 2 topics that I mentioned for the 2 inflections that I spoke about. One, billions of users interacting with AI assistance, but not being able to trust and the second one, how agenetic workflows start to take shape. So let me take the first one, we call it the trust guard. What is Trust Guard? Think of it like a trust wrapper or trust hug whichever 1 you like, which intends to bring the trust back to that conversation. We don't want to change the experience and truly the benefit that assistance bring. We want to keep that intact. So what you see on the left here is users being able to connect Duca JBT, Gemini at the moment and in the future, more to the assistance of your choice, all right? And then interact as they normally would. But then there is a guardian that's watching over this. And one there are a couple of use cases that I mentioned there. I'll talk about one of them, very simple one, but a very, very powerful one. You get loads of responses back from the assistant, but you don't really know where are they getting this information from. That's one of the first points where the trust breaks. And what you see there in the picture is a very simple view in the bottom that says this is the sources from where this information is gathered and you see a very famous secure green Nick there we suggest that these are fine. They are safe. At it's just a glance, just a visual glance it's all good. I can trust the response. Look at your PII is personally identifiable information. This is information that points to you as an individual. Now it's quite possible that we are so caught up with our conversation that we give information that maybe we should not be giving account numbers, phone numbers, where you live, et cetera, et cetera. But this is again the age Angel being able to support that and say, "Hey, we think you should not be giving this information out. You still go ahead. So this is not changing the core experience of what the user wanted, but making sure that slowly, but surely, they can start trusting it. And I'll make one comment before I go to the next one, Bruno spoke about the role of Tier 1 in this, right? And we are exploring that, by the way. Most of these Tier 1s in one form or shape are talking to or partnering with these large AI ecosystem companies, and we think there's something there Coat. One thing that we have done very well as an industry, is being able to connect the dots. We have been excellent at point protections. SMS protection, water protection, browsing device, but they're all -- they live their own cycle. But if you are a user, and you just want to shop, you open a browser on your phone when you're on the tram and you want to see what I want to buy, you go home and you own your desktop, you want to complete transactions somewhere else. You don't complete it, next day, you go and complete transaction back on your app, and then you have messages coming on your phone saying, "This is what you ordered. This going be delivered, multiple channels, multiple platforms at the same intent. And for the first time in this industry, if I may say, we want to connect these dots. And that's what we call TrustPath. And to Seeing is believing. [Presentation]

[indiscernible] again. So maybe going back to the 10 missing Tier 1 partners. So in terms of product platform, is it currently mature enough? Or is there something that missing in order to get the missing partners? Is it?

From a product treatment perspective, I would say not much missing. We are there. But like most sad, like Bruno said, to win this deal's portfolio is an important cog in the wheel but not the only COG. It's relationships. We have to make sure that we are in the right place. There are procurement processes as well. But from a portfolio standpoint, we are there.

Do we open up to common question? So any questions online for any of us?

Two questions here from the line. So let's start with Patrick [indiscernible] asking about sense. Can you provide an update on the global momentum around since your home router security software?

Okay. So that's not in our Tier 1 focus proposition. So that was not in a way by purpose, it was not in the center of our attention. It's not something that we're looking on to as a Tier 1 proposition as much as it is for retail and major and commercial partners. So on the Tier 1 sector, we're not focusing on that one. But naturally, it is available.

And then one final question. Most of your Tier 1s you have now as customers operate in multiple regions. Are your solutions available to all of their users in all regions. If not, what percentage of the total user base are you addressing currently?

So there are actually -- for instance, AT&T and Verizon, SoftBank, DOCOMO, [indiscernible], they are a very single country. propositions. And they may have, for instance, limitations in terms of they only go after their fixed broadband customers or only their mobile customers. So there are there are differences there, and I don't have the precise numbers, but not all of them provide our services to their whole base necessarily yet. Then, for instance, somebody like Orange works in many countries, so does Vodafone. So in those cases, we are serving still a small subsegment of their total regional coverage that they have.

And if I may add, I think One part is how the partners offer those services to their customers. But our solutions and products are available in all our focus makes.

Those were all the questions from the chat.

Okay. There is still one more question from Waltteri here.

Walter Rossi from Danske Bank. Two questions basically. Could you please explain in simple terms what the goodwill partnership means for you? And what do you get from them?

Okay. So First, my response and then the right answer from TL here. So Q2 is how they pronounce their name, by the way. So first of all, we have a development program and business proposition program around Trust Guard and TrustPath that Dale just covered. They are a partner to us in terms of research, engineering and implementation, complementing our skills, specifically on things that have to do, for instance, with on-device AI federated learning. We have skills on those fronts, but there is always lack of enough people and we have seen that Q2 is an excellent, excellent partner for us on that front. So in a way, you could say that they expand our knowledge base and they accelerate our time to market.

And just to add, I think I spoke about the direction that we are taking with embedded as a portfolio that forms the basis for the value that we want to deliver to address the trust gap. Those capabilities that are very concrete outcomes we will build through this partnership. And of course, on top of that, like I said, the experience of how the user actually gets that value of trust is also something that we will build on top. I think like Timo said, a lot of core research AI specialization right down to the silicon, all those capabilities is what brings.

Okay. Dennis, second question kind of relating to discussion in the news lately, where actually your main owner mentioned that due to maybe excessive regulation that you face as a listed company, it might actually lower your competitiveness to compared to private companies. So how do you -- do you see that as an issue in practice?

We focus fully on developing F-Secure in the environment where we operate. We don't mind about the rest. We work on compliance and regulations as necessary. We just ram on and our shareholders and our board, then they draw conclusions I see that, for instance, right now, we could have lighter processes and lighter needs for documentation and reporting. And yes, there would be a benefit. But right now, we're doing fine as is, and we're focusing on that. I don't see any further questions here in the room

there's another one.

There is another one.

Maybe 1 more about the pipeline of the 10 missing Tier 1. So could you comment on that with how many do you have active talks with currently?

Sorry about that. [indiscernible], that was all Okay. So I believe that we are now done and 50 minutes -- sorry, 40 minutes ahead of schedule. I hope you don't mind that we were able to run through everything slightly faster. Thank you very much for joining. We intend to do another Investor Day deep dive, most likely towards the end of November with a new topic being trust and how AI is affecting that. And how do we see that market evolving? So that's something that you can look forward to. We will -- in time, we will be sending you a save-the-date message on that one. But thanks for joining, and have a great day. Thank you.

Thank you.