Bottom line: The revocation of global certification for Qihoo’s security software by 3 European bodies will undermine the company’s credibility and hamper its drive to go global, putting pressure on its stock for the next few months.
Security software specialist Qihoo 360 (NYSE: QIHU) is finding itself in the middle of a global scandal, with word that several European accreditation bodies have refused to certify its core security software products due to the company’s misleading business practices. The case comes as an embarrassment to Qihoo, which is used to and largely ignores such scandals when they occur in its home market where such practices are relatively common.
But as Qihoo and its peers attempt to go global, they are quickly discovering that many of the things they do at home fall well below the standards set by global bodies, especially in the west. That won’t be too helpful for Chinese tech giants like Qihoo, Baidu (Nasdaq: BIDU), Xiaomi and Alibaba (NYSE: BABA), which are all trying to show the world and investors that they can compete outside their highly protected home market where standards are often a bit lower than in the west.
This particular scandal involves what would normally be routine behavior for Qihoo in its home market, though the company took the unusual step of issuing a statement to respond to the controversy. The matter centers on Qihoo’s core Internet security software products, which are offered mostly for free and are popular for that reason even though they can be highly intrusive on user privacy.
It seems the intrusive qualities are largely the result of default settings that Qihoo includes in its products, which could technically be changed by users to avoid sharing personal information. But as anyone who uses this kind of app knows, users often simply choose the default settings and are too lazy to make any changes. They often do so on the assumption that a company wouldn’t choose any defaults that were harmful or intrusive, though that’s not necessarily always a safe assumption.
In this instance, 3 European accreditation bodies — German lab AV-TEST, Austrian lab AV-Comparatives and British testing and certification body Virus Bulletin — have taken the rare step of banding together and very publicly rescinding their previous certification awarded for Qihoo products this year. (English article; Chinese article) Their grievance is that versions of Qihoo’s products they received were “significantly different” from those given to ordinary customers.
One of the big differences appears to be in the default settings, based on Qihoo’s response to the scandal. In that response, Qihoo says it disclosed the differing configuration in its products submitted to the certification bodies, and blamed the difference on the fact that many of its users use devices with lower-performance computing power. (company announcement) It added the security levels provided by the submitted products are still the same as products given to ordinary users.
Chinese consumers are used to this kind of double-standard, but westerners are far less forgiving of this kind of misleading behavior. That could be problematic for Qihoo which has recently embarked on an aggressive campaign to spread its free security software products around the globe. Earlier this year the company announced it is making rapid progress on the global front, and now has more than 100 million users outside of China. (previous post)
Qihoo’s shares fell 4 percent last week, though it’s not clear how much of that was due to the scandal. The company’s stock soared last year on big hopes for its new search engine, which seemed to be challenging leader Baidu. But they’ve lost about half their value since last summer amid disappointment about the lack of progress to monetize the search business. This latest scandal will raise more doubts about the company’s plans to globalize its older security software, and could put more downward pressure on the stock for the next few months.