October 2015 Vasco investor presention

1. October, 2015
Investor Presentation

2. 1
Statements made in this presentation that relate to future plans, events or performances are forward-looking statements within
the meaning of Section 21e of the Securities Exchange Act of 1934 and Section 27A of the Securities Act of 1933. These forward-
looking statements (1) are identified by use of terms and phrases such as “expect”, “believe”, “will”, “anticipate”, “emerging”,
“intend”, “plan”, “could”, “may”, “estimate”, “should”, “objective”, “goal”, “possible”, “potential”, “project” and similar words
and expressions, but such words and phrases are not the exclusive means of identifying them, and (2) are subject to risks
and uncertainties and represent our present expectations or beliefs concerning future events. VASCO cautions that the forward-
looking statements are qualified by important factors that could cause actual results to differ materially from those in the forward-
looking statements. These risks, uncertainties and other factors that have been described in our Annual Report on Form 10-K
for the year ended December 31, 2013 and include, but are not limited to, (a) risks of general market conditions, including currency
fluctuations and the uncertainties resulting from turmoil in world economic and financial markets, (b) risks inherent
to the computer and network security industry, including rapidly changing technology, evolving industry standards, increasingly
sophisticated hacking attempts, increasing numbers of patent infringement claims, changes in customer requirements, price
competitive bidding, and changing government regulations, and (c) risks specific to VASCO, including, demand for our products
and services, competition from more established firms and others, pressures on price levels and our historical dependence
on relatively few products, certain suppliers and certain key customers. Thus, the results that we actually achieve may differ
materially from any anticipated results included in, or implied by these statements. Except for our ongoing obligations to disclose
material information as required by the U.S. federal securities laws, we do not have any obligations or intention to release publicly
any revisions to any forward-looking statements to reflect events or circumstances in the future or to reflect the occurrence
of unanticipated events.
Forward Looking Statements

3. 2
Listed on NASDAQ in 1997
Company Highlights
21% Compound Annual
Growth Rate in Revenue
from 2004-2014
51 Consecutive Quarters
of Profitability

4. 3
Company Highlights
More than half
of the top
100Global Banks
Financial Institutions
rely on VASCO
1.7K+
More than
200MAuthenticators sold
10K+Customers in more
than 100 countries

5. Global Company
383 employees
Local people/markets
Local expertise and support
VASCO HQ
VASCO Offices
VASCO Sales
4

6. 5
The Critical Role of Authentication
(1) The Breach Level Index, released February, 2015.
Authentication is the first line of defense
Data breaches are up 49%(1)
Authentication protects against the newest attacks
Authentication is easy to implement and use
Two out of three attacks focus on [login] credentials at some point in the attack.
Verizon Data Breach Investigations Report

7. 1. The frequency and sophistication
of hacking attacks has increased.
2. High-profile breaches have brought security
to the C-Level and Board of Directors.
3. Regulations to protect consumer
transactions and personal privacy.
4. Mobile phones have become the device
of choice for consumer banking.
5. Increasing demand for frictionless,
transparent security.
Key Growth Drivers
6

8. Application Security:
Stand-alone application
SDK for app integration
Market Segments
7
Banking Security:
Commercial Accounts
Retail Accounts
Employee Access
Enterprise Security:
Remote access
Employee network access

9. A world leader in two-factor authentication
and transaction signing for financial institutions
More than half of the top 100 global banks rely
on VASCO solutions to prevent fraud
More than 1,700 banking customers
Financial Institution Customers
8

10. 9
Authentication and fraud prevention for multi-channel applications
Product Strategy
Multi-Factor
Authentication
Mobile Application
Security
Risk
Management
VASCO Strategy: Leverage new technology to deliver higher levels of security
and fraud prevention that are frictionless and transparent to the end user.

11. 10
The First 20 Years:
VASCO Innovation Timeline
1989
1st DIGIPASS
with Keypad
1988
1st DIGIPASS
“Access Key”
1991
DIGIPASS 550
with e-Signature
2002
VACMAN
Controller
2004
DIGIPASS GO 3
1st 1-button token
2005
IDENTIKEY
SERVER
2005
DIGIPASS 810
EMV card reader
2007
DIGIPASS 270
1st thin form
Token w/keypad
2008
DP for Mobile
Soft token
for phones
2006
DIGIPASS 905
1st connected
Card reader

12. 11
The Last 3 Years:
VASCO Innovation Timeline
2013
DIGIPASS for Apps
SDK for integration
into applications
2013
DIGIPASS 760
1st token with
Cronto technology
2014
Rabo Scanner
1st Card reader with
Cronto technology
2014
DIGIPASS for Apps
1st with Cronto
technology
2014
DIGIPASS Bluetooth
1st Smart-enabled
Authenticators
2015
IDENTIKEY
Risk Manager
Anti-fraud solution
2015
DIGIPASS for Apps
with RASP
Application Protection
2011
DIGIPASS 920
1st Connected reader
for e-Government

13. 12
Developer Tools
DIGIPASS for Apps: Software
development kit (SDK) for
native integration of
application security
VASCO Product Offerings
Host System
VACMAN Controller: All VASCO
authentication technologies in a
unified backend platform
IDENTIKEY Authentication
Server: Centralized server with
complete functionality
Cloud Services: Authentication
services hosted by VASCO
Client Authenticators
DIGIPASS: Industry-leading
hardware and software
authenticators

14. 13
New Attack Methods Require Innovative Solutions
Key Product Initiatives for 2015 and 2016
Intelligent Fraud
Prevention
IDENTIKEY Risk Manger
DIGIPASS
for Apps
Cronto
Technology
DIGIPASS
Bluetooth-smart

15. DIGIPASS 760 / 780 / 880
Next generation HD Color QR Code
Authentication and signature capabilities with a high
level of user convenience
Defeats Man-in-the-Middle attacks
Fully supported by VACMAN and IDENTIKEY
Integrated into DIGIPASS for Apps/Mobile or
available as a hardware device
14
Cronto Visual Authentication
April 2015
The most advanced protection against the most sophisticated attacks

16. 15
How It Works
Cronto Visual Authentication
CLICK
Bank generates the Cronto visual cryptogram and the Customer takes a photo of the computer screen
using the CrontoSign client.1

17. 16
How It Works
Cronto Visual Authentication
CHECK
Customer checks payment details on the phone comparing to the web page and enters the
authorization code if details are correct.2

18. 17
By 2017, more than a quarter-trillion mobile apps will be downloaded each year
DIGIPASS for Apps - Mobile Application Protection
Source: Gartner

19. DIGIPASS for Apps/Mobile
Mobile Application Protection – Beyond Authentication
18
Current and future features
Allows any developer to integrate
security features into their application
Developers focus on their application
and outsource the security to VASCO
Comprehensive library of essential
security functions
18

20. Geolocation
OS Version
JailBreak &
Rootkit
Malware
PIN Activated
Behavior
Analysis
Biometric
ClientScorePolicy
ScoreCalculation
OTPInjection
ClientSideDecisionPolicy
Action 1
Action 2
Action 3
Action 4
Action 5
Action 6
…
Defined by the customer when
customizing the application, delivered
within the App or with an external XML
Define by customer when customizing
the application, delivered within the
App or with an external XML
1 2
3 4
Action 1
Action 2
Action 3
Action 4
Action 5
Action 6
…
ServerScorePolicy
OTPExtraction
OTPValidation
5 6
ContextPlatformUser
DIGIPASS for Apps – Authentication with Risk Scoring
19

21. 20
Bluetooth Smart enabled Authenticators connect with almost any mobile user device
Solves the problem of mobile devices with no USB port
More convenient with no cables to connect
Bluetooth Smart-enabled Authenticators

22. Contextual analysis to apply the appropriate level of security
Real-time analysis and intelligent decision engine focusing on:
• Web and mobile application login
• Financial transactions via online and mobile channels
• Monitoring non-monetary events such as change of address
• Identification of accounts that demonstrate abnormal
characteristics for the prevention of money laundering
Risk-Based Authentication and Fraud Prevention
IDENTIKEY Risk Manager
21

23. How IDENTIKEY Risk Manager Works
Information
Contextual
Decision Policy
User
requests
an action
Intelligent
Risk
Decision
Allow
Deny
Require
more info
JailBreak &
Root Detection
• Step-up authentication
• Transaction verification
Allow
with fine-
grain audit
Biometrics
PIN
Activated
OS Version
Geolocation
22

24. FINANCIAL INFORMATION
Historical Overview
23

25. Revenue and Operating Income
24
29.9
54.6
76.1
120.0
133.0
101.7
108.0
168.1
154.0 155.0
201.5
139.1
190.6
5.6
11.0
18.9
30.1 28.1
12.6 12.4
24.8 21.0
13.7
38.1
25.4
45.3
2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Q3 YTD 2014 Q3 YTD 2015
Revenue Operating Income
(in millions USD)
CAGR
(revenue)
2004-2014
21%

26. Cash Balance and Net Working Capital
25
12.6
38.8
57.7
67.6
85.5 84.5
106.5
98.6
137.4
184.0
22.1
52.4
75.9
87.6
96.9
108.6
129.5 124.5
161.0
204.8
2006 2007 2008 2009 2010 2011 2012 2013 2014 Q3 2015
Net Cash Balance Net Working Capital
(in millions USD)

27. 26
Copyright
2015 VASCO Data Security. All rights reserved.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any
means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission
of VASCO Data Security.
Trademarks
VASCO®, VACMAN®, IDENTIKEY®, aXsGUARD®, DIGIPASS®, Cronto®, DIGIPASS for Apps®, DIGIPASS
for Mobile®, MYDIGIPASS® MYDIGIPASS.COM® and the ® logo are registered or unregistered trademarks
of VASCO Data Security, Inc. and/or VASCO Data Security International GmbH in the U.S. and other countries.
Copyright & Trademarks