Symantec explores selling certs business

Security firm Symantec is considering selling its website certification business, in a deal that could fetch more than US$1 billion and extricate it from a feud with Google.

Google said in March that it was investigating Symantec's failure to properly validate its certificates, which confirm that websites can be trusted. Symantec has called Google's claims "exaggerated and misleading."

Symantec is in talks with a small number of companies and private equity firms about the potential sale, three sources said, asking not to be identified because the matter is confidential. There is no certainty that a deal will occur, the sources said.

Symantec declined to comment. A representative for Google did not immediately respond to a request for comment.

Symantec acquired most of its digital certificates business in 2010, when it paid US$1.28 billion to buy Verisign's security business. The unit has about US$400 million in revenue, according to one of the sources.

Chief executive Greg Clark has been transforming Symantec by jettisoning slow-growth units and spending billions of dollars on acquisitions. It has been moving away from services that are more commoditised, selling its data storage business Veritas in January 2016 to private equity firm Carlyle for US$7.4 billion.

Symantec completed its US$2.3 billion acquisition of LifeLock in February, a move that will bolster its consumer security business. That followed the purchase of Blue Coat for US$4.65 billion in August 2016, which expanded its product line for large corporations.