Secure Authentication for Mobile Internet Services
|
|
- Diana Rose
- 8 years ago
- Views:
Transcription
1 Secure Authentication for Mobile Internet Services Critical Considerations December 2011 V1
2 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 2 Table of Contents Executive summary Understanding the risks associated with mobile internet services based on today s authentication methods The vulnerability of the mobile device Network vulnerability Today s challenges User/password authentication One Time Password (OTP) authentication Public Key Infrastructure (PKI) authentication Moving to a Secure Element Integrating a secure element into mobile internet service architectures The mobile internet market and white paper scope Introducing the different Secure Elements Introducing the Trusted Service Manager Introducing the SIMalliance Open Mobile API Applying the Secure Element Model to user centric security Model One: secure authentication where the SE is the UICC Model Two: direct issuance of MicroSD cards Model Three: ese - SE distributed by OEM Conclusion Abbreviations and definitions... 23
3 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 3 Executive summary While the sources vary, the message is clear; attacks on mobile internet devices and connected smartphones are rising rapidly. McAfee Labs released a report in September 2011 highlighting a 76% jump in malware targeting Android devices in the previous quarter alone. Similarly, IBM s X-Force research group commented that while the number of known vulnerabilities in mobile operating systems only increased incrementally between 2010 and 2011, the number of exploits based on these flaws will likely double; leading to sensational headlines such as 2012: The Year of the Mobile Security Breach and Mobile Security Breaches Inevitable. While calmer heads prevail, there is little doubt that the mobile threat level has been on a steady incline for a decade, and has recently exploded in line with the growing market penetration of internet connected smartphones and tablets. And with these new enabling devices have come a myriad of applications for which security is paramount from mobile wallet and NFC payment through to the growth in mobile healthcare applications. But it isn t just these usual suspect applications that are causing concern. Security is now a major issue for consumers when selecting applications and services across the board from video and photo sharing, to messaging and business apps. Indeed, according to a poll by ThreatMetrix and the Ponemon Institute, 85% of consumers are overwhelmingly dissatisfied with the level of protection online businesses are providing to stop fraudsters. The question is whether current levels of protection are capable of securing today and tomorrow s mobile devices and applications and the message seems to be no. In this paper we look in detail at the issue of mobile internet security, analyze existing authentication methods, and ask whether it is time for the widespread adoption of the Secure Element by the mobile community.
4 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 4 1. Understanding the risks associated with mobile internet services based on today s authentication methods With the 300% growth of smartphone connections in 2010 alone, mobile internet devices will soon outnumber the PC in everyday use and become the de facto consumer channel for accessing the internet. Indeed, by the end of 2011, 85% of new mobile devices will be able to access the mobile web, while the increase in broadband speeds up to 2Mbps by 2015 will further accelerate the significant growth in rich media and transactional services across the board. M-banking will reach 500 million users by 2015, and the value of mobile transactions is set to exceed $1 trillion by the same period. So, while this growth in the quality and relative value of data being transferred across the web from mobile devices offers consumers, retailers and brands huge benefits, it also highlights significant challenges as the malware, virus and hacking threats of the wired internet go mobile as Figure One illustrates. Figure One: The growth of malware (Bullguard 2011) 1.1 The vulnerability of the mobile device In contrast to the PC environment, attacks are not limited to a particular operating system. ios, Windows and Android have all been subject to attacks which are growing in sophistication, volume and impact as the smartphone and tablet revolution gathers pace. The simplest way of attacking the mobile device is through the application. By the beginning of billion apps had been downloaded from Apple s app store, and analyst house Gartner predicts a rise in downloads across all platforms to a massive 185 billion by By any measure there is little doubt that the threat level is growing. Attacks range in volume and severity, but all have the potential to cause chaos at both a device and network level, and just like in the conventional fixed internet world the threat comes in all shapes and sizes from phishing, spyware and worms to trojan s, man-in-the-middle and more. An overview of the most virulent attacks is detailed in Figure Two below.
5 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 5 Figure Two: Mobile malware attacks (Source Bullgard 2011) 1.2 Network vulnerability Of course, it is not only the mobile device that is vulnerable to attack; data is similarly threatened as the vast majority of applications are hosted externally. Most often these services require some element of authentication to the external server based on user identity. And these too range in sophistication; from a simple user ID and password to a certificate issued by a recognized provider. However, while malicious access to the stored data may be more challenging (as it eliminates the user-click factor) the rewards are great. Rather than attacking an individual, hackers are able to target entire databases of service users. Added to this, detection times of server-side attacks tend to be long, and discovery may only occur when the server and the service goes down as a result. The incidents of such attacks are frequent and highly publicized take for example the 2011 incidents which included the Sony Playstation password hack, Sega s million + accounts breach and a CitiBank credit-card cyber-attack. So clearly, with access gained, the data can be manipulated, stolen, distributed across the net or sold to the highest bidder. And if that wasn t bad enough, it s also possible for the hacker to duplicate the server, issue log-in and credential details, and then retrieve all kinds of sensitive data directly from the user who assumes they are simply accessing their secure portal.
6 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 6 2. Today s challenges Such attacks and vulnerabilities are well known, and the security community has been working hard to develop solutions and deliver these out into the market. However, security has traditionally been a very reactive industry, responding to threats and often running to catch up with a community of very dynamic hackers. As we move into a smartphone and tablet dominated world, the issue is becoming more pronounced as today s authentications methods have yet to adapt to the threat levels that mobile devices are now exposed to. 2.1 User/password authentication Traditional mobile security is most often based on a very conventional log-in and password authentication - on something you know such as a password or PIN number. This is single factor authentication and it s easy to deploy and great for offering secure access on the move. However, there are two main issues here on the device-side and on the server-side. From an access point perspective, known password or PIN information can be stolen at the client side either through user-error or key-logging spyware. Similarly, with the password and username stored in the server, a successful breach would expose all users details to the attacking code. And finally, if the communication channel lacks of point to point encryption, data can be attacked in transit over the wired or wireless internet. Because of single factor authentication, a username and password can be used by the attacker and authenticate to the corresponding service. Figure Three: Authentication by login and password
7 Secure element architects for today s generation Secure Authentication for Mobile Internet Services One Time Password (OTP) authentication Moving up the levels, One Time Password (OTP) solutions offer more stringent authentication by creating a single time-bound password and adding a second level of security. For instance, an OTP secured service will request a PIN code or password and then require an additional something you have which may be a token, a device or channel that provides this one time password. In the case of online banking that token will be a code from a card reader, while gaining password reminders online may involve keying in a code received by SMS after providing a user name online. This is commonly referred to as two factor authentication. However, as highlighted in the above examples, OTP is intended to deliver a secure transaction via a PC or laptop. The token is a separate device and here we cover the most popular options: OTP through SMS (Figure Four) In an SMS scenario the OTP code is generated on the server side and sent through to the user s mobile handset. As the OTP is sent as a plain text non-encrypted message, it is readable wherever the device stores its SMS. The code is also transmitted twice; from the server to the user, and then from the client back to the server. Figure Four: OTP via SMS (generated at server side) This achieves a higher level of security than standard password authentication because of the use of this second channel of communication meaning the potential attacker will have to gain access to both channels to log in. However, today s smartphones reduce the effectiveness of this security concept by reducing the two channels needed in a feature phone scenario down to one. Today, it is likely that the device asking for the code is the same as the one receiving it to log in; which of course then reduces the security (and the point) of the separate channels.
8 Secure element architects for today s generation Secure Authentication for Mobile Internet Services OTP generator (Figure Five) The second method is wheret the OTP is generated on behalf of an OTP device. Here the code is generated offline and transmitted only once, from the client to the server. In this example, the OTP device is most often a card reader or USB key. In a mobile environment, the OTP device can be stored within the handset s Secure Element. So again, added assurance comes from this second device. However, if the OTP generating device is the same as the device running the application users are logging into, the security improvement is considerably diminished. This is particularly relevant in a mobile environment where a smartphone (for example) is used as both access point and OTP device. From a top level architectural perspective, both factors should independent of the resource being used to authenticate the service. And if you re using the mobile phone as the OTP generator (resource), it isn t. And then there s the user experience. It is rather impractical in many situations to retrieve a passcode with an application and then copy it into another application on the device. So security becomes a compromise, with users often choosing convenience over assurance and that s when they are most at risk. Similarly services that offer this kind of dual factor authentication may be shunned by today s one-click consumers. And that can have significant repercussions for the adoption of mobile services. Figure Five: OTP via OTP generator
9 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Public Key Infrastructure (PKI) authentication Today, the strongest level of security is achieved through Public Key Infrastructure (PKI). Here every party is known to each other through the use of unique certificates. Indeed, PKI is an internationally accepted combination of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates (Figure Six). Secure online services based on PKI support user Identification, user authorization and transport channel encryption. The user is verified with their electronic signature. Only they are able to initial a transaction, and once they do that communication is encrypted using certificates. Two factor authentication is achieved by combining the user s PIN number or code with the certificate they are carrying with them on the device. For example, user wants to login to a web service (either over Wi-Fi or the mobile network) so enters their username. The service provider checks the username against the corresponding account then creates a document signed with that service provider s certificate. The document is sent with a signing request to the user s device. The device authenticates the signed document and if the service provider s signature is valid the end user is prompted to enter their PIN and so signing their certificate. Assuming the PIN is valid the document is signed again and sent back to the service provider who receives the end users electronic signature grants access. As discussed, this level of authentication heightens security levels. However, just as in the previous example, PKI suffers from serious limitations if a Secure Element is not used to store user credentials. For example, user credentials (certificates and keys) can be easily manipulated at the client side. Figure Six: PKI s Authentication
10 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Moving to a Secure Element For the SIMalliance the most effective route to securing today s generation of smart open devices is through the adoption of a Secure Element within mobile security architectures. The most common Security Element, and indeed the most widely used secure platform in the world, is the SIM. But with deployment flexibility and choice now key in today s market, the same level of functionality and security can be delivered through other Secure Element form factors and this unique combination of hardware and software can be hardwired directly into the handset or added through a secure Micro SD card. And crucially, it can be securely managed remotely a feature that s critical when one considers the potential number of devices in the field today. The different form factors and remote administration will be further described in the next chapters. Deciding which Secure Element form factor to use will depend on the business model, with best-fit options for operators, financial services providers, governments and over-the-top players based on use case. For the SIMalliance, the introduction and wide scale adoption of the Secure Element as the de facto security for mobile devices and applications will significantly increase levels of assurance across the mobile sector, combating the ever-growing sophistication and volume of attacks much more comprehensively and much more successfully than the conventional solutions discussed above. It will and lock down identity and content from prying code, and in doing so provide the catalyst for a new generation of mobile services from a growing community of enterprise, retail and government applications and service providers.
11 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Integrating a secure element into mobile internet service architectures 3.1 The mobile internet market and white paper scope The growth of the mobile community and the myriad of services and applications available to end-users require new approaches in security and authentication methods - that much is clear. However, because of the increasing fragmentation of the applications eco-system and the entry of a host of new players, being able to deliver a cohesive security strategy is predicated on effectively segmenting the market into core areas of focus. For the SIMalliance, these areas are illustrated in Figure Seven below: Figure Seven: SIMalliance s Mobile Internet market segmentation In each of these focus areas, the different market dynamics at play further complicates the picture and creates a confusing mesh of solutions, vendors and service providers, each with their own challenges, agendas and solutions. When it comes to the mobile eco-system nothing is simple. For example, the ecosystem players range from traditional broadcasters, mobile network operators, financial institution, utilities companies, FMCG retailers, emerging online applications and service providers, consumer cloud service providers, search companies, public authorities and OEM device manufacturers. The list goes on. In certain circumstances these players come together to support one another and develop or extend the scope and attraction of mobile services; Google s recent licensing of contactless payment card technology to support its mobile wallet is a good example of collaboration between potentially competing industry giants. In other areas, the rise of what is commonly termed the over-the-top internet players be that Facebook, Google or the Microsoft-owned Skype is creating significant tension within the mobile space as old and new players collide and compete for the hearts and wallets of the consumer. For the SIMalliance, a not-for-profit association, the task is how to deliver solutions and services that protect users while offering revenue opportunities and shared benefits across the mobile ecosystem. Which means assisting these new ecosystems which are reforming around operators, financial services and internet players to implement clear strategies to assure
12 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 12 security across the length and breadth of their service and applications portfolios, and advising on the best way forward. In helping to do just that, the following sections will build on the authentication discussions above and, focusing specifically on the User-Centric Security focus, detail how brands and service/application providers can best utilize the Secure Element in their service deployment strategies. Future papers will analyze Corporate Security and Content Protection, while Mobile Transactions and M2M are covered by other SIMalliance Workgroups. For more information, go to Introducing the different Secure Elements The Secure Element is the component within the connected mobile device that provides the application, the network and the user with the appropriate level of security and identity management to assure the safe delivery of a particular service. Today, the Secure Element is a combination of hardware and software, built to exacting standards and developed and delivered in controlled white room manufacturing environments. Going back almost three decades, the most common secure element within the mobile space, and indeed the most widely used security platform in the world, is the SIM - or more accurately in today s world, the Universal Integrated Circuit Card (UICC). But the Secure Element can also be an Embedded Secure Element or a Secure Memory Card (Secure Micro SD) both of which can also be delivered simply and cost effectively into the mobile environment. The Secure Micro SD form factor holds an embedded chip which can be used as a SE, along with a Flash memory. This form factor is usually distributed by the branded service provider directly to the end user audience. Embedded Secure Element (ese): a security component embedded in a mobile device and capable of storing and handling business and personal information in a secure manner. This dedicated smart card chip is embedded in the device at the time of manufacturing. Deploying a Secure Element-based security architecture eliminates the inherent security limitations of single factor password-based authentication systems by adding that critical second level. While PKI is the best possible authentication method, it is only truly secure when the certificates are stored in the SE. Simply storing the certificates or keys on the device (and off the SE) make them vulnerable to access. Storing them on the SE eliminates this risk. Connecting the application to the Secure Element within the device is the only way to guarantee the highest levels of security for connected mobile devices in an IP world. And it is for this reason that the SIMalliance is encouraging the o/s, application developer and mobile community at large to come together to utilize these essential security features - that in many case are already available on the mobile device through the UICC (SIM card).
13 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Introducing the Trusted Service Manager One of the main advantages of the Secure Element is its remote management capabilities. Its life cycle is managed by a server called TSM (Trusted Service Manager). The TSM is the trusted third party who provides trusted services to the application issuer and the owner of the SE. The TSM handles the provisioning and management processes so that application issuers do not need to deal with multiple entities, phone models, operating systems; and MNOs do not need to deal with multiple application issuers. The TSM role could be played by many different entities, including the MNO, the application issuers, the personalization bureau, the payments processor, or some other neutral third party. But whatever the provider the primary role of the TSM remains the same; to facilitate management of the credentials and/or secure applications on the various SEs. However, they can also be responsible for the activation, provisioning and life-cycle management of secure applications and/or their credentials. Core elements of the process, and so of the TSM relationship, include preparing the data and accessing the appropriate security keys required to initially provision the credentials and to keep it updated once in the field. 3.4 Introducing the SIMalliance Open Mobile API Of course, there is a big difference between having the security on the device and actually maximizing its value particularly if the Secure Element in question is not an operator-owned UICC or there is a business requirement to develop multi-issuer models on the single Secure Element. Secure, standardized access is key which is why the SIMalliance has developed its Open Mobile API initiative, and in doing so is offering that missing link between the Secure Element and the secure mobile applications nested on the device. From a business perspective the creation of this common API is a very positive step forward. It delivers a single, consistent specification and interface across multiple operating systems and in doing so eliminates the need to reengineer applications to each specific operating system. This of course then results in reduced application development costs, time-to-market and time-to-revenue. From a security perspective, connecting the applications to the Secure Element delivers a higher security while the credentials (passwords, codes, license keys, etc.) are stored in a secure environment and the access to it is regulated. In this ideal scenario (system setup) the credentials are never exposed to the outside world in plain text. The SIMalliance Open Mobile API Specification describes how a mobile application running on an open smartphone operating system can access a
14 Transport Layer Access Control Service Layer Generic Transport File Management Secure Channel Secure Storage Secure Element Provider Interface Application Layer Secure element architects for today s generation Secure Authentication for Mobile Internet Services 14 Secure Element. In Release 1.2, the specification describes the process of managing the transport layer to allow applications to transmit messages to the SE. The format of those messages is called APDU (Application Protocol Data Unit). Future versions will further streamline development time and cost by defining a common set of reusable high level services, such as file encryption. One example could be an application that uses a signature function nested on the SE to encrypt the content. Having a specific API for accessing the Secure Element enhances the overall usability and opportunities for the platform for using services, including: NFC services Payment services (e.g. mobile Wallet) Ticketing services and public transport Access control ID services Identity management Loyalty services Diagram Eight below illustrates the architecture covered by the SIMalliance Open Mobile API. Mobile Applications Mobile Applications Test Specifications SE provider APIs Crypto API (PKCS / JCE) Crypto provider Transport SIM Plug in ASSD Plug in Further SE Further SE Mobile Device Storage File system Access Control Further Further Functions Further Functions Functions Secure Elements (e.g. SIM, Secure µsd, ) Figure Eight: Architecture covered by SIMalliance s Open Mobile API
15 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Applying the Secure Element Model to user centric security Having agreed that the Secure Element is the most appropriate way of managing mobile device and application security, the question is how to deliver this into a market of multiple players, scenarios and business models; in effect, how service providers can launch a service that utilizes the protection afforded by the Secure Element. As discussed, while there are multiple use cases, this paper focuses specifically on user-centric security; how we can use the Secure Element to protect personal data, applications and mobile internet services. Typically, in this end-user service environment the Secure Element-enabled service will be deployed in three ways: On the UICC, distributed and owned by the mobile operator On a secure microsd card, distributed by the service/application provider (for example a bank or retailer) On an embedded Secure Element within the handset, distributed by the OEM The best way to bring clarity to these discussions is by following the deployment journey of a service that demands the kind of security afforded by the Secure Element. So in this case we will use a fictional photo-sharing service that we are calling ShareZone. Understanding ShareZone ShareZone started life as a photo-sharing portal based in the cloud and offering access through the PC. Today ShareZone has moved on and now offers a converged solution via an app store to allow smartphone users to upload and share their picture on the move. ShareZone also allows users to manage their online picture database as well as viewing connected friends videos and pictures. ShareZone is an over-the-top brand offering its services via an operator s mobile network. It sees huge opportunity to gain market share and subscribers through a mobile service but needs to assure the highest level of security. At the same time, it needs to deliver a seamless user experience and convenient access. The people behind ShareZone understand the need to move beyond simple password and username authentication and are exploring different models (in line with the distribution models above) that will allow the application to retrieve credentials from the Secure Element within the handset to authenticate and validate access for its users. 4.1 Model One: secure authentication where the SE is the UICC The UICC is the most widespread Secure Element and is available in every mobile phone. Even if some countries use CDMA (3GPP2) protocols where the UICC is not mandatory, the arrival of LTE/4G networks will make its use mandatory for network authentication. So from ShareZone s perspective this option would allow it to reach almost all its users across the globe.
16 Secure element architects for today s generation Secure Authentication for Mobile Internet Services So how does it work? Step One: MNO agreements The UICC is owned by the mobile network operator and there are over 400 worldwide. This highlights a problem of scale because in theory ShareZone must reach agreement with each one to install the service on their cards. In practice, however, things are a little easier as it will typically reach agreement with the biggest operators in the largest markets first; and so be able to address hundreds of millions of users quickly. Step Two: user registration New mobile users (or existing PC users) sign up directly to the ShareZone mobile service by creating an account on the web. However, in this mobile scenario ShareZone could, with the right agreements in place, be marketed directly by the mobile operator and sign-up offered on the operator s own website. Step Three: certificate distribution ShareZone provides the user certificate to the network operator for distribution. The certificate is created as soon as the user opens a ShareZone account and managed by the operator to allow seamless, authenticated access to the service on the Secure Element. Step Four: SE management The operator utilizes a Trusted Service Manager (TSM) to store and manage the certificate lifecycle and applications on the Secure Element via an Over-The-Air (OTA) platform. Step Five: mobile application access UICC The ShareZone App access the UICC after user PIN verification and gets access to the credentials that will be used to establish the digital signature. The App can access the UICC thanks to the Open Mobile API included in the OS distribution. Step Six: secure connection to SE
17 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 17 After successful user PIN verification the application establishes a secure connection based on the keys stored in the UICC, authenticating the user by accessing the encrypted/signed information in the certificate Benefits for the Mobile Network Operator From an operator perspective, having the ShareZone service on its UICC means it is able to leverage additional revenues from renting ShareZone space on its cards and by managing the third party certificates needed to provide authentication, validation and access Benefits for the Service Provider (ShareZone) From ShareZone s perspective, it benefits significantly from access to a proven business model. Today s UICCs already host secured third party data; NFC services have been successfully deployed where operators store, manage and update applications over-the-air on behalf of payment and transport authorities. ShareZone also benefits from low cost distribution, since renting space and services of an existing Secure Element is less expensive than distributing and managing a new one; not to mention the fact that ShareZone has instant access to a pool of millions of existing subscribers and is able to take advantage of the network operator s powerful marketing machine Benefits for the End User Quite simply, the end user enjoys a seamless experience. They sign up and the service is delivered with the highest levels of security. Crucially, utilizing the UICC as the Secure Element means that users don t need to use additional devices or cards to enable secure access to the service Key considerations The network operator is able to provide security services to different service providers on a single UICC. The application can access the security functions of the UICC through the SIMalliance open mobile API. Using the SIMalliance Open Mobile API, ShareZone developers can rapidly create an application able to access the UICC without the need for UICC specific knowledge/language. The various secure elements (UICC, ese, µsd) are certified and audited in order to ensure the secure storage and handling of credentials ShareZone as an ID provider (OpenID) ShareZone is a trusted brand. Many internet users have a ShareZone account and would be comfortable with using its account information to log in to other connected services. Once ShareZone deploys its authentication framework, it can leverage it to provide secure authentication for other service and application providers. This will allow user access to other services using ShareZone s credentials.
18 Secure element architects for today s generation Secure Authentication for Mobile Internet Services The ID broker concept As discussed above, signing agreements with over 400 global mobile network operators can be a major barrier for smaller service and applications providers. The success of UICC based authentication model, could led to the creation of ID brokerage services. The ID broker would sit between ShareZone and the mobile network operator community and manage access to all the UICCs belonging to a group of operators either at a single country or international level. In doing so his would solve ShareZone s initial challenges of scale and reach. 4.2 Model Two: direct issuance of MicroSD cards In the same way as with the operator distribution model, the ShareZone service is designed to make use of other Secure Elements holding the credentials and log-in information of the user. However, in this scenario ShareZone wants to own the Secure Element so another form factor is required. For costs and distribution reasons deploying the Secure Element on a secure microsd is the most appropriate option here So how does it work? Step One: registration Registration for Sharezone can be done via its website or at the retail outlet. In doing so, the consumer will receive a personalized microsd. In the first scenario ShareZone will manage the relationship with the user; gaining the user s credentials through the information given on log in to the website. This data is then stored on Sharezone s secure servers (or a third party-managed data centre), and linked to the microsd card; which is likely to be distributed by mail. The link between the user credentials and the microsd card is established through the generation of an alias ID that is associated to the microsd s unique serial number. In this case there is no way to proof the real ID of that user.
19 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 19 By registering and collecting the microsd at a bank branch or retailer outlet, ShareZone is able to establish a link with the real ID of the User and its microsd. The credentials will be stored directly in the microsd. Step Two: installation Now that the user has registered and received their microsd card, the ShareZone app can be installed on the device that contains the microsd. With the implementation of the guidelines of the SIM Alliance Open Mobile API taken into account, this ShareZone app is able to access the microsd. Step Three: verification Every time the ShareZone app requests a signature s verification, the microsd will be accessed and ShareZone will only grant access to their services if verification is performed correctly. Step Four: usage With registration complete the user can securely use the ShareZone app confident in the knowledge their credentials are safely stored in the microsd Secure Element. Only the issuer/owner of the microsd will be able to address the Secure Element from the ShareZone app. And should any updates be required during its life-time, a TSM should be put in place to assure comprehensive management in the field Benefits for the Service Provider With no intermediary, ShareZone is in complete control of distribution channels and of its customer base. When the distribution scheme is in place and potentially a TSM is connected, the ShareZone will be able to introduce partners into its scheme and so increase incremental revenue now it has the infrastructure in place. The additional of partners with associated compelling services may also make the ShareZone service more attractive to consumers. And of course, consumers and brand will both benefits from the high levels of security afforded by the Secure Element Benefits for the End User The flexible distribution model will allow the end user to access the ShareZone service from a wide variety of channels this ease of purchase should increase market adoption. Significantly, the microsd card can also be used by the end user as a storage device for a host of downloaded applications Limitations During the on-line registration process no real identity is required. For example, users could use a dummy name which would mean that ShareZone won t have true visibility of the end-user. Other schemes can be put in place to capture real details; for example when the end-user obtains the microsd they must identify themselves, or the on-line registration is linked to an already existing and proven identity provider. Both of these solutions will however eliminate the convenience factor and potentially stifle adoption. And while architecture is only able to deploy a limited number of services, ShareZone must establish a relationship with a TSM in order to update the services which can be an expensive option.
20 Secure element architects for today s generation Secure Authentication for Mobile Internet Services Key Considerations Securing the microsd The microsd is developed and personalized in a secure environment to assure complete integrity of the card and the data held within (for example, the keys that will be used later in life-time for a certificate upgrade). Integrating the app and Secure Element The ShareZone application is developed using the SIMalliance Open Mobile API to assure seamless access to the Secure Element on the device. (The ShareZone app cannot be used without the presence of the microsd in the device). Managing the Certificate Depending on the service, the certificate stored in the microsd may be upgraded, or others may be introduced, giving access to additional services. A TSM should be used for this, although this will depend on the services deployed. For example, a banking service is unlikely to want to share the same Secure Element as ShareZone, while other services will be less strict in terms of architecture. Then it may as well be that an upgrade solution based on TSM is too expensive and it s more interesting to distribute a new microsd towards the user. 4.3 Model Three: ese - SE distributed by OEM In this scenario the device manufacturer (OEM) has embedded a Secure Element directly into the hardware of the device So how does it work? Step One: user and device registration Having bought the mobile device with an embedded SE, and opened a ShareZone photo sharing account, the user s identity will have been checked and mobile device registered. This ensures that each time the user logs in, each session will be completely secure and a private content protection feature enabled to make sure that photos will only be shared and transmitted to other end users with the permission of the user.
Bringing Security & Interoperability to Mobile Transactions. Critical Considerations
Bringing Security & Interoperability to Mobile Transactions Critical Considerations April 2012 Transactions 2 Table of Contents 1. Introduction... 3 2. Section 1: Facing up the challenges of a connected
More informationSecure Authentication for the Development of Mobile Internet Services Critical Considerations
Secure Authentication for the Development of Mobile Internet Services Critical Considerations December 2011 V1 Mobile Internet Security Working Group, SIMalliance AGENDA SIMalliance presentation What s
More informationSecuring the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility
1 An Introduction v2.0 September 2015 Document History 2 Version Date Editor Remarks 1.0 06/04/2011 OMAPI Working Group Public release 2.0 27/09/2015 OMAPI Working Group Public release Copyright 2015 SIMalliance
More informationIDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape
IDENTITY & ACCESS BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape Introduction How does your enterprise view the BYOD (Bring Your Own Device) trend opportunity
More informationThe Importance of Secure Elements in M2M Deployments: An Introduction
The Importance of Secure Elements in M2M Deployments: An Introduction February 2014 Securing the future of mobile services 2 Contents THE IMPORTANCE OF SECURE ELEMENTS IN M2M DEPLOYMENTS... 3 1. INTRODUCTION...
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationSecurity in an Increasingly Threatened World. SMS: A better way of doing Two Factor Authentication (2FA)
Security in an Increasingly Threatened World SMS: A better way of doing Two Factor Authentication (2FA) January 2015 The Proliferation of The App World The revolution of the smart phone forever affected
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationTraining. MIFARE4Mobile. Public. MobileKnowledge April 2015
MIFARE4Mobile Public MobileKnowledge April 2015 Agenda Why MIFARE4Mobile? MIFARE in Mobile related technologies MIFARE technology NFC technology MIFARE4Mobile technology High level system architecture
More informationExecutive Summary P 1. ActivIdentity
WHITE PAPER WP Converging Access of IT and Building Resources P 1 Executive Summary To get business done, users must have quick, simple access to the resources they need, when they need them, whether they
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationApplying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance
Applying the NFC Secure Element in Mobile Identity Apps RANDY VANDERHOOF Executive Director Smart Card Alliance Session ID: MBS - 403 Session Classification: Mobile Security Agenda Agenda topics NFC basics:
More informationCARTES 2012 Demo presentation. Secure Cloud Storage
CARTES 2012 Demo presentation Cloud Computing: NIST Framework Public Private Hybrid Deployment model Infrastructure as a service (IaaS Platform as a service (PaaS) Software as a service (SaaS) Service
More informationRemote Access Securing Your Employees Out of the Office
Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction
More informationHard vs. Soft Tokens Making the Right Choice for Security
Hard vs. Soft Tokens Making the Right Choice for Security HSTE-NB0012-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationInside the Mobile Wallet: What It Means for Merchants and Card Issuers
Inside the Mobile Wallet: What It Means for Merchants and Card Issuers Welcome to the age of Universal Commerce commerce that is integrated, personalized, secure, open, and smart. The lines between in-store
More informationCredential Management for Cloud Computing
Credential Management for Cloud Computing Workshop Cloud Security, 16.07.2014 Dr. Johannes Luyken Page 1 Security breaches increase in their impact by exploiting online access to confidential data that
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationEMV-TT. Now available on Android. White Paper by
EMV-TT A virtualised payment system with the following benefits: MNO and TSM independence Full EMV terminal and backend compliance Scheme agnostic (MasterCard and VISA supported) Supports transactions
More informationLongmai Mobile PKI Solution
Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2
More informationMobile multifactor security
Mobile multifactor security A revolution in authentication and digital signing Mobile multifactor security A revolution in authentication and digital signing Smartphones will continue to ship in high volumes,
More informationMobile Wallet Platform. Next generation mobile wallet solution
Mobile Wallet Platform Next generation mobile wallet solution Introduction to mwallet / Mobile Wallet Mobile Wallet Account is just like a Bank Account User s money lies with the Mobile Wallet Operator
More informationThe Key to Secure Online Financial Transactions
Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on
More informationMobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013
Mobile Payment: The next step of secure payment VDI / VDE-Colloquium May 16th, 2013 G&D has been growing through continuous innovation Server software and services Token and embedded security Cards for
More informationContents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008
Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationTABLE OF CONTENTS. Introduction 3 OTP SMS Two-Factor Authentication 5 Technical Overview 9 Features 10 Benefits 11 About MobiWeb 12 Quality 13
TABLE OF CONTENTS Introduction 3 OTP SMS Two-Factor Authentication 5 Technical Overview 9 Features 10 Benefits 11 About MobiWeb 12 Quality 13 Introduction Our world is more Mobile now than ever. In 2013
More informationSecuring Corporate Email on Personal Mobile Devices
Securing Corporate Email on Personal Mobile Devices Table of Contents The Impact of Personal Mobile Devices on Corporate Security... 3 Introducing LetMobile Secure Mobile Email... 3 Solution Architecture...
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationp@$5w0rd??_ 300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you
Freja is an innovative solution to one of the biggest problems in the Internet era: How do you securely manage identities, access and credentials for a large number of users without costs going haywire?
More informationIDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers
IDENTITY & ACCESS Providing Cost-Effective Strong Authentication in the Cloud a brief for cloud service providers Introduction Interest and use of the cloud to store enterprise resources is growing fast.
More informationWhitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION A RECENT SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PARED WITH THE FACT THAT
More informationEnhancing Organizational Security Through the Use of Virtual Smart Cards
Enhancing Organizational Security Through the Use of Virtual Smart Cards Today s organizations, both large and small, are faced with the challenging task of securing a seemingly borderless domain of company
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationWhite Paper. The Principles of Tokenless Two-Factor Authentication
White Paper The Principles of Tokenless Two-Factor Authentication Table of contents Instroduction... 2 What is two-factor authentification?... 2 Access by hardware token... 3 Advantages and disadvantages
More informationm Commerce Working Group
m-powering Development Initiative Advisory Board second meeting Geneva, 23 rd of May 2014 m Commerce Working Group M-Commerce structure 2 Definitions Mobile Device m-commerce MFS m-marketing m-banking
More informationMobile Electronic Payments
Chapter 7 Mobile Electronic Payments 7.1 Rationale and Motivation Mobile electronic payments are rapidly becoming a reality. There is no doubt that users of mobile phones are willing and even asking to
More informationTwo-Factor Authentication over Mobile: Simplifying Security and Authentication
SAP Thought Leadership Paper SAP Mobile Services Two-Factor Authentication over Mobile: Simplifying Security and Authentication Controlling Fraud and Validating End Users Easily and Cost-Effectively Table
More informationMobile MasterCard PayPass Testing and Approval Guide. December 2009 - Version 2.0
Mobile MasterCard PayPass Testing and Approval Guide December 2009 - Version 2.0 Proprietary Rights Trademarks The information contained in this document is proprietary and confidential to MasterCard International
More informationBENEFITS OF MOBILE DEVICE MANAGEMENT
BENEFITS OF MOBILE DEVICE MANAGEMENT White Paper 2013 SUMMARY OVERVIEW This white paper outlines the benefits of Mobile Device Management in different use cases. SyncShield is a Mobile Device Management
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationMobile Security. IIIIII Security solutions for mobile as an endpoint. financial services & retail. enterprise. public sector. telecommunications
Mobile Security IIIIII Security solutions for mobile as an endpoint financial services & retail enterprise public sector telecommunications transport IIIIII Table of Contents The challenges of mobile security....
More informationWhy Digital Certificates Are Essential for Managing Mobile Devices
WHITE PAPER: WHY CERTIFICATES ARE ESSENTIAL FOR MANAGING........... MOBILE....... DEVICES...................... Why Digital Certificates Are Essential for Managing Mobile Devices Who should read this paper
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationHow To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device
Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,
More informationMobile Near-Field Communications (NFC) Payments
Mobile Near-Field Communications (NFC) Payments OCTOBER 2013 GENERAL INFORMATION American Express continues to develop its infrastructure and capabilities to support growing market interest in mobile payments
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationInteragency Advisory Board Meeting Agenda, Wednesday, February 22, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Generic Identity Command Set (GICS): Leveraging PIV to Build a Standard Platform
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationWHITE PAPER Usher Mobile Identity Platform
WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction
More informationHow To Protect Your Network From Threats From Your Network (For A Mobile) And From Your Customers (For An Enterprise)
Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec June 2011 Copyright 2011. Yankee Group Research, Inc.
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationSecuring Virtual Desktop Infrastructures with Strong Authentication
Securing Virtual Desktop Infrastructures with Strong Authentication whitepaper Contents VDI Access Security Loopholes... 2 Secure Access to Virtual Desktop Infrastructures... 3 Assessing Strong Authentication
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationNeustar Intelligent Cloud Services
Neustar Intelligent Cloud Services Position Paper: W3C Workshop on Identity in the Browser Submitted on April 20, 2011 Primary Contact John Hwang Product Manager, Neustar 571-434-4693 john.hwang@neustar.biz
More informationSecuring Cloud Computing. Szabolcs Gyorfi Sales manager CEE, CIS & MEA
Securing Cloud Computing Szabolcs Gyorfi Sales manager CEE, CIS & MEA Gemalto: Security To Be Free More than just a company tag line it is why we exist Communicate Shop Travel Bank Work In ways that are
More informationConsumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM
Consumerization Managing the BYOD trend successfully WWW.WIPRO.COM Harish Krishnan, General Manager, Wipro Mobility Solutions Employees dictate IT Enterprises across the world are giving in to the Consumerization
More informationSecuring Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology
20140115 Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology TABLE OF CONTENTS What s at risk for your organization? 2 Is your business
More informationPULSE SECURE FOR GOOGLE ANDROID
DATASHEET PULSE SECURE FOR GOOGLE ANDROID Product Overview In addition to enabling network and resource access for corporate managed mobile devices, many enterprises are implementing a Bring Your Own Device
More informationAuthentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationGLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY 2017. 1. MasterCard M/Chip Mobile Solution
INTRODUCING M/Chip Mobile SIMPLIFYING THE DEPLOYMENT OF SECURE ELEMENT MOBILE PAYMENTS OCTOBER 2015 GLOBAL MOBILE PAYMENT TRANSACTION VALUE IS PREDICTED TO REACH USD 721 BILLION BY 2017. 1 Research into
More informationAn Innovative Two Factor Authentication Method: The QRLogin System
An Innovative Two Factor Authentication Method: The QRLogin System Soonduck Yoo*, Seung-jung Shin and Dae-hyun Ryu Dept. of IT, University of Hansei, 604-5 Dangjung-dong Gunpo city, Gyeonggi do, Korea,
More informationMobile Security: Controlling Growing Threats with Mobile Device Management
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
More informationSecure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved.
Secure your Privacy www.jrsys.com.tw CNN 2013/7/16 8:25PM Man Middle In The I got your ID/Password! Mobile Secure Secure sensitive access data Random Login Web Authentication One Secure Time Channel Password
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationOT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE
OT PRODUCTS AND SOLUTIONS MACHINE TO MACHINE MACHINE-TO-MACHINE ENABLE AND SECURE A CONNECTED LIFE DRIVEN BY GOVERNMENT REGULATIONS, COMPANY AND CONSUMER NEEDS, PRODUCTS ARE TRANSFORMED INTO INTELLIGENT,
More informationMobile Device as a Platform for Assured Identity for the Federal Workforce
Mobile Device as a Platform for Assured Identity for the Federal Workforce Dr. Sarbari Gupta President and CEO, Electrosoft U.S. Army Information Technology Agency (ITA) Security Forum Fort Belvoir Electrosoft
More informationBuilding Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.
Building Trust in a Digital World Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd. 2 Global incidents Equivalent of 117,339 incoming attacks per day, everyday Total number
More informationMODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION
Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION A SURVEY SHOWS THAT 90% OF ALL COMPANIES HAD BEEN BREACHED IN THE LAST 12 MONTHS. THIS PAIRED WITH THE FACT THAT THREATS
More informationWhat the Future of Online Banking Authentication Could Be
Universal Banking Solution System Integration Consulting Business Process Outsourcing Banking on Internet and mobile is gaining popularity The Pew Internet & American Life Project Tracking survey of December
More informationMobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security
www.thales-esecurity.com Mobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security 2 / Verizon Data Breach Report 3 / Victim Industry
More informationHow to reduce the cost and complexity of two factor authentication
WHITEPAPER How to reduce the cost and complexity of two factor authentication Published September 2012 48% of small and medium sized businesses consistently cite technical complexity and cost of ownership
More informationMobile Financial Services Business Ecosystem Scenarios & Consequences. Summary Document. Edited By. Juha Risikko & Bishwajit Choudhary
Mobile Financial Services Business Ecosystem Scenarios & Consequences Summary Document Edited By Juha Risikko & Bishwajit Choudhary Mobey Forum Mobile Financial Services Ltd. Disclaimer: This document
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More informationRight-Sizing M2M Security: The Best Security is Security Tailored to Your Application
Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application Introduction Security continues to be a hot topic in all areas of technology, including machine-tomachine (M2M) applications.
More informationTrust Digital Best Practices
> ARMING IT AGAINST SMARTPHONE THREATS Trust Digital Best Practices April 2009 The information contained herein is subject to change at any time, and Trust Digital makes no warranties, either express or
More informationImproving Online Security with Strong, Personalized User Authentication
Improving Online Security with Strong, Personalized User Authentication July 2014 Secure and simplify your digital life. Table of Contents Online Security -- Safe or Easy, But Not Both?... 3 The Traitware
More informationAuthentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
More informationFive Trends to Track in E-Commerce Fraud
Five Trends to Track in E-Commerce Fraud Fraud is nothing new if you re in the e-commerce business you probably have a baseline level of fraud losses due to stolen credit cards, return fraud and other
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationCellCast Solution for BlackBerry Smartphones. Security Overview. Revised: June 2010. www.mlearning.com
CellCast Solution for BlackBerry Smartphones Security Overview Revised: June 2010 www.mlearning.com Introduction The CellCast Solution for BlackBerry empowers sales, service and other remote teams to distribute
More informationIDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience
IDENTITY & ACCESS Privileged Identity Management controlling access without compromising convenience Introduction According to a recent Ponemon Institute study, mistakes made by people Privilege abuse
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationTrust the Connectivity Experts
Trust the Connectivity Experts Simplified, Proven Connection Management Mobile operators, cable operators, and device OEMs require a dynamic solution to keep subscribers online across every possible combination
More informationHow To Protect Your Restaurant From A Data Security Breach
NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE Payment disruptions impacting restaurant owners today An NCR Hospitality white paper Almost every month we hear a news story about another data breach that
More information3 Email Marketing Security Risks. How to combat the threats to the security of your Email Marketing Database
3 Email Marketing Security Risks How to combat the threats to the security of your Email Marketing Database Email Marketing Guide June 2013 Security Threats PROTECTING YOUR EMAIL DATABASE FROM HACKERS
More informationA brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
More informationMobile MasterCard PayPass UI Application Requirements. February 2013 - Version 1.4
Mobile MasterCard PayPass UI Application Requirements February 2013 - Version 1.4 Proprietary Rights The information contained in this document is proprietary and confidential to MasterCard International
More informationMobile Security. Policies, Standards, Frameworks, Guidelines
Mobile Security Policies, Standards, Frameworks, Guidelines Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Rev. 1) http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf
More informationADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief
ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS Adaptive Authentication in Juniper SSL VPN Environments Solution Brief RSA Adaptive Authentication is a comprehensive authentication platform providing
More informationSecurity of Proximity Mobile Payments
Security of Proximity Mobile Payments A Smart Card Alliance Contactless and Mobile Payments Council White Paper Publication Date: May 2009 Publication Number: CPMC-09001 Smart Card Alliance 191 Clarksville
More informationTechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security
Enterprise Mobility - Mobile Device Security Story Context: TechnoLabs has been focusing and offers Enterprise Mobility as one of its solution offering. No can deny the fact that mobile computing can bring
More informationReducing Cyber Risk in Your Organization
Reducing Cyber Risk in Your Organization White Paper 2016 The First Step to Reducing Cyber Risk Understanding Your Cyber Assets With nearly 80,000 cyber security incidents worldwide in 2014 and more than
More informationCyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799
Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies
More informationThe Impact of Emerging Payment Technologies on Retail and Hospitality Businesses. National Computer Corporation www.nccusa.com
The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses Making the customer payment process convenient,
More information