Security and Usability

Similar documents
Improving Online Security with Strong, Personalized User Authentication

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

Multi-factor Mobile Authentication

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

How Secure is Authentication?

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

Are Mobile Devices the Answer to the Strong Authentication Problem?

Secure Your Enterprise with Usher Mobile Identity

Nomophobia Rules! Connect: ID Terry Hartmann VP Industry Applications 23 March 2014

Brainloop Secure Dataroom Version QR Code Scanner Apps for ios Version 1.1 and for Android

Multi-Factor Authentication for your Analytics Implementation. Siamak Ziraknejad VP, Product Management

Innovation and Emerging Payments/FinTech

Two Factor Authentication (TFA; 2FA) is a security process in which two methods of authentication are used to verify who you are.

Installation Introduction

Apple Pay & The New Environment for Mobile Payment Apps

Special Report: Trends in Mobile Payment April 2015

OCBC BANK FIRST TO LAUNCH BIOMETRIC AUTHENTICATION FOR A BUSINESS BANKING MOBILE APP

FIDO Modern Authentication Rolf Lindemann, Nok Nok Labs

Cloud Services MDM. Control Panel Provisioning Guide

Mobile Financial Services

ONE LESS THING TO WORRY ABOUT.

General information about NFC technology

U.S. Mobile Benchmark Report

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

Global Mobile Technologies Guide for Zenprise Enrollment for IOS devices (ipad, iphones)

Mobile Operating Systems & Security

ANDROID APPS FOR RETAIL WHY SHOULD YOU HAVE ONE?

A Solution to the Mobile Wallet Conundrum

WHAT IS A MOBILE WALLET? AN INTRO TO MOBILE WALLETS

NC CJIN Governing Board. 13 October, George A. White

GLOBAL TELECOM INVOLVEMENT in the I D E N T I T Y E C O S YS T E M. July 2013

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

How Secure are Contactless Payment Systems?

How Secure is Authentication?

OVERVIEW OF MOBILE PAYMENT LANDSCAPE

OVERVIEW OF MOBILE PAYMENT LANDSCAPE Marianne Crowe Federal Reserve Bank of Boston NEACH September 10, 2014

mcashier User Guide To accept payments To cancel a payment

ANALYTICS WHITE PAPER. MicroStrategy Analytics: Delivering Secure Enterprise Analytics

U.S. Mobile Payments Landscape NCSL Legislative Summit 2013

Epic Remote Access for Mobile Devices FAQ and Setup

Click to edit Master title style

Android pay. Frequently asked questions

Scalable Authentication

Manual for Android 1.5

Lee Barnes, CTO Utopia Solutions. Utopia Solutions

May For other information please contact:

Bring Your Own Device Bring Your Own Data? Thursday 10th April 2014 Dai Davis Solicitor and Chartered Engineer Partner, Percy Crow Davis & Co

The State of Pay. A mobile revolution. semble.co.nz

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

interactive product brochure :: Nina: The Virtual Assistant for Mobile Customer Service Apps

Apple Pay & The New Environment for Mobile Payment Apps

Building a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

Mobile Access Software Blade

Data Security in a Mobile, Cloud-Based World

Voice biometrics. Advait Deshpande Nuance Communications, Inc. All rights reserved. Page 1

NFC & Biometrics. Christophe Rosenberger

French Justice Portal. Authentication methods and technologies. Page n 1

How can I protect against the loss of my ID if my device is lost or stolen?

Neustar Intelligent Cloud Services

NACCU Migrating to Contactless:

Mobile Banking FAQ Page 1 of 9

Engage Mobile Security Whitepaper

User's Guide. Copyright 2014 Bitdefender

Multi-factor authentication

APPLE & ANDROID. User Guide BNC ONLINE BANKING

Two-Factor Authentication User FAQ s

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

NetIQ Advanced Authentication Framework - Smartphone Applications

...Some people / organizations will be a target REGARDLESS of what they do, but most will be a target / victim BECAUSE of what they do

Mobile Driver s License Solution

Deploying our multichannel

One Platform for all your Print, Scan and Device Management

Your MSU App - Rave. Alerts, Guardian Safety App and E-TIPS

Securely Yours LLC We secure your information world. www. SecurelyYoursllc.com

Moving to Multi-factor Authentication. Kevin Unthank

Samsung SDS. Fast IDentity Online

TECHNOLOGY WHITEPAPER

BY THE NUMBERS. Understanding the mobile gaming landscape through Unity metrics

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

Westcon Presentation on Security Innovation, Opportunity, and Compromise

Protecting your Data, Devices, and Digital Life in a BYOD World: A Security Primer GLENDA ROTVOLD AND SANDY BRAATHEN NBEA APRIL 2, 2015

Trends in Mobile Authentication. cnlab security ag, obere bahnhofstr. 32b, CH-8640 rapperswil-jona

Sophos Mobile Control User guide for Apple ios. Product version: 4

Feature Matrix MOZO CLOUDBASED MOBILE DEVICE MANAGEMENT

MCX/CURRENTC. This payment app will be unique from other mobile payments options in that it is not device specific. Consumers

Whitepaper on identity solutions for mobile devices

Mobile Payment Transactions: BLE and/or NFC? White paper by Swen van Klaarbergen, consultant for UL Transaction Security s Mobile Competence Center

Payeezy.com Security in Apple Pay In-App Development

Mobile Security Solution BYOD

Business Banking Customer Login Experience for Enhanced Login Security

Security in an Increasingly Threatened World. SMS: A better way of doing Two Factor Authentication (2FA)

Device-Centric Authentication and WebCrypto

EMV-TT. Now available on Android. White Paper by

22 nd NISS Conference

Entrust IdentityGuard

Password Reset PRO Version 3 Operational Summary and Screenshots

Transcription:

Security and Usability David Hunt: DCH Technology Services

A Financial Services View Active Security Passive Security Technologies Impact on Users Big Data Consumer context, do we know you?

Active Security The perfect software system from a security architecture perspective: Highly Secure. Many different security technologies. User id, password RCA type Token 2 Factor Authentication

Active Security Why users dislike too much active security, payments: Intrusive RCA Token --- Mobile!! Not always intuitive 2FA requirements to enroll for MPS payments User ID to authorize payments NFC Chip and PIN QR codes

Partnerships and extended networks Extension of traditional partnerships Creation of new opportunities Extended threats Biometrics

Extension of traditional partnerships Introduces a set of new partnerships (TSM) and opportunities (SIMM) and creates new threats through the extended network.

The SIMM card can provide a high degree of security on a mobile device same capabilities as a credit debit card. Creation of new opportunities Phone only Alternative secure elements???

Extended threats Personal Cloud OpenID??? Consumers will look to create a extended world of APPS and data on their personal devices. This creates threat opportunities on these devices as no single APP/provider is in control, or can set standards or security policies.

Biometrics the silver bullet?? Apple buys fingerprint security firm AuthenTec The Galaxy S4, like Apple's iphone, has voice recognition software but at present it cannot identify a particular person. In future, it's possible that a smartphone could recognise its owner's voice and unlock accordingly. Nuance Voice Biometrics My voice is my password. Samsung has had a "Face Unlock" feature in its phones since the Galaxy S3. It s early days yet

Passive Security Big Data and Security Analytics Consumer context, do we know you?

Big Data Fraud detection Already employs an element of passive security data collection Profiling Transaction History Location Tracking Big Data will take this to a new level

Role of Big Data Analytics Enhance the current fraud and security processes How well do we trust the current user?? What is the appropriate security token for a given transaction What additional information do I need for a given transaction.

How well do we know you? The value of customer context Convergence of Security and Marketing through the use of big data analytics Collecting browsing behaviours Mining data in transaction histories Buying in 3 rd party data Location behaviours Security vs privacy of the individual Unique in the crowd: The privacy bounds of human mobility

Studied fifteen months of human mobility data for one and a half million individuals and find that human mobility traces are highly unique. In fact, in a dataset where the location of an individual is specified hourly, and with a spatial resolution equal to that given by the carrier s antennas, four spatiotemporal points are enough to uniquely identify 95% of the individuals While in the past, mobility traces were only available to mobile phone carriers, the advent of smartphones and other means of data collection has made these broadly available. For example, Apple has recently updated its privacy policy to allow sharing the spatio-temporal location of their users with partners and licensees Furthermore, it is estimated that a third of the 25B copies of applications available on Apple s App StoreSM access a user s geographic location, and that the geo-location of, 50% of all ios and Android traffic is available to ad networks. All these are fuelling the ubiquity of simply anonymized mobility datasets and are giving room to privacy concerns.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information