Usher Mobile Identity for Higher Education Institutions Rebecca Parks Associate Product Manager, MicroStrategy
Agenda Overview of Mobile Identity Verify Personal ID Login to University Systems Unlock Doors on Campus Usher Intelligence Security Questions? 2
Mobile Identity: Advantages Over Physical ID Cards Nine out of ten college students will own a smartphone by 2016 1 12 34 Dematerialize physical IDs into mobile software. Link each mobile ID to its owner using biometrics. Extend the use of mobile ID to applications, entryways, and transactions. Deliver identity as an enterprise-class utility. 3 Source: emarketer Online: http://www.emarketer.com/newsroom/index.php/collegestudents-adopt-mobile-board/
Mobile Identity Big Idea 1: Dematerialize Traditional IDs Traditional Identity Mobile Identity sjones" 4 Can be lost, stolen, and counterfeited Impossible to verify Static and never up to date Never lost or stolen Electronically verifiable Always accurate and up to date
Mobile Identity Big Idea 2: Link Mobile ID Link the mobile identity of the person biometrically, to the phone cryptographically, and to ID systems dynamically through out-of-band channels. These links make the mobile identity always accurate and impossible to counterfeit or steal. Biometric Link Only the owner can use the mobile identity Cryptographic Link Only designated phone(s) can use the mobile identity Dynamic Link The mobile identity is always up-todate and valid 5
Mobile Identity Big Idea 3: Extend Biometric Mobile ID Type Usher Code Personal ID Verify anyone s identity Scan Usher Stamp Transmit Usher Signal Cyber Security Log in to applications Physical Access Unlock entryways 6
Mobile Identity Big Idea 4: Deploy Identity as a Utility Usher is the most comprehensive mobile identity platform in the world. Its four components work in parallel to provide enterprises, governments, and universities with an industrial-strength identity ecosystem. Usher Mobile Usher Intelligence Usher Manager Usher Vault The mobile app that replaces physical forms of identification. The application that analyzes identity activity across the enterprise. The administrative control center for managing the entire Usher system. The secure server that provides out-ofband ID flow and encryption. 7
Perfect Registry of Education Usher enables a record of academic achievement Positive verification of alumni status Student loans in good standing Securely link to transcripts and recommendations Capture undergraduate and post-graduate activity 8
Verify Personal ID An industrial-strength security checkpoint in every user s pocket 9 Verify identity in person Verify identity over the phone Broadcast identity to anyone near you Validate group affiliation
Safeguard University Systems Without Passwords Universities make ripe targets because they store vast numbers of personal records, often in decentralized servers. The records can be a gold mine because students often have pristine credit reputations and do not monitor their account activity and credit scores as vigilantly as adults. The New York Times 1 1. Source: The New York Times, October 3, 2013 http://bits.blogs.nytimes.com/2012/10/03/hackers-breach-53-universities-dumpthousands-of-personal-records-online/ 10
Cyber Security Affects Universities In 2012, a data breach on Northwest Florida State computer systems affected 300,000 members, leading to identity theft, student scholarship access, and fraud. 1 In 2013, hackers stole the identity information of 72,000 university members at the University of Delaware, and dealing with the computer security problem could cost as much as $19 million. 2 76% of hacked network intrusions exploited weak or stolen credentials. 3 66% of cyber crimes took months to discover. 3 Cyber crime costs an average of $380B per year worldwide. 4 1. Source: Northwest Florida State: http://www.debt.org/2012/11/14/hackers-steal-300000-employee-studentrecords-florida-college/ 2. Source: USA Today: http://www.usatoday.com/story/tech/2013/07/31/identitytheft-university-of-delaware/2602229/ 3. Source: Verizon Study: Verizon Data Breaches 2013 4. Source: European Commission Study, 2013, Cybersecurity Strategy of the European Union 11
Login to University Systems Dynamic QR Code Displayed Scan QR Code to Log In SCAN Simply scan a QR Code on the screen No passwords to be managed, reset or stolen Time-sensitive codes are more secure than passwords 12
Ensure Validity of Distance Learning Loan Applicants Track progress of students and maintain awareness of key behaviors Distance learning is an increasingly popular educational platform Loans for distance learning are a particular concern, due to lack of face-to-face contact Usher can institute positive ID of applicants, students, and alumni 13
Campus Security Control entry into campus buildings Track the number of students in a particular building on campus Enable time-sensitive building access for classes and dorms Easy card management; instantly issued and revoked, even remotely Avoid student usage of expired cards 14
Unlock Doors on Campus with Usher Secure every entryway with biometrics while offering greater convenience and manageability than physical keys. Tap an Usher Key Scan an Usher Stamp Automatically unlock doors with Bluetooth 15
Usher Identity Architecture Web Applications Mobile Devices Physical Access System Client Layer API Usher Mobile API Server Layer Usher " Server Connector Layer Connectors Existing ID repositories" IDMS SSO PACS 16
Visualize All Identity Activity with Usher Intelligence Monitor badge activity, time, and location Identify Anomalies in Student Activities Login attempt from unusual/improbable location Late night/frequent attempts to get into a building Strengthen Disaster Response Respond quickly to campus emergencies Facilitate instantaneous lockdown Track Campus Coverage by Security Personnel Campus Safety Officers Medical Center Workers Transportation Officers 17
Control Resources Analyze the volume and timing of access requests for entry barriers and university systems, and set up proactive alerts when abnormal activity is detected. Cyber Security Resource Management Detect abnormal activity: Irregular usage patterns Outlier activity After hours access Users in two places at once 18
Fraud Prevention Prevent billions in student loan fraud Over $100B in annual financial aid According to the OIG, college students who are suspected of engaging in loan fraud increased 82%, from 18,719 students in 2009 to 34,007 students in 20121 Student loan fraud was approximately $874 million, with the government losing about $187 million1 1. Source: http://www2.ed.gov/about/offices/list/oig/semiann/sar66.pdf 19
Optimize Resource Efficiency Understand university resource consumption. Visualize physical and electronic uses of university infrastructure Analyze university program participation Gauge frequency and timing of usage patterns 20
Reach All Students or a Segment Proactive Messaging Capabilities Alerts and reminders delivered directly to all users Tailored broadcast messaging to specific groups of individuals 21
Security: Multi-fencing Powerful fencing controls can restrict access based on several conditions, and layer them in any combination for heightened campus security. Geo-fencing Time-fencing Bio-fencing Dual authorization-fencing Restrict access to a system or entryway based on a user s location. Limit the times at which users and groups can access systems or entryways. Set high-security resources and doors to be accessible only after a biometric check. Require specific systems and doors to be only accessible if two or more people submit simultaneous requests. Madison Hall, North Campus Within 500 feet Mon. Fri., 9:00 AM to 5:30 PM Voice print required on-demand 22
Usher Platform: Phone Security Five layers of security protects identities when a phone is lost or stolen. Layer 1 Phone Lock 23 Layer 2 Biometrics Layer 3 Data Encryption Layer 4 Deactivate Usher Layer 5 Wipe the Phone
24 Questions?
Thank You! Rebecca Parks rparks@microstrategy.com 25