Mobile Security a secure ecosystem for connected devices

Similar documents
Mobile Sicherheitein sicheres Ecosystem für die mobile Kommunikation

Credential Management for Cloud Computing

E-Business, E-Commerce

Mobile Payment: The next step of secure payment VDI / VDE-Colloquium. Hans-Jörg Frey Senior Product Manager May 16th, 2013

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

Entrust IdentityGuard

Hard vs. Soft Tokens Making the Right Choice for Security

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

CARTES 2012 Demo presentation. Secure Cloud Storage

U.S. Mobile Payments Landscape NCSL Legislative Summit 2013

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK,

Improving Online Security with Strong, Personalized User Authentication

How CA Arcot Solutions Protect Against Internet Threats

V ISA SECURITY ALERT 13 November 2015

WHITE PAPER Security in M2M Communication What is secure enough?

How Secure are Contactless Payment Systems?

ADDING STRONGER AUTHENTICATION for VPN Access Control

Mobile Security. IIIIII Security solutions for mobile as an endpoint. financial services & retail. enterprise. public sector. telecommunications

S E P T E M B E R

MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION

Monitoring mobile communication network, how does it work? How to prevent such thing about that?

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Jort Kollerie SonicWALL

User Authentication for Software-as-a-Service (SaaS) Applications White Paper

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Remote Working Service Remote Access - VDI User Instructions

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Mobile OTP Issuance Existing Users Non- Roaming Flow (Private Computer)

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Five Trends to Track in E-Commerce Fraud

E-Banking Regulatory Update

Network Security in Building Networks

A MOBILE PAYMENT SYSTEM WITH AN EXTRA TOKEN OF SECURITY Nael Hirzallah 1 and Sana Nseir 2

Comodo Authentication Solutions Overview

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

Modern two-factor authentication: Easy. Affordable. Secure.

Adding Stronger Authentication to your Portal and Cloud Apps

Technology Showcase Theatre

Die Zukunft des M-Payment The future of m-payment

Phishing Activity Trends

Protect Your Business and Customers from Online Fraud

The Goods, the Payment and the Mobile!

Mobile Banking. Secure Banking on the Go. Matt Hillary, Director of Information Security, MX

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

STRONGER AUTHENTICATION for CA SiteMinder

Right-Sizing M2M Security: The Best Security is Security Tailored to Your Application

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Security Evaluation CLX.Sentinel

Guide to Evaluating Multi-Factor Authentication Solutions

The Convergence of IT Security and Physical Access Control

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

E Commerce and Internet Security

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

E-commerce: Competing the Advantages of a Mobile Enterprise

OATH FAQ February 20, 2004

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.

How do I Install and Configure MS Remote Desktop for the Haas Terminal Server on my Mac?

Breach Findings for Large Merchants. 28 January 2015 Glen Jones Cyber Intelligence and Investigation Lester Chan Payment System Security

Samsung SDS. Fast IDentity Online

Presentation Rundown. Introduction Product Overview Product Features Product Value Product Applications Question and Answer

Learn to protect yourself from Identity Theft. First National Bank can help.

WHITE PAPER Usher Mobile Identity Platform

Deter, Detect, Defend

The Convergence of IT Security and Physical Access Control

IIABSC Spring Conference

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

How to reduce the cost and complexity of two factor authentication

GEMALTO M2M KEY TECHNOLOGY TRENDS OF M2M

Layered security in authentication. An effective defense against Phishing and Pharming

Guideline on Safe BYOD Management

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis,

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Mobile Security: Controlling Growing Threats with Mobile Device Management

Detailed Description about course module wise:

EMV-TT. Now available on Android. White Paper by

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

VOIP SECURITY: BEST PRACTICES TO SAFEGUARD YOUR NETWORK ======

Phishing Activity Trends Report June, 2006

Internet threats: steps to security for your small business

What the Future of Online Banking Authentication Could Be

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

Online Account Takeover. Roger Nettie

Dangers of 'Good Enough' Authentication Solutions

Section 12 MUST BE COMPLETED BY: 4/22

Remote Access Securing Your Employees Out of the Office

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

Prevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA

Mobile device and application management. Speaker Name Date

Public Key Applications & Usage A Brief Insight

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

Securing corporate assets with two factor authentication

THE FFIEC CHALLENGE A Call for Reliable Authentication

Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers

Marble & MobileIron Mobile App Risk Mitigation

Transcription:

Giesecke & Devrient Mobile Security a secure ecosystem for connected devices 22.04.2010 VDE Kolloquium Münchner Dr. Kai Grassie CTO München, May 2012

Contents Giesecke & Devrient who we are The IKT industry gets mobile Security Threats in IKT Trusted execution environments Future trends 2

Giesecke & Devrient From Printing Banknotes to High-Tech Security Solutions Mobile Security Government solutions Cards for payment and telecommunications Banknote processing Banknote and security paper Banknote and security printing 1852 3 1964 1977 2012

The IKT Industry gets mobile 4

Convergence in the IKT Industry at work at home productivity UWB Ethernet 802.11 entertainment DWB cellular 802.11 802.11 hotspots on the move create a seamless environment for the user 5 NFC BT 802.11 NFC BT mobile

Smartphone Shipments will exceed Desktops PCs & Notebooks 700 2012E: Expected Inflection Point Smartphones > Total PCs Global Unit Shipments (in Mill) 600 500 400 300 200 100 0 2005 Notebook PC s Desktop PC s Smartphones Source: Morgan Stanley 6 2006 2007 2008 2009 2010E 2011E 2012E 2013E

Secure Applications migrate into Smartphone Loyalty Payment Physical Access Communicate Pay Content Download Identify Transact Ticketing DRM Device Configuration 7 Identity Management

Market potential: mcommerce & Financial Services Mobile Financial Services TAV >587 bn$; user >939 m Banking TAV >565 bn$; user >816 m Bill Payment Funds Transfer Account Management and Customer Service Financial Information Services Payment TAV >22 bn$; user >204 m Remote Payment Physical Payment (NFC based, TAV =12bn$, 52m users) Mobile Commerce TAV >124 bn$; user >2 bn Ticketing Mobile Search Transport Web / local On / off portal TAV >45 bn$; user>278m Railways, buses Air travel Parking, tolls Event Theatre, musik Sports Retail Service TAV >20 bn$; user >132m Vending Online TAV >3bn$ Entertainment TAV >56bn$ Infotainment UGC Mobile TV Music Games Adult Gambling Source: Juniper Research, various market analysis 2007-2008; * assumption G&D/NB3 8

Security threats in IKT 9

Threats while using the Internet increase dramatically Phishing successful 5-10% of the time ID Theft costs user $500 and 30 hours per incident (US FTC) Increased numbers of active phishing sites 27000 in June 07 Man-in-the middle attacks Hijacking Rerouting DNS Spoofing 70% of users would trade their password for chocolate $5.000.000.000 in remote payment fraud Password sniffers Liability can be shifted to issuing banks how will they pass-on the losses? Pharming Phishing Crack once, use everywhere Yahoo = Lotus? Bank = AOL? 10 Demonize-T Trojan horse forwards password keystrokes to hacker websites

The Development of Threats New attacks simply wait until authentication process has been completed: username / password PKI device internet OTP device Server The application / the browser is the new target: Malware infects the browser/app (exploiting default interfaces) Mobile as authentication device After the authentication the malware takes control of the browser and performs own operations in the name of the legitimate user The malware displays to the user what he expects to see, not what is really happening 11

Multifactor Authentication Methods A Paradigm of the Past Barrier to Entry / Complexity / Cost Biometrics (Biological) Biometrics (Behavioral) Smart Card (PKI) OTP Token / EMV Soft Token Out-of-Band Authentication Knowledge-Based Authentication Adaptive Authentication Password Lightweight OTP Advanced Password Assurance Strength 12

Trusted Execution Environments 13

TEE (MobiCore ) the glue between Hardware and Apps Applications Mobile Payment Mobile Banking Mobile Ticketing Mobile Visa MobiCore 14 Mobile Health Services Mobile Public Services

Backend Solutions for Trusted Mobile Services Application Processor Service Provider G&D Trusted Service MgtG&D MNO Server SW & Services Personalisation Application Management Lifecycle Management Maintenance 15

Future trends 16

Some future trends Accessing the Cloud Web Services & In-Car Internet Road Billing M2M Intelligent Car Routing and Navigation Traffic info and web cams (Location based) web information Fleet Management GPS Street Parking Parking Slots Reservation Social nets / distrib. identities 17 Inter Car Communication Contactless Gas Station Smart Grid Mobile TV

our opportunities in securing the connected future Applications Mobile Payment Mobile Banking Mobile Mobile Visa Ticketing Mobile Health Services Mobile Public Services Location based web info Digital content GPS based road tolling GPS based Fleet parking manageme nt Value Creation Secure Elements, Software & Services 18

Thank You 19

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information