This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Thursday, October 22 • 1:00pm - 2:00pm
Mobile Connect – A better and secure user experience for online authentication.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The pervasive use of mobile devices and their integral role in accessing online services has created new opportunities for online authentication. At the same time this trendit poses significant challenges to provide a secure and usable mechanism for protecting sensitive data. There are several existing authentication methods with varying degrees of security and ease of use. For example, on one end of the spectrum we have systems that rely exclusively on passwords. These systems are easy to use but very insecure. Other the other end we can think of systems relying on traditional PKI based hardware tokens. These are hard to setup, and often equally hard to use., Between these two extremes we have a range of solutions such as one-time-code (OTC), one-time-password (OTP), SMS text, out-of-band (OOB) delivery of credentials. Each of these approaches has its own pros and cons in terms of user experience and security. In general, existing authentication solutions that are easy to use often lack in security and solutions that are very secure are invariably not so easy to use.

There is a need to have a secure authentication method with good user experience that leverages the existing available standards and technologies which make it easy to deploy. Mobile Connect is designed to address this need. Mobile Connect relies on existing standards, including OpenID Connect, and ETSI Mobile Signature Service, and is backed by GSMA, an international alliance of more than 800 mobile network operators worldwide. It enables mobile authentication with different levels of assurance. The technology behind Mobile Connect makes it possible for seamless rollout with minimal effort from Service Providers. For end users, the solution works on most if not all mobile phones, regardless of whether these are smart phones or feature phones.

In this talk we will introduce Mobile Connect, talk about deployment architecture and discuss various application use cases that address the security and usability needs of a world that is becoming increasingly mobile. We will also discuss how Mobile Connect and FIDO can complement each other and deliver solutions that break the traditional silos of authentication methods. In particular, we will cover the following topics:
1. Online authentication background, existing solutions and their limitations
2. Overview of Mobile Connect and the existing standards and technologies it relies on.
3. Example of how Mobile Connect can complement existing solutions
4. End user experience with respect to the use of Mobile Connect.
5. Technical as well as business related challenges that influence adoption of Mobile Connect.

Watch the Talk Video


Asad Ali

avatar for Benoit Famechon

Benoit Famechon

Program Manager & Architect, Gemalto
Benoit Famechon is a senior program manager and architect at the Identity and Security Labs of Gemalto (Austin). He is currently heading a team to develop Mobile Identity based products using GSMA specification. He has worked in embedded development for Telecommmunication smartcards... Read More →
avatar for Najam Siddiqui

Najam Siddiqui

Solution Architect, Software Security Architect, Gemalto
Najam Siddiqui is a member of the technical community at Gemalto and works in Enterprise and Cybersecurity group based in Austin, TX. His research interests include identity and access management solutions, web application firewalls (WAF), strong authentication solutions, Web application... Read More →

Thursday October 22, 2015 1:00pm - 2:00pm CDT
Gemalto Room Norris Conference Center, Austin
  Auth and Crypto Track
  • Host Organization

Attendees (0)