Loading…
This event has ended. Visit the official site or create your own event on Sched.
View analytic
Thursday, October 22 • 1:00pm - 2:00pm
Mobile Connect – A better and secure user experience for online authentication.

Sign up or log in to save this to your schedule and see who's attending!

The pervasive use of mobile devices and their integral role in accessing online services has created new opportunities for online authentication. At the same time this trendit poses significant challenges to provide a secure and usable mechanism for protecting sensitive data. There are several existing authentication methods with varying degrees of security and ease of use. For example, on one end of the spectrum we have systems that rely exclusively on passwords. These systems are easy to use but very insecure. Other the other end we can think of systems relying on traditional PKI based hardware tokens. These are hard to setup, and often equally hard to use., Between these two extremes we have a range of solutions such as one-time-code (OTC), one-time-password (OTP), SMS text, out-of-band (OOB) delivery of credentials. Each of these approaches has its own pros and cons in terms of user experience and security. In general, existing authentication solutions that are easy to use often lack in security and solutions that are very secure are invariably not so easy to use.

There is a need to have a secure authentication method with good user experience that leverages the existing available standards and technologies which make it easy to deploy. Mobile Connect is designed to address this need. Mobile Connect relies on existing standards, including OpenID Connect, and ETSI Mobile Signature Service, and is backed by GSMA, an international alliance of more than 800 mobile network operators worldwide. It enables mobile authentication with different levels of assurance. The technology behind Mobile Connect makes it possible for seamless rollout with minimal effort from Service Providers. For end users, the solution works on most if not all mobile phones, regardless of whether these are smart phones or feature phones.

In this talk we will introduce Mobile Connect, talk about deployment architecture and discuss various application use cases that address the security and usability needs of a world that is becoming increasingly mobile. We will also discuss how Mobile Connect and FIDO can complement each other and deliver solutions that break the traditional silos of authentication methods. In particular, we will cover the following topics:
1. Online authentication background, existing solutions and their limitations
2. Overview of Mobile Connect and the existing standards and technologies it relies on.
3. Example of how Mobile Connect can complement existing solutions
4. End user experience with respect to the use of Mobile Connect.
5. Technical as well as business related challenges that influence adoption of Mobile Connect.

Watch the Talk Video

Speakers
AA

Asad Ali

Principal Engineer, Gemalto
Asad Ali is a member of the senior technical community at Gemalto and heads the Research & Innovation group based in Austin, TX. His research interests have included smart card operating systems, web application frameworks, network security protocols, embedded file systems, secure portable tokens, cloud data encryption, adaptive authentication, and user-centric design methodologies. He holds numerous patents in the field digital security, and has... Read More →
avatar for Benoit Famechon

Benoit Famechon

Program Manager & Architect, Gemalto
Benoit Famechon is a senior program manager and architect at the Identity and Security Labs of Gemalto (Austin). | He is currently heading a team to develop Mobile Identity based products using GSMA specification. | He has worked in embedded development for Telecommmunication smartcards, Strong Authentication Server validation and certification and more recently for Trusted Service Management server as program manager for major US customers... Read More →
avatar for Najam Siddiqui

Najam Siddiqui

Software Architect, Gemalto
Najam Siddiqui is a member of the technical community at Gemalto and works in Research & Innovation group based in Austin, TX. His research interests include evolving authentication solutions, web application firewalls (WAF), one time password (OTP), cloud technologies (IaaS and PaaS) and optimizing DevOps.


Thursday October 22, 2015 1:00pm - 2:00pm
Gemalto Room Norris Conference Center, Austin
  • Host Organization