securing online services in a mobile first world
DESCRIPTION
JEAN-FRANÇOIS RUBON, Director, Innovation & Strategy, Gemalto, at the European IRM Summit 2014.TRANSCRIPT
![Page 1: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/1.jpg)
JF Rubon, Strategy & Innovation
05/11/2014
SECURING SERVICES IN AMOBILE FIRST WORLD
![Page 2: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/2.jpg)
Mobile Corporate Badge
AGENDA
1 – GEMALTO : WHO WE ARE
2 – THE SHIFT TO MOBILE
3 – MOBILE CONNECT
Mobile Corporate Badge2
![Page 3: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/3.jpg)
OUR COMPANY
OUR CLIENTS
OUR INNOVATION
GEMALTO KEY FIGURES
13/04/2023
€2.4BN(2013)
INVESTED IN R&D
€177M(2012)
NATIONALITIES
190
12,000
REVENUES
PATENTS & PATENT APPLICATIONS
MOBILE NETWORK OPERATORS450
FINANCIAL INSTITUTIONS
3,000+
4,300
EMPLOYEES
80 eGOVERNMENT PROGRAMS
110DIGITAL ENGINEERS1,700
NEW INNOVATIONS FILED IN 2012
3
![Page 4: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/4.jpg)
13 avril 20234
Gemalto as a leader of Authentication
GARTNER’S MAGIC QUADRANT ON USER AUTHENTICATION (eBanking / Enterprise)
Gemalto
AUTHENTICATION SOLUTION
95%of the authentication market coveredby these players
Safenet
![Page 5: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/5.jpg)
13 avril 20235
+100M people using our Authentication solutions
LinqUs Mobile ID
NATIONAL DEPLOYMENTSOF MobileID
MNO
+20Service Providers already connectedour platform
500
on going deployments for 2014
+5
MOBILE eBANKING
users protected byEZIO SOLUTIONS
+90M
200 CUSTOMERSWW
MANY CUSTOMERS FROM
FORTUNE 500
CORPORATE
employees WW useour eID solutions
+7M
![Page 6: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/6.jpg)
The shift to mobile Security needs, solutions
![Page 7: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/7.jpg)
13 avril 20237
2.7 Bn people* frustrated by their digital journey… (source: ICT, number of Internet users in 2013)
Username management nightmarePassword fatigue and weaknessesRegistration fatalityTrust and privacy failure
LinqUs Mobile ID
They need: Convenient online authentication,secure environment and mobility
* Source: Fireclick – NorSIS Institute - Microsoft
![Page 8: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/8.jpg)
13 avril 20238
… impacting online service providers activities
LinqUs Mobile ID
WEB AND E-MERCHANT SERVICES: Security breaches, impacting brand imageLow conversion / transformation rate
BANKS: Customer service costsClients growing mobility vs inconvenience to access ebanking
ENTERPRISES: Securing cloud services access to enhance employees’ mobilitySecurity breaches multiplying
GOVERNMENTS: Reduce long time-frame and administrative costsDematerialization regulation pressure
They need: Trusted ecosystem and customer attraction Revenue and/or Costs
![Page 9: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/9.jpg)
13 avril 20239
Service providers need scalable authentication levels of assurance
LinqUs Mobile ID
![Page 10: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/10.jpg)
13 avril 202310
THE BIGSHIFT TO MOBILE
Gemalto Mobile
SMARTPHONESALES
SOURCES:GEMALTO, GATNER, INFORMA, PUBLIC SUBSCRIBER DATA
58.5BN(2012)
CONNECTEDDEVICES BY2020
LTE SUBSCRIPTIONSBY 2018
1.36BN
50 BN
203BN(2020)
OTT MESSAGES
NFC- ENABLEDSMARTPHONES
USERS COVERED BY TSMs
1 BN (2013)
~25%
300 M(2010)
1.5BN
![Page 11: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/11.jpg)
13 avril 202311
Existing hardware solutions for the PC world
LinqUs Mobile ID
Smart Cards May include user picture Company logo Physical access (badge)
Tokens long battery lifetimeOptional USB interfaceCompany logo
Can they still be used in the mobile world ?
![Page 12: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/12.jpg)
Mobile Corporate Badge12
Keep a separate tokenAlongside the mobile devices
Use Mobile DeviceHardware capabilities
&
Transfer the secure application & credentials into the deviceUse Built-in NFC capability
Use an attached reader
Sleeve
USB readers
Use a detached reader
Bluetooth
Bluetooth Smart (BLE)
UICC
µSD
eSE
TEE
Shift to mobile : 2 possible axis
![Page 13: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/13.jpg)
MOBILE COMPATIBILITY
Mobile Corporate Badge13
Secure Element Family
Badge & NFC / BLEConnectivity NeededLarge compatibility
UICCThrough MNOsLarge compatibility
microSDSlot NeededFair compatibility
Attached ReaderLow user convenienceDevices with external port
eSEFragmented market
Soldered to the device
TEESelected devices onlyMajor mobile makers
![Page 14: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/14.jpg)
Without a reader
Detached readers
Attached readers
Compatibility with devices
14
Bluetooth reader
Dual Interface Card
Standard or proprietary port
( only)
![Page 15: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/15.jpg)
13 avril 202315
UICC
Gemalto Mobile
The most universal secure element
Highly secure & certified
Fully standardized
Each Service Provider has dedicated secure ‘space’ on SIM
Remotely manageable
Service platform (Java Card™)
Existing deployment processes
Issued by the MNOs
SHIPMENTS OF SIM CARDS IN 2013 4.2BN
Memory
MNO BANK 1
BANK 2
SP
Global Platform compliant OS
Certified Secured Hardware & Software
![Page 16: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/16.jpg)
13 avril 202316
EMBEDDED SECURE ELEMENT
Gemalto Mobile
A second highly secure chip in the handset
Inherits security from the UICC
Easy to integrate into any devicein multiple form factors
Remotely manageable
Enabling innovative secure use cases
Also suitable for new consumer devices(wearables, tablets, consoles)
![Page 17: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/17.jpg)
13 avril 202317
TRUSTED EXECUTION ENVIRONMENT
Gemalto Mobile
Relies on hardware processor features
Remotely manageableSecure interaction between user, services & peripherals (screen, touch..)Secure storage of code & dataIntegrated into the main processor
OPERATING SYSTEM(e.g Android)
TEE OS
TRUSTZONE™SYSTEM-ON-CHIP
Application Processor
![Page 18: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/18.jpg)
GSMA Mobile ConnectMobile Operators as identity providers
![Page 19: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/19.jpg)
13 avril 202319
GSMA Mobile Connect
LinqUs Mobile ID
“Develop an innovative new service that will allow consumers to securely access a wide range of digital services using their mobile phone number for authentication.” Source: GSMA Mobile Connect press release – 24/02/2014
$5Brevenue per year when mobile ID market is matureSource: Greenwich Consultingfor GSMA
![Page 20: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/20.jpg)
13 avril 202320
The goal is to fulfill service providers’ID management needs…
LinqUs Mobile ID
MOBILE OPERATORSto provide all service providers with a common identity solution leveraging convenient, strong SIM-based Mobile Connect service
Light Authentication
Medium to Strong Authentication
Strong Authentication
Medium to Strong Authentication
Improving end-user journey for more
transactions
Adding customer channels without security breach
Reducing administration costs
and time-frame
Leveraging cloud services and making
their workforce mobile
![Page 21: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/21.jpg)
13 avril 202321
…bringing a diversity of services
LinqUs Mobile ID
Entry-level ID, similar to Facebook Connect, low levelof security
Use mobile as second factor overlay
Use mobile asa replacementfor legally binding ‘wet’ signature
MNO becomesID custodian: certifies users’ details to SPs
FEDERATED IDENTITY
2ND FACTOR AUTHENTICATION
MOBILE DIGITAL SIGNATURE
IDENTITY BROKERAGE
Single Sign On Solutions
OTP, PKI, NFC, biometrics… solutions
Mobile PKI Solutions IdM Solutions
ID
Web access
granted!
![Page 22: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/22.jpg)
© 2014 Gemalto
Trusted Service Manager (TSM) solution to support a complex ecosystem
To give access to the MNO subscribers base while ensuring quality of access
MNO-TSM
To securely deploy & manage SP applications on any wireless network
SP-TSM
MNO 1
MNO 2
MNO 3
22
SP-TSM MNO-TSM
Service Providers Mobile Operators
![Page 23: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/23.jpg)
13 avril 202323
Providing the simplest user experience
LinqUs Mobile ID
![Page 24: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/24.jpg)
13 avril 202324
3 key deployment challenges
LinqUs Mobile ID
No “one fits all” solution
CONVENIENCE
No convenience, no adoptionEnrolment and usageNeed to stick to smartphone user experience
SECURITY
Secure accessSecured communicationCorporate data protectionFraud Management
REACH
Address fragmented technical platforms:multiple devices,multiple SE
In different countries :Legal, regulation, …
To consumers, civil servants,employees,citizens
CHALLENGE
REACH
CONVENIENCE
SECURITY
![Page 25: SECURING ONLINE SERVICES IN A MOBILE FIRST WORLD](https://reader035.vdocuments.site/reader035/viewer/2022070319/5584edc7d8b42a30708b49f9/html5/thumbnails/25.jpg)
JF Rubon
Thank you !