RISK-BASED APPROACH TO DEPLOYMENT OF OMNICHANNEL BIOMETRICS IN SBERBANK
|
|
- Allan Carroll
- 6 years ago
- Views:
Transcription
1 SESSION ID: IDY-W02 RISK-BASED APPROACH TO DEPLOYMENT OF OMNICHANNEL BIOMETRICS IN SBERBANK Anton Mitrofanov Authen:ca:on PlaBorm Chief Product Owner Sberbank Leyla Goncharenko Risk-based authen:ca:on Product Owner Sberbank
2 Biometrics as a FinTech Trend Juniper, TOP 10 DISRUPTIVE TECHNOLOGIES IN FINTECH,
3 Biometrics as a FinTech Trend 3
4 Biometrics as a FinTech Trend 4
5 Biometrics as a FinTech Trend 5
6 Biometrics as a FinTech Trend Banks turn into digital plaborms Digital UX requires seamless and fast security biometrics? Biometrics is already trendy among mobile devices (FaceID, TouchID) Banks experimen:ng with different types of biometrics depending on the environment (Branch, Call Center, Mobile Apps, ATM) Biometrics becomes a part of government regula:ons and complience 6
7 Biometrics is a silver bullet..? No need to take the IDs - Biometrics is always with you Biometrics aligns the Customer experience among the service channels: ATM Branch Mobile Apps Call Center Ge\ng the costs down for the branches and call center 7
8 .. Or a challenge? What the Banks face when implemen:ng biometrics are: Privacy concerns Liveness issues Recogni:on accuracy Enrollment is not equally secure Complicated rules and trust matrix are implemented to reduce the risks 8
9 Biometrics limita:ons Recogni:on accuracy? P = 0,999 P = 0,0001 Probability of false accept for biometrics is always above zero Accuracy in large volumes? Is it alive? Biometrics based mostly on image processing. How could we assure that it is live person? How to re-issue your biometrics? If your biometrics was stolen - how could we trust you? 17 9
10 Biometrics technologies security Framework Override or modify data 6 Data storage Modify biometrics reference 7 Signal Data capture Comparison Decision processing Presenta:on alack Modify sample Override signal Modify probe Override comparator Modify score Override decision From ISO/IEC , inspired by figure by Nalini Ratha from 2001 and Standing Document 11 of ISO/IEC JTC1 SC
11 Biometrics technologies security Alacks examples Biometrics scanners Spoofing Biometrics search engine Morphing Enrollment process Profile stealing Profile 1 Profile 2 Profile 3 Profile 4 Presenta:on alack Override comparator Modify biometrics reference 19 11
12 Biometrics liveness detec:on Interac:ve liveness Random user ac:ons «3D» models based on movements Environmental liveness Recogni:on of displays signatures Recogni:on of paper and phone/ tablet forms 28 Scanner-based liveness 3D models based on depth surface, temperature and pulse analysis IR images
13 Authen:ca:on factors across the channels 13
14 Lessons Learned Voice and face biometrics are easier to integrate and common for Customers. Behavioral biometrics is an addi:onal invisible layer of protec:on. Fingerprints and palm veins good for physical access and trade acquiring. Presenta:on alack detec:on is s:ll a challenge: we see poten:al in mul:modal liveness detec:on (e.g. face+voice or face+behavior). Server-side processing provides omnichannel approach, but s:ll you need to es:mate the risks. On-device processing is s:ll on our radar as the privacy concerns and regula:ons may change the world quickly 14
15 RISK-BASED AUTHENTICATION AS UNIVERSAL SOLUTION
16 Risk-based authen:ca:on Basic workflow? Score ac:on s risk level Select available auth factors Define necessary and sufficient challenge 4 Authen:cate by selected factors Risk score User behavior profile for anomaly detec:on Define available auth factors Check IT-environment for scanners availability Select appropriate combina:ons Define challenge based on risk score Factor i weight F i Risk score R Challenge: Sum (F i ) R = 0 Challenge user by selected factors Confirm users iden:ty 21 16
17 Measuring risks AuthenRcaRon data model AuthenRcaRon measurement models Behavior profile Environment data End-point device fingerprint Ac:on data Anomaly behavior Change in environment End-point device fingerprin:ng Ac:on risk scoring Rule-engine decision maker Set thresholds for interpre:ng measurement results Rules for combining results of measurements Rules for including external data and models results Decision making conveyer 22
18 How to measure auth alempt? Supervised learning Unsupervised learning Rule engine Based on appeals from customers or IDS/Fraud incidents detec:on User behavior profile for anomaly detec:on Set of rules, describing: know alacks/frauds interpreta:on of outputs from models 23 18
19 Authen:ca:on measurement models User behavior scoring looks at previously aggregated sta:s:cs of typical user ac:ons Environment scoring based on geoloca:on, network provider, IP End-point device scoring takes into account device alributes (model, S/N, hardware etc) Rule-engine as mandatory component of decision making for risk-based approach our approach to use rules for interpre:ng scores from models Behavior model Environment score End-point score Factors weight Overall score 24
20 Rule-engine for risk-based models Rule-engine is mandatory component of decision making for risk-based approach Rule-engine used for: Interpre:ng models scoring Defining known alack/fraud cases Selec:ng available and allowable authen:ca:on factor Composing final decision 25
21 How to measure auth factor s trust? Frequency of usage by user how usual this factor is for this user? «Resistance» to compromising (based on experience) set by security experts based on best world prac:ces and experience Channel type how secure is channel of registra:on? Alack sta:s:cs how much security incidents with this type of factors? 26 21
22 How to measure biometrics template s trust? Biometrics template enrollment channel Step-up bio template confirma:on VS? VS? Step-up template confirma:on process Biometrics enrollment sample quality Liveness detector score Enrollment environment risk score 27 22
23 Risk-based transac:on verifica:on Decline No 1 Financial transac:on scoring 2 Is transac:on good? Not sure 3 Confirma:on of payment 4 Models adjustment Transac:on risk score Authen:ca:on risk score User environment, etc. Allow Yes Transac:on risk score Authen:ca:on risk score User environment, etc. What factors available in this channel? What factors are available for user? Supposed fraud case restricts sufficient auth factors What factors set are sufficient to ensure trust? Adjus:ng transac:on and authen:ca:on measurement models according to confirma:on result 29
24 RBA: Typical transac:on RBA checks the pre-requisites Login+pass Device fingerprint Geoloca:on, IPaddress, etc. Behaviour palern Transac:on metadata Metadata from the other systems Current operaron pazern: Legi:mate user makes a typical transac:on in a banking mobile app Entered correctly from the first try Known device with a good background info Typical geoloca:on and IP-address Typical behavioral palern Typical transac:on User Risk: low TransacRon risk: low AcRon: allow transac:on Result: transac:on allowed with no addi:onal ac:ons from a user No red-flags from the other systems, e.g. SIM-card never switched, mobile number never changed, no SIEM alerts, etc. 30
25 RBA: Step-Up and De-escala:on RBA checks the pre-requisites Login+pass Device fingerprint Geoloca:on, IPaddress, etc. Behaviour palern Transac:on metadata Metadata from the other systems Current operaron pazern: Legi:mate user makes purchase abroad Entered correctly from the first try Known device with a good background info Non-Typical geoloca:on and IP-address Typical behavioral palern New transac:on type, but no fraud-signs detected No red-flags from the other systems, e.g. SIM-card never switched, mobile number never changed, no SIEM alerts, etc. User Risk: low or medium TransacRon risk: medium AcRon: allow transac:on or request step-up using addi:onal factor Result: transac:on allowed aver two-factor authen:ca:on 31
26 RBA: Fraud Preven:on RBA checks the pre-requisites Login+pass Device fingerprint Geoloca:on, IPaddress, etc. Behaviour palern Transac:on metadata Metadata from the other systems Current operaron pazern: Fraudster alempts to make non-legal transac:on Entered correctly from the first try New device, no background or red-flags. Non-typical geoloca:on and IP-address Non-typical behavior Risky transac:on and/or fraud signs Red alerts from the other systems: e.g. new mobile number was added recently User Risk: high TransacRon risk: high AcRon: request step-up using addi:onal factor Result: transac:on denied because of authen:ca:on failure 32
27 Unified authen:ca:on plaborm concept Bank s systems Channels ACS Partners Universal id Authen:ca:on plaborm s API Key principles Ac:on s risk measurement Dynamic challenge selec:on Mul:factor authen:ca:on Mul:modal biometrics Basic authen:ca:on subsystem Analy:cs and decision subsystem Biometrics management subsystem pwd otp token face voice palm External models and data sources Biometrics role Addi:onal trust factor for ID One of the many authen:ca:on factors Comfortable tool for end-users 33 27
28 Next steps for applica:on Iden:fy and categorize all the authen:ca:on op:ons used Iden:fy all channels, where authen:ca:on is needed Create matrix of applicability for channels and auth factor Set weight s for auth factors in each channel Biometric tuning is a must Integrate biometrics with IAM and fraud-monitoring solu:ons 28
29 THANKS! QUESTIONS? Anton Mitrofanov Leyla Goncharenko
Mul$factor Iden$ty Verifica$on without Prior Rela$onship
The work reported here was sponsored by a SBIR Phase I grant from the US Department of Homeland Security. It does not necessarily reflect the posi$on or policy of the US Government. Mul$factor Iden$ty
More informationBiometric Authentication. Bringing End users and Enterprise on the same page
Biometric Authentication Bringing End users and Enterprise on the same page 1 ABOUT SPEECHPRO SpeechPro is a World Leader in Speech Technology with customers in 75 countries SpeechPro is part of the global
More informationTrust Eleva,on Architecture v03
Trust Eleva,on Architecture v03 DISCUSSION DRAFT 2015-01- 27 Andrew Hughes 1 Purpose of this presenta,on To alempt to explain the Trust Eleva,on mechanism as a form of ALribute Based Access Control To
More informationHalkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN
Halkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN http://www.halkynconsulting.co.uk info@halkynconsulting.co.uk Password Security By T Wake CISSP CISM CEH 20/06/2011 Contents
More informationCIS 4360 Secure Computer Systems Biometrics (Something You Are)
CIS 4360 Secure Computer Systems Biometrics (Something You Are) Professor Qiang Zeng Spring 2017 Previous Class Credentials Something you know (Knowledge factors) Something you have (Possession factors)
More informationITSME: Mul*modal and Unobtrusive Smartphone User Authen*ca*on
ITSME: Mul*modal and Unobtrusive Smartphone User Authen*ca*on A
More informationCompu&ng Services Strengthening Authen&ca&on. October 2016
Compu&ng Services Strengthening Authen&ca&on October 2016 ID and password pair is the sole means of authen4ca4ng access AUTHENTICATION Current State o Email o File storage o Enterprise applica1ons (including
More informationA Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services
A Layered Approach to Fraud Mitigation Nick White Product Manager, FIS Payments Integrated Financial Services Session Agenda Growing Fraud Concerns Old Habits Die Hard Maneuvering through the Barriers
More informationMore than just being signed-in or signed-out. Parul Jain, Architect,
More than just being signed-in or signed-out Parul Jain, Architect, Intuit @ParulJainTweety Why do we care? TRUST & SECURITY EASE OF ACCESS Can t eliminate friction? Delay it Authentication Levels to balance
More informationFencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1
Fencing the Cloud with Identity Roger Casals Senior Director Product Management Shared vision for the Identity: Fencing the Cloud 1 Disclaimer Copyright 2014 Symantec Corporation. All rights reserved.
More informationFujitsu PalmSecure - the next level in security for SAP ERP and the HANA
Fujitsu PalmSecure - the next level in security for SAP ERP and the HANA pla@orm Mar$n Lum Vice President, Marke$ng, real$me NA Room IT, HANA & Project Leadership 25/10/2017 10:00 10:40 Radisson Hotel
More informationGaining Business Value from IoT
Gaining Business Value from IoT Digital Aviation Conference 2018 Thomas Bengs GM, Head of Biometrics EMEIA Enterprise Cybersecurity EMEIA Human Centric Innovation Co-creation for Success 0 2018 FUJITSU
More informationOpen Source Authen.ca.on: Security without High Cost. Donald E. Malloy LSExperts January 27 th, 2016
Open Source Authen.ca.on: Security without High Cost Donald E. Malloy LSExperts January 27 th, 2016 Why the need for Strong Authen.ca.on? Fraud con*nues to skyrocket 10 Million Americans were vic*ms of
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationHow to choose a Voice Biometrics Engine
Emilio Mar*nez emar%nez@agni%o- corp.com How to choose a Voice Biometrics Engine Voice Biometrics Engines Authen*ca*on solu*on vs. Voice Biometrics Engine 2 Selec2ng a VB Engine Voice Biometrics End Users
More informationMobility & Security Enhancing User Experience
Mobility & Security Enhancing User Experience Giovanni Carnovale Regional Sales Manager Central Europe Agenda 2 Core Activities How to Secure your Brand 3 VASCO s Core Activities User authentication Log-on
More informationFive Solu*ons for Remote Iden*ty Proofing
The work reported here was sponsored by a SBIR Phase I grant from the US Department of Homeland Security. It does not necessarily reflect the posinon or policy of the US Government. Five Solu*ons for Remote
More informationS2E is proud to partner with Intercede helping organizations to create and use trusted digital identities.
S2E is proud to partner with Intercede helping organizations to create and use trusted digital identities. 3 Who are Intercede? So%ware company specializing in iden5ty and creden5al management Focus on
More informationSecure hashing, authen/ca/on
Secure hashing, authen/ca/on root@topi:/etc# more shadow root:$6$1z2.cqoj$bib7hoc7byvsvclmpc1c5f/h.gaddflg1xa2fqknmaoabwzi1ysldik2gikuebeo ugj33w8h4qdiwyvamlfij2eu.:15138:0:99999:7::: daemon:*:15040:0:99999:7:::
More informationIDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO
IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO (US) @BEN_SMITH IDENTITY = THE MOST CONSEQUENTIAL ATTACK VECTOR Confirmed data breaches involving weak, default
More informationAWS Iden)ty And Access Management (IAM) Manohar Rapolu
AWS Iden)ty And Access Management (IAM) Manohar Rapolu Topics Introduc5on Principals Authen5ca5on Authoriza5on Other Key Feature -> Mul5 Factor Authen5ca5on -> Rota5ng Keys -> Resolving Mul5ple Permissions
More informationMESC Conference Security and Privacy for Medicaid Information Systems. Scott Glover Deloitte & Touche, LLP
MESC Conference Security and Privacy for Medicaid Information Systems Scott Glover Deloitte & Touche, LLP Agenda Security and privacy requirements for Medicaid systems Implementing or applying a security
More informationSecurity does not live on UI level T
Security does not live on UI level T-1105220 LECTURE 28032013 Jarmo Parkkinen What would google do? Google 2 step sign in surface Normal website user name + password Verifica9on code SMS or voice 6 digits
More informationJason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero.
Jason Polakis, Marco Lancini, Georgios Kontaxis, Federico Maggi, So5ris Ioannidis, Angelos Keromy5s, Stefano Zanero polakis@ics.forth.gr Annual Computer Security Applica5ons Conference (ACSAC) 2012 Introduc5on
More informationAccelerating growth and digital adoption with seamless identity trust
Accelerating growth and digital adoption with seamless identity trust IBM Trusteer helps organizations seamlessly establish identity trust across the omnichannel customer journey Let s get started 3 Introduction
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationInformation Security Management Systems Standards ISO/IEC Global Opportunity for the Business Community
Information Security Management Systems Standards ISO/IEC 27001 Global Opportunity for the Business Community Prof. Edward (Ted) Humphreys IPA Global Symposium 2013 23 rd May 2013, Tokyo, Japan CyberSecurity
More informationThe Need for Biometric Authentication
The Need for Biometric Authentication Presented previously at: InfoTec 2002 DefCon 10 in Las Vegas NebraskaCERT 2002 Mutual of Omaha ConAgra Foods Presented by: Nate Rotschafer Peter Kiewit Institute Revised:
More informationFraud Update: Why Fraudsters Love Wires and How to Stop Them. Luis Rojas, Director, Product Management WesPay 2014
Fraud Update: Why Fraudsters Love Wires and How to Stop Them Luis Rojas, Director, Product Management WesPay 2014 Competitive Pressures Drive Fraud and Operational Risk Availability Of Information Creates
More informationVoice, Face and Behavioural Biometrics
Voice, Face and Behavioural Biometrics Authentication & Fraud Prevention in the age of Virtual Assistants Brett Beranek, Director Product Strategy, Biometrics, Security & Fraud 2016 Nuance Communications,
More informationMonitise. RSA Adaptive Authentication On-Premise Implementation Guide. Partner Information. Monitise Mobile Banking Solution
RSA Adaptive Authentication On-Premise Implementation Guide Partner Information Last Modified: June 12, 2013 Product Information Partner Name Web Site www.monitise.com Product Name Version & Platform 5.0
More informationDigital Identity Trends in Banking
i-sprint Innovations Identity and Security Management Solution Provider Digital Identity Trends in Banking Banking Vietnam 2017 Proven Bank Grade Identity and Security Management Solution Designed, Architected
More informationUser Authentication Best Practices for E-Signatures Wednesday February 25, 2015
User Authentication Best Practices for E-Signatures Wednesday February 25, 2015 Agenda E-Signature Overview Legality, Authentication & Best Practices Role of authentication in e-signing Options and applications
More informationITU-T SG 17 Q10/17. Trust Elevation Frameworks
ITU-T SG 17 Q10/17 Trust Elevation Frameworks Abbie Barbir, Ph.D. ITU-T SG 17 Q10 Rapporteur Martin Euchner SG 17 Advisor ITU Workshop on "Future Trust and Knowledge Infrastructure July 1 2016 Contents
More informationAn introduc/on to Sir0i
Authen4ca4on and Authorisa4on for Research and Collabora4on An introduc/on to Sir0i Addressing Federated Security Incident Response Hannah Short CERN hannah.short@cern.ch TF-CSIRT May, 2016 Agenda Federated
More informationNew PCI DSS Version 3.0: Can it Reduce Breaches? Dharshan Shanthamurthy, CEO, SISA Informa2on Security Inc. Core Competencies C11
New PCI DSS Version 3.0: Can it Reduce Breaches? Dharshan Shanthamurthy, CEO, SISA Informa2on Security Inc. Core Competencies C11 SISA Informa2on Security Formal Risk Assessment Specialists Authors of
More informationMarkus Jakobsson Elaine Shi Philippe Golle Richard Chow (Palo Alto Research Center) Thanks to Yuan Niu (UC Davis)
Implicit Authentication for Mobile Devices Markus Jakobsson Elaine Shi Philippe Golle Richard Chow (Palo Alto Research Center) Thanks to Yuan Niu (UC Davis) Authentication trends Increased demand for authentication
More informationIntegrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement
Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement The Challenge: Smarter Attackers and Dissolving Perimeters Modern enterprises are simultaneously
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Biometric information protection
INTERNATIONAL STANDARD ISO/IEC 24745 First edition 2011-06-15 Information technology Security techniques Biometric information protection Technologies de l'information Techniques de sécurité Protection
More informationPut Identity at the Heart of Security
Put Identity at the Heart of Security Strong Authentication via Hitachi Biometric Technology Tadeusz Woszczyński Country Manager Poland, Hitachi Europe Ltd. 20 September 2017 Financial security in the
More informationDatasheet Fujitsu PalmSecure Contactless Biometrics Authentication
Datasheet Fujitsu PalmSecure Contactless Biometrics Authentication Award-winning Contactless Authentication Technology Verifies An Individual s Identity by Recognizing Palm Vein Patterns enabling dynamic
More information3DS2 and Strong Auth with PR API. Ian Jacobs, April 2018
3DS2 and Strong Auth with PR API Ian Jacobs, April 2018 Overview 3DS2 Summary How best to pair 3DS2 as specified with PR API (e.g., for use cases where already required by regulation). Identify opportunities
More informationOverview of the ISO/IEC Project
Overview of the ISO/IEC 30107 Project Anti-Spoofing and Liveness Detection Techniques Elaine Newton, PhD NIST elaine.newton@nist.gov 1-301-975-2532 1 Authentication Use Case For law enforcement, immigration,
More informationDigitalPersona Altus. Solution Guide
DigitalPersona Altus Solution Guide Contents DigitalPersona... 1 DigitalPersona Altus Solution... 4 MODULAR SOLUTION CREATE-CONFIRM-CONTROL... 4 EXPERT SERVICES ASSESS-DESIGN-DEPLOY-SUPPORT... 5 DigitalPersona
More informationA STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT
A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT Seungjae Shin, Mississippi State University, 1000 HWY 19N Meridian MS 39307, sshin@meridian.msstate.edu, (601)484-0160 Jerry Cunningham,
More informationAuthentication Work stream FIGI Security Infrastructure and Trust Working Group. Abbie Barbir, Chair
Authentication Work stream FIGI Security Infrastructure and Trust Working Group Abbie Barbir, Chair Security, Infrastructure, Trust Working Group To enhance confidence in using Digital Financial Services
More informationJohn Snare Chair Standards Australia Committee IT/12/4
John Snare Chair Standards Australia Committee IT/12/4 ISO/IEC 27001 ISMS Management perspective Risk Management (ISO 31000) Industry Specific Standards Banking, Health, Transport, Telecommunications ISO/IEC
More informationUsing Biometric Authentication to Elevate Enterprise Security
Using Biometric Authentication to Elevate Enterprise Security Biometric authentication in the enterprise? It s just a matter of time Mobile biometric authentication is officially here to stay. Most of
More informationThe Future of Authentication
The Future of Authentication Table of Contents Introduction Facial Recognition Liveness Detection and Multimodal Biometrics FIDO: Standards-Based, Password-Free Authentication Biometric Authentication
More informationCSCE 548 Building Secure Software Biometrics (Something You Are) Professor Lisa Luo Spring 2018
CSCE 548 Building Secure Software Biometrics (Something You Are) Professor Lisa Luo Spring 2018 Previous Class Credentials Something you know (Knowledge factors) Something you have (Possession factors)
More informationAchieving online trust through Mutual Authentication
Achieving online trust through Mutual Authentication Agenda Where do we need trust online? who are the affected parties? Authenticating the site to a consumer V by V and SecureCode, next generation browsers
More informationHow Big Data Enables building Risk Profiles. Kayvan Alikhani. RSA, Senior Director of Technology
RISK ß à Auth How Big Data Enables building Risk Profiles Kayvan Alikhani RSA, Senior Director of Technology 1 RISK BASED AUTHENTICATION Local Auth History Devices Network Apps Sessions PASS Desktop or
More informationAuthentication and Fraud Detection Buyer s Guide
Entrust, Inc. North America Sales: 1-888-690-2424 entrust@entrust.com EMEA Sales: +44 (0) 118 953 3000 emea.sales@entrust.com November 2008 Copyright 2008 Entrust. All rights reserved. Entrust is a registered
More informationMobile software security Building trust in mobile apps
Mobile software security 2016 More use of mobile devices 53% Of polled smart phone users say they use their device to pay online - 2014 26 Times per month for mobile apps usage against less than twice
More informationSeaCat: an SDN End- to- end Applica4on Containment ArchitecTure
: an SDN End- to- end Applica4on Containment ArchitecTure Enabling Secure Role Based Access To Sensi5ve Healthcare Data Junguk Cho, David Johnson, Makito Kano, Kobus Van der Merwe and Brent Elieson Mo4va4on
More informationRSA Web Threat Detection
RSA Web Threat Detection Online Threat Detection in Real Time Alaa Abdulnabi. CISSP, CIRM RSA Pre-Sales Manager, TEAM Region 1 Web Threat Landscape In the Wild Begin Session Login Transaction Logout Web
More informationUniversal Representation of a Consumer's Identity Is it Possible? Presenter: Rob Harris, VP of Product Strategy, FIS
Universal Representation of a Consumer's Identity Is it Possible? Presenter: Rob Harris, VP of Product Strategy, FIS Topics Consumer identity why it is important How big a problem is identity fraud? What
More informationFrom the Iriscode to the Iris: A New Vulnerability Of Iris Recognition Systems
From the Iriscode to the Iris: A New Vulnerability Of Iris Recognition Systems Javier Galbally Biometrics Recognition Group - ATVS Escuela Politécnica Superior Universidad Autónoma de Madrid, SPAIN http://atvs.ii.uam.es
More informationCIBC FirstCaribbean Mobile App. FREQUENTLY ASKED QUESTIONS (FAQs)
CIBC FirstCaribbean Mobile App FREQUENTLY ASKED QUESTIONS (FAQs) 1. What is the CIBC FirstCaribbean Mobile App? A: The CIBC FirstCaribbean Mobile App allows you to complete everyday banking functions on
More informationPSD2: Risks, Opportunities and New Horizons
PSD2: Risks, Opportunities and New Horizons Contents 02 Timeline 3 April, 2014 Parliamentary plenary session 23 July, 2014 Further compromise text 14 October, 2014 Further compromise text 31 December,
More informationApplying biometric authentication to physical access control systems
Applying biometric authentication to physical access control systems Published on 24 Jul 2018 Over the past few years, biometrics has rapidly expanded into consumer applications, like the financial market
More informationPassive Detection. What is KIVOX Passive Detection? Product Datasheet. Key Benefits. 3 APIs in one product
Passive Detection Product Datasheet KIVOX Passive Detection is part of the KIVOX 4.0 family of products. KIVOX 4.0 brings our partners the full potential of real voice biometrics technology by providing
More informationFIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication
FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication Jeremy Grant Managing Director, Technology Business Strategy Venable LLP jeremy.grant@venable.com @jgrantindc Digital: The Opportunity
More informationPALM VEIN TECHNOLOGY
Palm Vein Technology 1 SRI VASAVI ENGINEERING COLLEGE Pedatadepalli, West Godavari Dist, A.P Department of Electrical & Electronics Engineering SEMINAR ON PALM VEIN TECHNOLOGY (TOUCHING THE PERFECTION)
More informationInternet is Global. 120m. 300m 1.3bn Users. 160m. 300m. 289m
UAF Protocol Internet is Global 120m 300m 1.3bn Users 160m 289m 300m #Users 2014 Google: 2013 Twitter: 2015 Devices without physical keyboard How Secure is Authentication? Cloud Authentication Password
More informationProduct Questions: 62/3Case Study Version: 8.0
Questions & Answers PDF P-1 Vendor: Microsoft Exam Code: MS-101 Exam Name: Microsoft 365 Mobility and Security Version: DEMO Product Questions: 62/3Case Study Version: 8.0 Case Study: A. Datum Overview
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationInnovative Authentication method for boosting Mobile Connect global roll-out
Innovative Authentication method for boosting Mobile Connect global roll-out GB Patent Pending 1803719.2 US Patent Pending 15928348 IPification solution could very well be what is missing to 2018, Shanghai
More informationPSD2 webinar session - Q&A
PSD2 webinar session - Q&A Q: How does hardware based solutions such as OTP tokens will provide dynamic linking with single transactions? In general, users can enter payment information, such as the amount
More informationSECURE ENTRY SYSTEM USING MOVE ON APPS IN MOBILITY
SECURE ENTRY SYSTEM USING MOVE ON APPS IN MOBILITY Page 1 [1] Karthik. T, [2] Ganeshselvan. N, [3] Janagaraj. V, [4] Nandha Kumar. N Angel College of Engineering and Technology, [1] teekarthik@gmail.com,
More informationPSD2 Compliance - Q&A
PSD2 Compliance - Q&A Q: How do hardware-based solutions such as OTP tokens provide dynamic linking with single transactions? In general, users can enter payment information such as the amount of money
More informationBiometric Security Roles & Resources
Biometric Security Roles & Resources Part 1 Biometric Systems Skip Linehan Biometrics Systems Architect, Raytheon Intelligence and Information Systems Outline Biometrics Overview Biometric Architectures
More informationAdd other bank account or card as beneficiary to your Internet Banking
Please Type your user ID and password in the respective fields STEP 1: Adding beneficiary Add other bank account or card as beneficiary to your Internet Banking Please click on Fund transfer & Card Your
More informationCloud Adop)on, Risks & Security & GDPR An Ac)on Guide
April 2016 Cloud Adop)on, Risks & Security & GDPR An Ac)on Guide Nigel Hawthorn, Skyhigh Networks Cloud Adop)on and Risk Agenda Skyhigh Networks An Introduc)on European Cloud Adop)on and Risk Report Q1
More informationFOR FINANCIAL SERVICES ORGANIZATIONS
RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly
More informationSecure Access & SWIFT Customer Security Controls Framework
Secure Access & SWIFT Customer Security Controls Framework SWIFT Financial Messaging Services SWIFT is the world s leading provider of secure financial messaging services. Their services are used and trusted
More informationSmart Card and Biometrics Used for Secured Personal Identification System Development
Smart Card and Biometrics Used for Secured Personal Identification System Development Mădălin Ştefan Vlad, Razvan Tatoiu, Valentin Sgârciu Faculty of Automatic Control and Computers, University Politehnica
More informationMobile Devices prioritize User Experience
Mobile Security 1 Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile
More informationMagento Extension User Guide: Web Services Version 3.6.1
Version 3.6.1 This document explains how to install the official Secure Trading extension on your Magento store. Published: 3 August 2017 Table of Contents 1 Introduction... 3 1.1 Features... 3 1.2 Requirements...
More informationPrepaid Solutions For Transit
Prepaid Solutions For Transit Who is the Prepaid Cardholder February 17, 2011 Contact: Brian Hedberg, EVP Office: 612.466.7370 bhedberg@readycreditcorp.com Who is the Prepaid Cardholder? Mike Carlos Gloria
More informationGDPR How we can help. Solvit Networks CA. ALL RIGHTS RESERVED.
GDPR How we can help Solvit Networks 01.11.2017 2016 CA. ALL RIGHTS RESERVED. GDPR The facts The General Data Protection Regulation (GDPR) applies to all companies trading in the EU and processing personal
More informationCIBC FirstCaribbean Mobile App. FREQUENTLY ASKED QUESTIONS (FAQs) Page 1 of 9
CIBC FirstCaribbean Mobile App FREQUENTLY ASKED QUESTIONS (FAQs) 1. What is the CIBC FirstCaribbean Mobile App? A: The CIBC FirstCaribbean Mobile App allows you to complete everyday banking functions on
More informationFighting Fraud with Behavioral Biometrics and Cognitive Fraud Detection. IBM Security s Brooke Satti Charles on the Power of These New Capabilities
Fighting Fraud with Behavioral Biometrics and Cognitive Fraud Detection IBM Security s Brooke Satti Charles on the Power of These New Capabilities SPONSORED BY As fraudsters continually refine their techniques
More informationNon Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc.
Identities Non Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc. Device Identifiers Most devices we are using everyday have (at least)
More information10 April 2016 Mobcon Europe Sofia, Bulgaria. DSK Bank s. experience in the field of Mobile applications
DSK Bank 1 10 April 2016 Mobcon Europe Sofia, Bulgaria DSK Bank s experience in the field of Mobile applications 2004 - launch of first e-channel for DSK Bank Provided to business clients. Run by dedicated
More informationNetwork Security: Firewall, VPN, IDS/IPS, SIEM
Security: Firewall, VPN, IDS/IPS, SIEM Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr What is a Firewall? A firewall is hardware, software, or a combination of both that is used to prevent unauthorized
More informationInfrastructure Analy=cs: Driving Outcomes through Prac=cal Uses and Applied Data Science at Cisco
Copyright 2016 Splunk Inc. Infrastructure Analy=cs: Driving Outcomes through Prac=cal Uses and Applied Data Science at Cisco MaM Birkner Ian Hasund Robert Novak Dis=nguished Engineer, Cisco Chief Architect,
More informationFSN-PalmSecureID-for ATM Machines
T he application of biometric solutions in ATMs and electronic point-of-sale solutions provide a high- security environment. By using a smartcard, on which the client's unique palm vein pattern is stored,
More informationLab 8: Firewalls & Intrusion Detec6on Systems
Lab 8: Firewalls & Intrusion Detec6on Systems Fengwei Zhang Wayne State University CSC Course: Cyber Security Prac6ce 1 Firewall & IDS Firewall A device or applica6on that analyzes packet headers and enforces
More informationInformation Security Identification and authentication. Advanced User Authentication II
Information Security Identification and authentication Advanced User Authentication II 2016-01-29 Amund Hunstad Guest Lecturer, amund@foi.se Agenda for lecture I within this part of the course Background
More informationFace recognition for enhanced security.
Face recognition for enhanced security. Cognitec Systems - the face recognition company FaceVACS : Face Recognition Technology FaceVACS Face Recognition Technology Cognitec s patented FaceVACS technology
More informationSecurity Strategy for Mobile ID GSMA Mobile Connect Summit
Security Strategy for Mobile ID GSMA Mobile Connect Summit Singapore, 22 nd November 2017 G+D Mobile Security G+D Mobile Security: Managing Billions of Connected Digital Identities Today 660 million contactless
More informationHow. Biometrics. Expand the Reach of Mobile Banking ENTER
How Biometrics Expand the Reach of Mobile Banking ENTER Table of Contents 01 The Mobile Banking Opportunity 02 What s Suppressing Mobile Adoption? 03 Onboarding Challenges: Proving One s Identity 04 Authentication
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationExploring the potential of Mobile Connect: From authentication to identity and attribute sharing. Janne Jutila, Head of Business Development, GSMA
Exploring the potential of Mobile Connect: From authentication to identity and attribute sharing Janne Jutila, Head of Business Development, GSMA Fragility of passwords No matter what you tell them, users
More informationUS Secret Service National Threat Assessment Center (NTAC), Insider threat study (2004)
US Secret Service National Threat Assessment Center (NTAC), Insider threat study (2004) 83% of incidents executed from within organization, during normal business hours Financial loss in almost all insider
More informationDIGITAL IDENTITY TRENDS AND NEWS IN CHINA AND SOUTH EAST ASIA
DIGITAL IDENTITY TRENDS AND NEWS IN CHINA AND SOUTH EAST ASIA 1 SECURING DIGITAL IDENTITY THE KEY TO ASIA S VAST POTENTIAL IN E-COMMERCE We are living through an exciting time for digital commerce in Asia.
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationCisco Advanced Malware Protec3on
Cisco Advanced Malware Protec3on Malware is an ever- growing problem The Reality: Organiza3ons Are Under AAack 95% of large companies targeted by malicious traffic 100% of organiza3ons interacted with
More information