The new standard for user authentication

Similar documents
Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

MUTUAL RECOGNITION MECHANISMS. Tahseen Ahmad Khan

Overview of PBI-blockchain cooperation technology

Identity & security CLOUDCARD+ When security meets convenience

Put Identity at the Heart of Security

Continuous auditing certification

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

Trust Services for Electronic Transactions

New Paradigms of Digital Identity:

Natural Security Alliance

Introduction to Device Trust Architecture

CEN and CENELEC Position Paper on the draft regulation ''Cybersecurity Act''

Assuring Identity. The Identity Assurance Framework CTST Conference, New Orleans, May-09

Safelayer's Adaptive Authentication: Increased security through context information

The Benefits of Strong Authentication for the Centers for Medicare and Medicaid Services

Identity and Authentication PKI Portfolio

Introduction of the Identity Assurance Framework. Defining the framework and its goals

Strategies for the Implementation of PIV I Secure Identity Credentials

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing

Mobile: Purely a Powerful Platform; Or Panacea?

Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans

Natural Security Alliance

Business Models in Mobile NFC Services

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

FIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS. Jeremy Grant. Managing Director, Technology Business Strategy Venable LLP

Séminaire sur la Certification Electronique

Secure Card Reader Authenticators

FINGER VEIN SERVER FOR RETAIL BANKS

Authentication and Fraud Detection Buyer s Guide

white paper SMS Authentication: 10 Things to Know Before You Buy

The future of mobile banking

How Mobile is Reshaping Payments

A NEW MODEL FOR AUTHENTICATION

The Open Application Platform for Secure Elements.

How the European Commission is supporting innovation in mobile health technologies Nordic Mobile Healthcare Technology Congress 2015

Accelerate Your Enterprise Private Cloud Initiative

Session 2: Understanding the payment ecosystem and the issues Visa Europe

DigitalPersona Altus. Solution Guide

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Single Secure Credential to Access Facilities and IT Resources

PIN Entry & Management

Security and resilience in Information Society: the European approach

Dissecting NIST Digital Identity Guidelines

Building an Assurance Foundation for 21 st Century Information Systems and Networks

SEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop January 2011 Sophia Antipolis, France

DIGITAL IDENTITY TRENDS AND NEWS IN CHINA AND SOUTH EAST ASIA

Mobile Security / Mobile Payments

Trusted Computing Group

Identity Assurance Framework: Realizing The Identity Opportunity With Consistency And Definition

World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014

V.V. COLLEGE OF ENGINEERING

19 th Year of Publication. A monthly publication from South Indian Bank.

Swedish bank overcomes regulatory hurdles and embraces the cloud to foster innovation

PKI is Alive and Well: The Symantec Managed PKI Service

eid Applications Cross Border Authentication

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Secure Government Computing Initiatives & SecureZIP

Leveraging HSPD-12 to Meet E-authentication E

DoD Common Access Card Convergence of Technology Access/E-Commerce/Biometrics

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

Will Federated Cross Credentialing Solutions Accelerate Adoption of Smart Card Based Identity Solutions?

About MagTek. PIN Entry & Management

Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy

Security Policies and Procedures Principles and Practices

Strong Customer Authentication and common and secure communication under PSD2. PSD2 in a nutshell

Identity Management: Setting Context

HONG KONG. www,esclgov,hk. Electronic Service Delivery Scheme ELECTRONIC SERVICE DELIVERY. & x m m 9 9= ft

Authentication Technology for a Smart eid Infrastructure.

INVESTOR PRIMER FOR PUBLIC CIRCULATION 2018

Efficient, broad-based solution for a Swiss digital ID

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

How Next Generation Trusted Identities Can Help Transform Your Business

Who What Why

December 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit

Now there is: Asignio web-based signature authentication.

Stakeholder and community feedback. Trusted Digital Identity Framework

The Honest Advantage

Point ipos Implementation Guide. Hypercom P2100 using the Point ipos Payment Core Hypercom H2210/K1200 using the Point ipos Payment Core

THE ROLE OF ADVANCED AUTHENTICATION IN CYBERSECURITY FOR CREDIT UNIONS AND BANKS

ebook - TRUSTED esim TESTING FRAMEWORK - June 2016 BUILDING A TRUSTED EMBEDDED SIM TESTING FRAMEWORK IN THE AGE OF IOT

Technology Competence Initiative

A Safer World. A Secure Tomorrow. SECURITY AUDITS CONSULTANCY TRAINING.

Electronic Commerce Working Group report

Solution Guide for Secure Access Using FabulaTech Remote Scanner and Biometric Solutions, VXL Thin Clients and Citrix Workspaces

Information Technology (CCHIT): Report on Activities and Progress

National Strategy for Trusted Identities in Cyberspace

Federated Authentication for E-Infrastructures

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

Challenges in Aadhaar Implementation : Opportunities for products and innovations Proposal Presentation

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Citizen Biometric Authentication based on e-document verification. e-government perspective. Mindshare Ruslans Arzaniks Head of Development

Singapore s National Digital Identity (NDI):

DECISION OF THE EUROPEAN CENTRAL BANK

Biometrics. Overview of Authentication

Trusted Computing Today: Benefits and Solutions

2 The IBM Data Governance Unified Process

The Aadhaar Project NANDAN NILEKANI CHAIRMAN UNIQUE IDENTIFICTION AUTHORITY OF INDIA

DIGITAL CASHLESS BANKING STATE BANK OF INDIA STATE BANK LEARNING CENTRE

Transcription:

+ + The new standard for user authentication the convenient authentication

03 Summary 04 How does it work? 05 Benefits of convenient authentication for end users 06 Use cases 07 Click & Mortar 08 Natural Security as a business enabler 09 About Natural Security 09 Core values 10 Milestones 10 Ns community 11 Biometrics Alliance Initiative 12 Contact

www.naturalsecurity.com Summary In a world of change where business and security rules are constantly evolving, individuals, companies and institutions need better tools for managing identities and access to services. By developing a convenient, secure standard for strong authentication, Natural Security meets this requirement. Through the combination of something I have (a personal device such as a keyfob, a mobile phone or a smart card) and something I am (my biometric data), Natural Security enables end users to be reliably authenticated and controlled to execute transactions. Natural Security aspires to be synonymous with speed and security for secure transactions such as payment while at the same time guaranteeing both the protection and privacy of personal data. The standard defined and maintained by Natural Security : Solves strong authentication challenges for physical and logical access, payment, electronic signature and access to services ; Is universal and can be used in different contexts (online, in stores, in banks, at ATMs and vending machines) ; Meets the business needs of issuers, retailers and service providers. 03

How does it work? Natural Security has developed the authentication solution of the future by combining a personal device, mid-range contactless technology and biometrics. The personal device, which is built around a secure element, stores both applications and data used to authenticate the user, resolving many issues related to security and privacy. Mid-range contactless technology provides a unique and convenient experience for users by sparing them the need to physically handle their device. Biometric technology means convenience and simplicity for end users (no PIN code to enter) while guarantying that the end-user is present during the transaction. To be authenticated, customers simply place a finger on a device. It is the same user experience, gesture and device in all situations, whether for face to face or online transactions. + + = 4 04

www.naturalsecurity.com Benefits of convenient authentication for end users Natural Security means convenience and simplicity for end users (e.g. no smart card to manipulate, no PIN code to enter). The solution is universal and targets payment transactions and access to services in different environments (at home or work, over the Internet or in-store). Fast Authentication is fast as no code is required. The customer authenticates himself by simply placing his finger on a payment terminal, an ATM or a reader connected to a computer. The customer does not have to search and take out a card or any other means of payment from his pocket. Secure Natural Security has introduced an authentication solution that can be systematically used for all transactions. Based on biometrics, it ensures transactions can only be completed when both the user and the device are present. The customer no longer needs to enter his PIN code in front of others to be authenticated. End-user information and communications are encrypted and securely stored. Privacy compliant Privacy is inherent to Natural Security. The technology prevents tracking of individual users, for example when they enter a store. It does not use databases; instead, biometric information is securely stored on the consumer device itself, under the individual user s control at all times. 05

Use cases Natural Security is designed for situations where verification of individuals is critical, especially for payment operations and to control access to premises or Internet resources. Banks can implement Natural Security to protect and simplify the various points of contact with customers, while capitalizing on the trusted relationships already established with these customers. In retail, it can be used to improve customer experience and leverage synergies between different distribution channels. Other companies can use Natural Security to control access to physical and information resources without any inconvenience for employees. Payment The use of biometrics guarantees that the device and its owner are at the same place at the same time. The voluntary action involved controlled entirely by the owner, made of his own volition, and requiring his physical presence resolves the problems caused by loss or theft of a means of payment, all the while ensuring transactions cannot be repudiated. In addition, because Natural Security relies on contactless technology, it spares users the need to physically handle the device, thereby optimizing payment operations both in stores and online. Physical and logical access control When used for access control, Natural Security provides an additional level of security and simplifies the ergonomics involved in authenticating employees. It enables companies that use access cards to enhance protection of sensitive zones by locally deploying biometric readers without having to completely change their infrastructure. For companies that already use a biometric system linked to a database, this technology increases security by requiring the presence of three factors (the personal device, the device owner and an optional code). The transaction is executed using mid-range contactless technology combined with biometric user authentication. Natural Security comes in response to the increasing number of IDs and passwords required to access remote services such as online banking, email accounts and social networks. It simplifies services requiring authentication while increasing security by requiring the presence of both the individual and the data on the personal device. 06

www.naturalsecurity.com Click & Mortar Natural Security aspires to be synonymous with speed and security for service providers, banks and shops while at the same time guaranteeing both the protection and privacy of personal data for end users. Click Mortar 07

Natural Security as a business enabler For issuers Natural Security is the best way for issuers to monetize one of their most important assets : KYC (Know Your Customer) by guaranteeing the identity of the user on every channel. For merchants Natural Security improves customer experience with a convenient and fast way to pay, to sign and benefits from customer authentication whatever distribution channels (internet, shops). For payment, the use of biometrics guarantees that the device and its owner are at the same place at the same time. The voluntary action involved controlled entirely by the owner, made of his own volition, and requiring his physical presence resolves the problems caused by the loss or theft of a means of payment, all the while ensuring transactions cannot be repudiated. For service providers Natural Security brings to the market a high level of security combined with a fast and convenient way to authenticate a customer. For banks Banks can implement Natural Security to protect and simplify the various points of contact with customers (ATM, internet, branch offices) while capitalizing on the trusted relationships already established with these customers. For corporate usage Natural Security allows to control access to physical and information resources without any inconvenience for employees. Natural Security provides an additional level of security and simplifies the ergonomics involved in authenticating employees. For manufacturers Natural Security develops an authentication standard for the industry based on requirements from issuers, banks, retailers and service providers. 08

www.naturalsecurity.com About Natural Security Financed by companies in the retail, banking and industrial sectors, Natural Security reflects the business needs associated with the use of biometrics to protect transactions and access services. Natural Security develops and maintains the specifications for its strong authentication standard, which are available through licenses to all industrial organizations and users interested in developing solutions. These specifications provide background details on the technology, descriptions of individual implementations (in particular, the type of biometrics and secure element used) and evaluations. In this way, Natural Security can recommend the most suitable technology for different use cases. Natural Security provides leading-edge solutions for key global sectors, including the payment, banking and retail industries. Stakeholders include banks (Banque Accord, BNP Paribas, Crédit Agricole, Crédit Mutuel Arkéa), retailers (Auchan, Leroy Merlin) and a manufacturer (Ingenico). Core Values Natural Security has defined the four conditions it considers crucial to developing a consumer market for 2 factors authentication based on biometrics : 1 > An evaluation of the different biometric technologies conducted in real-life situations rather than in laboratories, such as the one performed by the Biometrics Alliance Initiative. This type of evaluation, which looks at security, performance and usability, is designed to assess biometric technologies according to the same criteria as other technologies used in the banking industry. Natural Security is a founding member of Biometrics Initiative Alliance 2 > Storage of authentication data and applications on a personal device that, in addition to providing better protection, can be used in various situations and environments. This facilitates the development of new usage, which companies can then adopt to expand their business model; 3 > Definition of a quality mark to educate final users and bolster confidence; 4 > A privacy by design approach that addresses personal data protection and privacy issues prior to the design phase. 09

Milestones 2006 Project started by banks and retailers 2008 Company creation. General availability of the first version of the specs, first proofs of concept 2010 NetExplorateur Award 2011 2011-2012 Launch of the commercial phase Several pilots planned in 2012: payment (open and close loop), access control (physical and logical), mobile payment Development of industrial «off-the-shelf» NS products Awards : Technology award 2010 Publi-News NetExplorateur 2011 Innovative Payments award 2011 Publi-News Grand Prix Entreprises et Cités 2011 «Société Industrielle du Nord» Nominee for the Florin Transaction Services Innovation Award 2012 NS community Natural Security defined the specifications for a strong authentication system that relies on a contactless secure element and biometrics. This system quickly, ergonomically and securely authenticates users for payment transactions, electronic signatures and access to services. Use of a personal device ensures that the final user s personal data and privacy are protected, while facilitating authentication in different contexts, including at home, at the store, in a bank or at an ATM or vending machine. As part of the development process, Natural Security wanted to create a «Natural Security community» where its members could discuss the solution and the various ways in which it can be used. The community is designed to bring together the different parties involved in building the Natural Security ecosystem. These members include companies that use the solution (e.g. retailers, banks, service companies), industrial companies and integrators, as well as experts and associations interested in understanding the relevant issues and helping deploy Natural Security s concepts and technologies. 10

www.naturalsecurity.com Biometrics Alliance Initiative The Biometrics Alliance Initiative, which has its roots in the observation shared by current and potential users that biometric technologies are difficult to evaluate, held its first working conference on February 1, 2012. The lack of both a recognized certification process for biometric technologies and a harmonized European standard directly impacts the confidence users have in this type of technology. Even though standards already exist to ensure biometric systems are interoperable (especially government applications), widespread adoption of these standards for commercial applications and within companies would require the creation of suitable frameworks for evaluating the performance, security and usability of such systems. Not all biometric technologies or their implementations are created equal: some are built for convenience whereas others are designed to reinforce security. By characterizing, classifying and evaluating biometric systems, whether in relation to usage contexts or not, stakeholders can help users learn, and continue, to trust biometrics. The Biometrics Alliance Initiative was created to fulfill this need to establish security, usability and performance measures and standards for biometric technologies. It aims to define a testing, certification and accreditation process, including testing procedures, to ensure biometric solutions provide a level of security that both meets the needs in question and complies with international standards, especially banking standards. The objective is to provide Biometrics Alliance Initiative members with the building blocks for a framework that can be used to evaluate biometric technologies. As such, the organization is working to express and formalize user needs, as well as to provide concrete operational recommendations for parties involved in developing biometric solutions. For biometric companies, then, the Biometrics Alliance Initiative provides a means of both formally identifying user needs and business requirements, and establishing a transparent evaluation methodology that relies on objective criteria and does not hamper competition. The Biometrics Alliance Initiative is ultimately looking to establish an industry standard to benefit as many different parties concerned by the use of biometric technologies as possible. A significant number of stakeholders have already taken an interest in this initiative, including government bodies, the banking industry and individual companies. Founders and members of the Biometric Alliance Initiative include Banque Accord, the Innovation Centre of Contactless Technologies (CITC EuraRFID), Ensicaen, Leroy Merlin, Natural Security, Paycert, TazTag, Underwriters Laboratories (UL), Vauban Systems and Wincor- Nixdorf. 11

Please send a mail to contact@naturalsecurity.com or visit us on www.naturalsecurity.com the convenient authentication

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback