SE-4110, Securing Identities in the Cloud, by Martin Ahlers

920 views
739 views

Published on

Presentation SE-4110 by Martin Ahlers at the AMD Developer Summit (APU13) November 11-13, 2013.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
920
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

SE-4110, Securing Identities in the Cloud, by Martin Ahlers

  1. 1. Top Things to Consider When Authenticating Web Applications © 2013 - VASCO Data Security November 2013
  2. 2. Increasing need to protect our online activities End users !  !  !  !  Confidential data leakage Cyber bullying “Gold farming” Identity theft 2012: Hackers able to access users’ personal data for use in phishing attacks 2012: Hacker able to access billing information and other accounts © 2013 - VASCO Data Security 2012: Exposed 6 million user account passwords ASP’s !  !  !  !  Lost revenues Tarnished brand Low data integrity Subscriber churn 2013: Hackers posted fake news about bombing of the White House, Dow Jones dropped 100 points 2013: 10 million people watch Netflix without paying for it by sharing passwords 2013: Hackers able to access customer names, credit/debit cards and expiration dates of 2.9 million customers, and up to 38 million ID’s and passwords 2
  3. 3. Agenda !  Applications and pain points !  Cloud services !  Subscription services !  Gaming !  !  !  !  Quick VASCO background Combined AMD and VASCO solution Sample business case Sample competitive comparison © 2013 - VASCO Data Security 3
  4. 4. Cloud Security Concerns !  Losing files !  Files not stored securely !  Loss of control !  Embarrassing files made public !  Computer viruses © 2013 - VASCO Data Security Source: Halon 2013 Security Survey 4
  5. 5. Cloud Providers Are Expected to Lead on Security Within five years, cloud security will become one of the primary drivers for adopting cloud computing. The reason for a shift of security from obstacle to driver is that Cloud Service Providers (CSPs) are expected to invest far more in the development of their security infrastructure and expertise than any typical enterprise Ernst and Young: Cloud Computing Issues and Impacts, 2011 © 2013 - VASCO Data Security 5
  6. 6. Subscription Sharing: New York Times Analysis BuzzFeed: It is representative of a rising generation of young people who 1) Like watching shows Online and 2) Cannot fathom paying for them © 2013 - VASCO Data Security 6
  7. 7. Subscription Account Sharing Impacts   !  Eliminate revenue leakage from account sharing !  Account sharing is perceived as a back-end security problem. But for companies that rely on online subscriptions as a primary revenue stream, account sharing can mean lost income !  What we found was that about 33 percent of the accounts on the network were being shared !  Secure personal information !  Preserve data integrity for advertising/marketing "If you're running The Wall Street Journal or World of Warcraft, and you've got multiple people sharing a single subscription, you're losing customers." © 2013 - VASCO Data Security Source: AdmitOne 7
  8. 8. Tier 1 ASP Example Company Profile !  One of the world's largest insight, information and consultancy networks. By connecting its specialist companies, the group aims to become the pre-eminent provider of compelling insights for the global business community. Needs !  !  !  !  !  Protect online assets/revenues and control their IP Auditable and traceable accounts for Risk and Compliance Dept. No new overhead or code modification of existing web portals OpEx based purchases to tie to subscription services and improve cash flow Everything IT must move to the cloud In need of a cloud based two-factor authentication platform © 2013 - VASCO Data Security 8
  9. 9. Creating Secure Communities Raises Revenues !  University of Michigan studied a Tier 1 online retailer !  Study found a 19% increase in revenue when customers were connected in an online community “While the major share of firm and media attention has focused on thirdparty online social networks such as Facebook, many firms have made the choice to build their own such networks.” http://info.socious.com/bid/56237/How-Online-Customer-Communities-Can-Increase-Revenue-By-19-Research © 2013 - VASCO Data Security 9
  10. 10. Current state of Gaming Online  gaming  industry  growing  significantly…..   …..however  ARPU  is  steadily  declining   Online  Gaming  Market  Share  by  Geography  (USD  $B)  $20.0  $18.0  $16.0  $14.0  $12.0  $10.0 ROW  $8.0 US  $6.0  $4.0  $2.0  $-­‐ 2012 2013 2014 2015 Publishers need assistance to stabilize ARPU by providing additional value to paying customers © 2013 - VASCO Data Security Source: SuperData Research and Newzoo Games 10
  11. 11. US Gaming Demographics 117m  Online  Gamers  in  the  US   Typical US Gamer Age 25-44 Income $35k-$75k 60% male 79% college degree © 2013 - VASCO Data Security Affinity  to  online  security   1.  Above average income and education 2.  Tech savvy 3.  Understand the value of security Sources: *Nielsen Entertainment's third annual Active Gamer Benchmark Study; ** StatGrab; ***SuperData Research/Newzoo 11
  12. 12. Gaming companies must capitalize on hits !  Example: Diablo 3 !  Fastest selling PC game to date !  Broke Amazon record for most preorders !  Sold 3.5m copies on the 1st day !  Sold 6m copies in 1st week !  Within 1 week, it became the most played game in Korea, 39% of Korean gamers logging in daily Securing new game revenue is a natural fit © 2013 - VASCO Data Security 12
  13. 13. Gaming ASP Pain Points !  Account sharing !  Increase revenues and subscriptions with stronger authentication !  New releases are very competitive, must capitalize on hits !  Account bullying !  Hackers stealing credentials to tamper with account holders !  Gold farming !  Dissatisfaction lowers switching costs and increases churn !  Less of an issue with advent of free to play and ability to buy/sell with real dollars !  User islands !  Create communities of users to increase stickiness and monetize free to play !  Cross sell gaming assets !  One credential to access all game sites “MMO players are very dedicated gamers. As the majority already plays games on other screens, it will be interesting to see if publishers succeed in extending and monetizing their MMO experience across all screens.“ Peter Warman, CEO of Newzoo © 2013 - VASCO Data Security 13
  14. 14. Agenda !  Applications and pain points !  Cloud services !  Subscription services !  Gaming !  !  !  !  Quick VASCO background Combined AMD and VASCO solution Sample business case Sample competitive comparison © 2013 - VASCO Data Security 14
  15. 15. Our Philosophy Security Ease Cost Find the optimal balance for ASPs and consumers © 2013 - VASCO Data Security Federal Reserve Briefing 15
  16. 16. VASCO Heritage in Banking Security © 2013 - VASCO Data Security 16
  17. 17. Agenda !  Applications and pain points !  Cloud services !  Subscription services !  Gaming !  !  !  !  Quick VASCO background Combined AMD and VASCO solution Sample business case Sample competitive comparison © 2013 - VASCO Data Security 17
  18. 18. Secure Portal to Web Apps App1 App2 Numerous Logins Passwords QR code scan App3 App4 Cloud Subscribers OTP App5 App6 Complex for users, headache IT helpdesk Simple for users, savings for for IT helpdesk © 2013 - VASCO Data Security 18 18
  19. 19. Integration overview AMD  chipset   Normal  SecDon   App   App   Secure  SecDon   App   Trusted   Trusted   App   App   Secure  OS   TEE  Client  API   PlaBorm/Rich  OS   (e.g.  Windows,  etc)   DIGIPASS   (TEE)   Secure   Monitor   Secure  Boot   ARM  Cortex  A5  Processor  with  Trustzone  Security  Extensions   © 2013 - VASCO Data Security 19
  20. 20. Highly secure yet familiar, simple user experience © 2013 - VASCO Data Security 20
  21. 21. Agenda !  Applications and pain points !  Cloud services !  Subscription services !  Gaming !  !  !  !  Quick VASCO background Combined AMD and VASCO solution Sample business case Sample competitive comparison © 2013 - VASCO Data Security 21
  22. 22. Cost Effective Cloud Cost per user Opex Model Pay as you grow Users or Authentications © 2013 - VASCO Data Security 22
  23. 23. MYDIGIPASS.COM Subscription Business Case ASP with 1M users per month Increased Subscription Assumptions: •  Per a Tier 1 subscription account, 2FA will increase revenues by 10% in YR 1 increasing to 20% by YR 5 •  $100 annual subscription revenue •  $10 per user 2FA cost 20,000,000 16,000,000 12,000,000 Incremental revenues Incremental costs 8,000,000 4,000,000 YR 1 YR 2 YR 3 YR 4 YR 5 MDP.com would return $17.5M net profit over 5 years. © 2013 - VASCO Data Security 23
  24. 24. Easily Deployed Two Factor Authentication © 2013 - VASCO Data Security 24
  25. 25. Agenda !  Applications and pain points !  Cloud services !  Subscription services !  Gaming !  !  !  !  Quick VASCO background Combined AMD and VASCO solution Sample business case Sample competitive comparison © 2013 - VASCO Data Security 25
  26. 26. Comparison vs. Home Grown SMS Home Grown SMS Your unique code is w2z356 Does not operate on WiFi Not delivered in poor coverage area Not delivered when out of range Not delivered under heavy traffic congestion Over 5% of SMS deliveries fail* Operates on 3G/4G, WiFi or LAN Over 9% take over 5 minutes* * Per UCLA study Analysis of the Reliability of a Nationwide Short Message Service © 2013 - VASCO Data Security 26
  27. 27. Spying on SMS Home Grown SMS Your unique code is w2z356 Your unique code is w2z356 Secure out of band QR code transmission © 2013 - VASCO Data Security Unsecure text message can be intercepted using off the shelf software 27
  28. 28. Baseline Mobile App Security Home Grown SMS Your unique code is w2z356 Federate Multiple Applications No Federate Multiple Applications YES Incremental SMS Opex NO Authentication method Challenge/response - more secure Incremental SMS Opex YES Authentication method Standard OTP Back-up methods Written code Back-up methods Smartphone Hardware token © 2013 - VASCO Data Security 28
  29. 29. Top Things to Remember for ASP’s !  Are you creating a secure cloud community? !  Application !  Delivery !  Is account vulnerability limiting your revenue growth? !  Losing potential customers !  High cost of fixing account hacking events !  Causing customer churn !  Could strong two-factor authentication in the cloud meet your needs? !  Speedy ROI !  Easy to manage / Easy for users !  More secure than SMS © 2013 - VASCO Data Security 29
  30. 30. For More Information !  Contact us at !  martin.ahlers@vasco.com !  jonathan.abon@vasco.com !  And go to our Application Service Provider site !  http://mydigipass.vasco.com/ © 2013 - VASCO Data Security 30

×