SlideShare a Scribd company logo

The Future of Secure, Mobile Authentication

D
derektop

From Voice Biometrics Conference San Francisco (May 8-9, 2013): Mobile devices have the potential to be the universal device to make authentication stronger. But a host of challenges stand in the way for mobile security platforms. What are the key enablers and how does voice fit into a comprehensive mobile security strategy? Ollie Whitehouse, Associate Director, NCC Group

TechnologyBusiness
1 of 13
Download to read offline
Mobile Security and 2FA The reality from the trenches… Ollie Whitehouse, Associate Director, NCC Group
Before we begin… • NCC = iSEC Partners in the USA • FTSE listed ~99 million GBP revenue • Independent security experts • Working in hardware, software and higher level business functions • Trusted advisor to many • ~ 250 technical security consultants • ~ 80 business security consultants
Agenda for the 15 minute positioning.. • Mobile Security • Reality and Elephants • Future Enablers • Authentication and mobile • 2FA – what it looks like today • Voice biometrics and its Role
Mobile Security – Security threats • Hardware • Platform • Android, iOS, Windows etc. • Vendor Customisation • Undermining platform security • Apps • Poorly designed / implemented • User activity •  Hygiene with regards to apps / jail breaking
Mobile Security – Challenges • Mobile vendor fragmentation • Vendor spend on security • 18 to 24 month device life cycles • Carrier certification of updates • User awareness / education • User experience for security patches • Carrier / user desire for security patches
Mobile Security – Future
Mobile Security – Future • The security arms race is starting.. • BlackBerry, Samsung, SEAndroid (Generic), Apple and Windows • Platform features • TrustZone • Virtualisation / HyperVisors • Software security • Improving rapidly..
Mobile 2FA – Concerns • Satisfying ‘Something you have’ • SMS latency • The ‘NYE’ problem • The ‘malware’ issue • For seeded / on-line • Jail breaking • For seeded / on-line • Connectivity • For on-line
Mobile 2FA – Drivers for mobile 2FA
Mobile 2FA – What we’re seeing
Mobile 2FA – Satisfying the concerns • Today • Jail break detection • Device unique IDs • Device lockdown • Dual persona devices • Tomorrow • TrustZone and friends
Mobile 2FA – Result (one solution seen) Circuit Switch and Voice for Last Chance Fall-back
Mobile 2FA – Tomorrow?

Recommended

mobile application security
mobile application securitymobile application security
mobile application security
-jyothish kumar sirigidi
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Ben Rothke
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
Santosh Satam
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
loaiCV2014
loaiCV2014loaiCV2014
loaiCV2014
Loai Taan
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobility
DATA SECURITY SOLUTIONS
 
Web App Sec Tisc
Web App Sec TiscWeb App Sec Tisc
Web App Sec Tisc
Aung Khant
 

Recommended

mobile application security
mobile application securitymobile application security
mobile application security
-jyothish kumar sirigidi
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Ben Rothke
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
Santosh Satam
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
loaiCV2014
loaiCV2014loaiCV2014
loaiCV2014
Loai Taan
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobility
DATA SECURITY SOLUTIONS
 
Web App Sec Tisc
Web App Sec TiscWeb App Sec Tisc
Web App Sec Tisc
Aung Khant
 
Essential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityEssential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network Security
Precisely
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - Mobiloitte
Mobiloitte
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
FIDO Alliance
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
EnclaveSecurity
 
Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installation
Om Kumar
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
Lumension
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
Salvatore D'Agostino
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Lumension
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration
Chris Cavallo
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
mycroftinc
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
Denim Group
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
IBM Security
 
Mbs w21
Mbs w21Mbs w21
Mbs w21
SelectedPresentations
 
Reducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentReducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills Development
CompTIA
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
Lumension
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
INTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCEINTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCE
Layer3 Security Services
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
David Strom
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
Byres Security Inc.
 
Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)
msobiegraj
 
2FA and OTP
2FA and OTP2FA and OTP
2FA and OTP
Tristan Gomez
 

More Related Content

What's hot

Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installation
Om Kumar
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Lumension
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
mycroftinc
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
IBM Security
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
Byres Security Inc.
 

What's hot (20)

Essential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityEssential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network Security
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - Mobiloitte
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
 
Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installation
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
 
Mbs w21
Mbs w21Mbs w21
Mbs w21
 
Reducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentReducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills Development
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
INTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCEINTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCE
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
 

Viewers also liked

Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
Dilip Kr. Jangir
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
mmubashirkhan
 

Viewers also liked (6)

Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)
 
2FA and OTP
2FA and OTP2FA and OTP
2FA and OTP
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major Impact
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
Simple Two Factor Authentication
Simple Two Factor AuthenticationSimple Two Factor Authentication
Simple Two Factor Authentication
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 

Similar to The Future of Secure, Mobile Authentication

IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Security
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Sumana Mehta
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
AugmentedWorldExpo
 

Similar to The Future of Secure, Mobile Authentication (20)

IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT security
 
Enterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile worldEnterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile world
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
Outside the Office: Mobile Security
Outside the Office: Mobile SecurityOutside the Office: Mobile Security
Outside the Office: Mobile Security
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or loose
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
The Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business EnablerThe Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business Enabler
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
Fundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentFundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product Development
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile Authentication
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 

More from derektop

More from derektop (12)

Operationalizing Voice Biometrics
Operationalizing Voice BiometricsOperationalizing Voice Biometrics
Operationalizing Voice Biometrics
 
Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0
 
e-Government Applications for Voice Authentication
e-Government Applications for Voice Authenticatione-Government Applications for Voice Authentication
e-Government Applications for Voice Authentication
 
Mobile Voice Authentication
Mobile Voice AuthenticationMobile Voice Authentication
Mobile Voice Authentication
 
Future of Mobile Authentication
Future of Mobile AuthenticationFuture of Mobile Authentication
Future of Mobile Authentication
 
The Case for Voice + Face Recognition
The Case for Voice + Face RecognitionThe Case for Voice + Face Recognition
The Case for Voice + Face Recognition
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White List
 
Case Study: Passive Authentication at Barclays
Case Study: Passive Authentication at BarclaysCase Study: Passive Authentication at Barclays
Case Study: Passive Authentication at Barclays
 
Powering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel WorldPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel World
 
Natural Interaction in the Connected Home
Natural Interaction in the Connected HomeNatural Interaction in the Connected Home
Natural Interaction in the Connected Home
 
Case Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator AveaCase Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator Avea
 
Voice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets BiggerVoice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets Bigger
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Recently uploaded (20)

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

The Future of Secure, Mobile Authentication

  • 1. Mobile Security and 2FA The reality from the trenches… Ollie Whitehouse, Associate Director, NCC Group
  • 2. Before we begin… • NCC = iSEC Partners in the USA • FTSE listed ~99 million GBP revenue • Independent security experts • Working in hardware, software and higher level business functions • Trusted advisor to many • ~ 250 technical security consultants • ~ 80 business security consultants
  • 3. Agenda for the 15 minute positioning.. • Mobile Security • Reality and Elephants • Future Enablers • Authentication and mobile • 2FA – what it looks like today • Voice biometrics and its Role
  • 4. Mobile Security – Security threats • Hardware • Platform • Android, iOS, Windows etc. • Vendor Customisation • Undermining platform security • Apps • Poorly designed / implemented • User activity •  Hygiene with regards to apps / jail breaking
  • 5. Mobile Security – Challenges • Mobile vendor fragmentation • Vendor spend on security • 18 to 24 month device life cycles • Carrier certification of updates • User awareness / education • User experience for security patches • Carrier / user desire for security patches
  • 7. Mobile Security – Future • The security arms race is starting.. • BlackBerry, Samsung, SEAndroid (Generic), Apple and Windows • Platform features • TrustZone • Virtualisation / HyperVisors • Software security • Improving rapidly..
  • 8. Mobile 2FA – Concerns • Satisfying ‘Something you have’ • SMS latency • The ‘NYE’ problem • The ‘malware’ issue • For seeded / on-line • Jail breaking • For seeded / on-line • Connectivity • For on-line
  • 9. Mobile 2FA – Drivers for mobile 2FA
  • 10. Mobile 2FA – What we’re seeing
  • 11. Mobile 2FA – Satisfying the concerns • Today • Jail break detection • Device unique IDs • Device lockdown • Dual persona devices • Tomorrow • TrustZone and friends
  • 12. Mobile 2FA – Result (one solution seen) Circuit Switch and Voice for Last Chance Fall-back
  • 13. Mobile 2FA – Tomorrow?