Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
The Evolution of Identity In a World
of
“Payment as a Feature”
“It is not the strongest, nor the most
intelligent that sur...
Business as usual?
What is changing
The scope of identity and its proxies are
changing as we transact more and more
of our business electroni...
What has changed?
The flow of knowledge amongst people and agents prior to the Internet
and social networks.
We are on the verge of connected
intelligence
Social networks are bringing
people’s lives into the open
Mobile devices are...
Lies spread fast
…and get caught fast
People are sharing activity streams online
to shape their identities or earn a benefit
Gen Y is INVESTING in their online
identities
“I need your attention
to feel safe”
“I need my privacy
to feel safe”
The dichotomy of convenience vs. security in
an app world
• 50+% do not use a password or PIN to
lock their smartphone or ...
#hacked
"In reality, Apple's sensor has just a higher resolution compared to the
sensors so far. So we only needed to ramp...
How secure are our challenge
questions?
• What is your mother’s maiden name?
• In which city were you born
• Where did you...
Its getting easier to impersonate
and the bad guys are taking
advantage
663,587,386stolen records of personal information ...
How are we responding?
“The Best Payment System Is The One You
Don’t Even Notice.”
• Trying to solve for speed and conveni...
#hacked
“Starbucks executives confirmed that
the popular mobile payment app has
been storing usernames, email
addresses an...
How can we solve both security
AND speed/convenience
Embrace the
expanded notion of
identity and use it to
protect custome...
Individual device motion patterns as
part of identity
Opt-in social data for challenge-
response questions
• Who below is not a friend of yours?
• Which of the following songs ...
• Motion patterns of device in hand
• Typing velocity for different bi-graphs and tri-graphs
• Device fingerprinting
• Usi...
Conclusion
• Gen Y is demanding convenience and payments as a feature in their applications.
• This in turn brings many ne...
Upcoming SlideShare
Loading in …5
×

Evolution of identity Stoyan Kenderov - MAC 2014 conference

702 views

Published on

Gen Y expectations of convenience and immediacy are driving mobile app developers to integrate payments as a feature of their apps and work to make it seamless to the app experience.

That's great, but as more and more new technology entrants ascend into the payments field, security and fraud risks are threatening to cripple the growth of the industry.
We are still relying on many pre-Internet age identity assertion techniques, many of which have been made obsolete by customer that chose to live their lives on social networks.

Luckily, social data and sensors are giving us new tools to incorporate into these apps to tighten up security while at the same time catering to the expectations and tolerance of the Gen Y user - the largest demographic force to enter the market.

Published in: Technology
  • Be the first to comment

Evolution of identity Stoyan Kenderov - MAC 2014 conference

  1. 1. The Evolution of Identity In a World of “Payment as a Feature” “It is not the strongest, nor the most intelligent that survives. It is the one that is most adaptable to change” Darwin Stoyan Kenderov, Intuit Inc. Keynote
  2. 2. Business as usual?
  3. 3. What is changing The scope of identity and its proxies are changing as we transact more and more of our business electronically and across borders
  4. 4. What has changed? The flow of knowledge amongst people and agents prior to the Internet and social networks.
  5. 5. We are on the verge of connected intelligence Social networks are bringing people’s lives into the open Mobile devices are adding more context and facilitating information activation
  6. 6. Lies spread fast
  7. 7. …and get caught fast
  8. 8. People are sharing activity streams online to shape their identities or earn a benefit
  9. 9. Gen Y is INVESTING in their online identities “I need your attention to feel safe” “I need my privacy to feel safe”
  10. 10. The dichotomy of convenience vs. security in an app world • 50+% do not use a password or PIN to lock their smartphone or tablet • 44% who do not lock their mobile devices because “too cumbersome" • 30% who do not lock their mobile devices “are not worried about the risk” • Only 33% percent make a point of logging into an application every time they use it. • 66% try to leave applications perpetually logged in unless they are required by the application to log in every time • 30% “often forget or mistype password on the small keyboard” • 60% “wish there was an easier form of authentication for mobile applications” Luckily the mobile phone industry has come to the rescue. Now all apps can be secured at once with our real identity…. Source: Confident Technologies
  11. 11. #hacked "In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake", said the hacker with the nickname Starbug, who performed the critical experiments that led to the successful circumvention of the fingerprint locking. "As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints." CCC, Germany
  12. 12. How secure are our challenge questions? • What is your mother’s maiden name? • In which city were you born • Where did you go to school?
  13. 13. Its getting easier to impersonate and the bad guys are taking advantage 663,587,386stolen records of personal information since 2005
  14. 14. How are we responding? “The Best Payment System Is The One You Don’t Even Notice.” • Trying to solve for speed and convenience and embedding payments as a feature in more and more apps The holly grail:
  15. 15. #hacked “Starbucks executives confirmed that the popular mobile payment app has been storing usernames, email addresses and passwords in clear text, which allows passwords and usernames to be extracted...” http://www.moneynews.com/Personal-Finance/Starbucks-app- hack-iOS/2014/01/17/id/547634#ixzz2vgUIqajd “4.6 million usernames and phone numbers were exposed when Snapchat got hacked last month…” http://gigaom.com/2014/01/09/snapchat-says-sorry-for- getting-hacked-updates-app-with-phone-number-opt- out/ “Usernames, passwords, mailing addresses, e-mail addresses and phone numbers had been compromised by hackers, but no credit card information had been stolen…5.6 million people have pledged funding to 56,000 projects since its launch in 2009.” http://www.cnn.com/2014/02/15/us/kickstarter- site-hacked/ The real threat is: Password fatigue! We use the same password again and again…in 100’s of apps
  16. 16. How can we solve both security AND speed/convenience Embrace the expanded notion of identity and use it to protect customers
  17. 17. Individual device motion patterns as part of identity
  18. 18. Opt-in social data for challenge- response questions • Who below is not a friend of yours? • Which of the following songs do you miss hearing? • Where did you not go in the last 7 days Let It Go (by Frozen) All Of Me (by John Legend) Let her go (by Passenger) Team (by Lorde) No Signboard Seafood Restaurant Mellben Seafood Paradise Dynasty 126 (搵到食) Eating House
  19. 19. • Motion patterns of device in hand • Typing velocity for different bi-graphs and tri-graphs • Device fingerprinting • Using social data for a one-time “something you know” • Real-time machine learning techniques for slightest variations • Collective responsibility for fraud and privacy • Regulation that enables experimentation A smarter toolkit
  20. 20. Conclusion • Gen Y is demanding convenience and payments as a feature in their applications. • This in turn brings many new merchants into the payments market. • Many of these merchants will not have the sophistication to deal with security and fraud. • Our security toolkit is becoming obsolete all the time. • The Internet is the new public record and has gradually extended the notion of identity. • Young customers are far more willing to opt in their online identities and data in exchange for convenience and security. • Our industry can adapt to the trend and deal with fraud while offering simplicity, convenience and security. • We need to extend our protective umbrella of fraud prevention methods to those that need it. • Public policy needs to evolve to allow for this innovation to occur.

×