Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)

GARTNER’S CONVERGED &
COMPELLING FUTURE
MICHAEL THELANDER, SR DIR PRODUCT MARKETING
LEVERAGING THE TRUSTED IDENTITY CAPABILITIES MODEL - PART
1
MAY 2018

2
MICHAEL THELANDER
S E N I O R D I R E C T O R P R O D U C T M A R K E T I N G ,
I O V A T I O N
 CISSP-trained through SANS with experience in
configuration security and authentication
 25 years in product management and product marketing, with
the last 10 focused on cyber security
 Articles have appeared in SC Magazine, IT Professional
Magazine, CyberDefense Magazine, and SoftwareCEO.com
 Drives go-to-market initiatives at iovation

5
EXPLORING GARTNER’S TICM
T H E T R U S T E D I D E N T I T Y C A P A B I L I T I E S M O D E L

6
SESSION 1 AGENDA
E X P L O R I N G G A R T N E R ’ S T R U S T E D I D E N T I T Y C A P A B I L I T I E S M O D E L
3
2
1

DEFINING THE TICM
WHERE WE CAME FROM AND WHERE WE’RE
GOING

8
TR U STED ID EN TITY C A PA B ILITIES MOD EL
( TIC M)
“ T A K E A N E W A P P R O A C H T O E S T A B L I S H I N G A N D M A I N T A I N I N G T R U S T … ”

9
THREE CORE PILLARS OF IDENTITY AND TRUST
T O D A Y, P E R S O N A L R E L A T I O N S H I P S T H A T B E C O M E D I G I T A L
Identity
Proofing
Authentication
Online
Fraud
Detection

10
D I S C I P L I N E S T H A T W E R E I N D E P E N E D E N T A R E B E C O M I N G I N T E R D E P E N D E N T
Identity
Proofing
Authentication
Online
Fraud
Detection
1
2
3
4

11
E A C H P I L L A R G E T S B G G E R , A N D A L L G R O W C L O S E R T O G E T H E R
Identity
Proofing Authentication
Online
Fraud
Detection

12
T H E C U S T O M E R ’ S D E V I C E B E C O M E S T H E “ A N C H O R O F T R U S T ”
Identity
Online
Fraud
Detection

13
R O L E S B E C O M E M O R E D E F I N E D A N D M O R E I N T E R T W I N E D
Identity
Online
Fraud
Detection
RISK &
COMPLIANCE
MANAGER
AUTHENTICATION
MANAGER
INFOSEC
ARCHITECT
FRAUD
MANAGER
UX DIRECTOR
UX DIRECTOR PRODUCT MANAGER
OR
LOB MANAGER

SO WHAT?
WHY IS THIS SUCH A BIG PROBLEM NOW?

17
FRAUD & RISK
1st and 3rd Party Fraud
Identity Theft
Application Fraud
Online Abuse
Policy Violation
CYBERSECURITY
Identity and Access
Mgmt
Account Takeover
Session Hijacking
Man-in-the-Middle
Attacks
SCA for PSD2
USER
EXPERIENCE
Grow the Business
Reduce Friction
Improve NPS
Omni-channel
Access
Increased
Visits/Month
Cross-device
Experience

18FRAUD TEAM IAM & INFOSEC TEAM PM + USER EXPERIENCE TEAM
CAN WE COMMUNICATE ACROSS TEAMS?

19
CAN WE COMMUNICATE ACROSS TEAMS?

20
COMMUNICATING ACROSS TEAMS!

ROLES: TICM
MODEL AS
FRAMEWORK

22
( TIC M)T H E L E G A C Y V I E W O F I D E N T I T Y A S S U R A N C E , I D P R O O F I N G A N D
A U T H E N T I C A T I O N
 In the “legacy”
enterprise view, ID
Proofing and recurring
authentication are
clearly separated
 ID Proofing is used at
account creation, and
User Authentication is
used at account login
 Online fraud detection
is not a significant
factor in this model, and
is managed elsewhere

23
( TIC M)
T H E T I C M E X P A N D S I N T O F D P U S E C A S E S
 Significant changes in
the TICM view:
 The inclusion of on
Online Fraud
Detection tools
expands the scope of
all activities, even ID
proofing
 Key terms arrive –
“contextual” and
“triangulation” – to
indicate new analytics
 They also note that

24
( TIC M)
the TICM view:
Online Fraud
Detection tools
proofing

25
( TIC M)
the TICM view:
Online Fraud
Detection tools
proofing
• Point-in-time activities become “continuous”
• “Context” is a key missing ingredient
• Solutions go from silos to “complementary”
• A new need develops: Dynamic Authentication
which is….
• Continuous
• Contextual
• Complementary

26
( TIC M)
T H E N E W M O D E L
 Now all areas are
interdependent
 Trust elevation – or
step-up authentication
– strongly leverages
risk and integrity signals
 ID Proofing can be re-
established at any
point in the customer
journey
 Analytics “yield greater
value than crude
KBA” in this process

27
( TIC M)
interdependent
step-up authentication
– strongly leverages
risk and integrity signals
established at any
point in the customer
journey
value than crude
KBA” in this process

28
( TIC M)
interdependent
step-up – strongly
leverages risk and
integrity signals
established at any point
in the customer journey
or lifecycle
value than crude KBA”
in this process
• Look at the bottom of the diagram!
• The critical signals used in every phase
(account creation, login, and post login)
come from Online Fraud Detection tools
• Are you missing a key ingredient to
implement the Gartner TICM model?

29
( TIC M)
interdependent
leverages risk and
integrity signals
or lifecycle
in this process
• Are your fraud insights integrated into
cybersecurity?
• Is identity proofing dynamic or is it point-in-
time only?
• Are you having conversations across silos?

30
( TIC M)

31
( TIC M)
interdependent
leverages risk and
integrity signals
or lifecycle
in this process
“One of the authors had a client interaction that was particularly telling:
A team in a bank was looking at new customer authentication methods,
and was particularly interested in the potential value of analytics and
an adaptive access approach, without being aware of the overlap of
these techniques with OFD, which was the province of a
completely different team within the bank.”

32
BIG TAKEAWYS FROM SESSION ONE ON THE TICM
3
2
1

OUR NEXT WEBINARS
ONLINE FRAUD DETECTION TOOLS DELIVER
THE MISSING INGREDIENTS

34
( TIC M)
 Credentials serve the
Identity Corroboration
problem
 Analytics solves for the
Identity Dissonance
problems
 Authentication products
(iovation’s LaunchKey
and ClearKey) enable
these functions
 Fraud detection products
(like iovation FraudForce)
enable these functions

35
( TIC M)
I N O U R N E X T S E S S I O N

36
1. Mobile devices can be
gateways, consumers, or
IoT nodes
THE TICM WORKS IN THE INTERNET OF
THINGS
D E V I C E S A S G A T E W A Y S A N D C O N T R O L L E R S

Q&A
iovation.com/resources/reports

CONTACT US
www.iovation.com
@TheOtherMichael
SENIOR DIRECTOR PRODUCT MARKETING
MICHAEL
THELANDER
michael.thelander@iovation.com
503.943.6700

39
( TIC M)
 The new model also
makes extensive use of a
“familiar people vs.
strange people” notion
 Third-party credentials
(like Single sign-on
systems), risk signals,
and attack signals are
important here

40
( TIC M)
 Authentication and
Online Fraud Detection
make the most use of
common tools and
signals
 Identity proofing
provides the critical
ingredient of Third-Party
Credentials
 The combination of “ID
Proofing + Online Fraud
Detection” provides, in
this model, the strongest

41
 External Message, NEW IMPLEMENTATIONS:
 If you’re building a new system that integrates identity proofing, auth, and OFD…
 … iovation can provide (or connect you to) every piece
 In an integrated solution that binds everything together
 External Messaged UPDATE or ADD-ON IMPLEMENTATIONS:
 iovation online fraud detection solutions add the missing risk and reputation ingredients
 Our SaaS-based solutions make it easy to layer risk insight into your integration points
 Third-Party PARTNER, CHANNEL or OEM MESSAGES:
 We deliver the pieces you may be missing to fulfill the TICM vision
 We can be a transparent “capabilities multiplier” for your offerings
THE BOTTOM LINE

Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)

Recommended

Recommended

More Related Content

Similar to Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)

Similar to Gartner Offers a Converged and Compelling Future (Gartner Report Part 1) (20)

More from TransUnion

More from TransUnion (20)

Recently uploaded

Recently uploaded (20)

Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)

Editor's Notes