SlideShare a Scribd company logo

Two factor Authentication

Download as PPTX, PDF
Ricardo Resnik
Ricardo Resnik
1 of 21
© 2014 SecurEnvoy Revolutionising 2FA to enhance the user experience Andy Kemshall – Co Founder 01/01/14 Company logo
© 2014 SecurEnvoy Ideal Solution To Allow Secure Remote Access with 2FA • Anywhere, Anytime, on Any device • Strong security • Consistent Simple User eXperience • Cost Effective iPad Smart Phone Home PC Business Lounge AAA Secure UX ROI
© 2014 SecurEnvoy 2FA Token Types • Hard Tokens • Certificates • Push • Adaptive Authentication • Real Time SMS • Preload SMS • Soft Tokens Apps • One Swipe
© 2014 SecurEnvoy Hard Token • Hardware Tokens – Require distribution, synchronizing – 30 year old technology – Seed records known to vendors / governments • Smart Cards – Needs a reader and local driver software – Require distribution, certificate management • USB Sticks – Local driver software – Require distribution, certificate management • User must carry the token  AAA Secure UX ROI
© 2014 SecurEnvoy Certificates • Enrolment authentication • Only authenticate on this device • Leaving identity everywhere • What happens when? – Cert Expires every year – CA Expires every 5 years – Device is upgraded or sold X AAA Sec UX ROI
© 2014 SecurEnvoy One Identity is the Solution SMS Pre-Load On-Demand 3 Codes Periodic Phone or Tablet App Laptop X X X • One Soft Token Identity • Self Service “Manage My Token” portal • Change many times @ no additional cost
© 2014 SecurEnvoy Push Technologies • Requires GSM DATA • No unique Passcode • Push sent to all devices • No session locking – Shoulder surfer connects just before? AAA Sec UX ROI
© 2014 SecurEnvoy Adaptive Authentication Bob - Logs in from coffee shop No Passcode Prompt Bob - Logs in from home No Passcode Prompted Bob - Logs in from USA Passcode Prompted Bob - Logs in from airport Passcode Prompt AAA UX ROINOT a consistent user experience 
© 2014 SecurEnvoy The Problem • SMS delivery delays • Expect around 4% of SMS messages to takes longer that 1 minute • SLA’s on delivery DON’T cover sending to the user’s phone • Signal dead spots • buildings with wide outer walls • underground basements • computer rooms • Phone is used to connect to the internet • Some phones can’t receive SMS when a data connection is active “96% of texts are delivered within 10 seconds” source Vodafone Real Time SMS UserID & Pin SMS Sent to Phone AAA Secure UX ROI
© 2014 SecurEnvoy Something You Know Something You Own Andyk P0stcode 956324 Next Required Passcode Sent To Phone (overwrites previous message) Passcode 769310 Pre-Loaded SMS AAA Secure UX ROI
© 2014 SecurEnvoy SMS Gateway Delivery Wrong Approach • Limited SMS Gateways options • Tied to one provider – Be wary of hidden costs – International coverage Correct Approach • Multiple SMS gateway options – Intelligent routing – Redundant failover – Multiple methods – competitive SMS providers brings lower costs Telco SMS Provider
© 2014 SecurEnvoy ****** *********** Soft Token App
© 2014 SecurEnvoy SEED Security XXX XXX
© 2014 SecurEnvoy Seed 1st Part QRCode Scan 8 Digit Code Seed 1st Part Fingerprint of Phone Seed 2nd PartSeed 2nd Part 2nd Seed Part is recreated each time a passcode is crea Seed 2nd PartSeed 2nd PartSeed 2nd Part Random 1st Seed Part Created Locally Seeds are NOT stored by SecurEnvoy AES 256 Bit Encrypted SEED Security
© 2014 SecurEnvoy iPhone 4 iPhone 5 No Additional Cost To upgrade to a new phone Old Seed Deleted From Server New Seed Created Soft Token - Upgrade Phone AAA Secure UX ROI
© 2014 SecurEnvoy What does the user want? This? AQ4£Dhdboie Bu7&6tgy)99 7h15!s57up!d Or this? This?
© 2014 SecurEnvoy One Swipe Via QRCode ****** *********** Scan QRCode From Phone Enter Pin One Time QRCode • No Phone Signal or Data Connection Required • Automatic Time Sync to +/- 13 Hours GMT (any time zone)
© 2014 SecurEnvoy Off-line or behind a firewall One Swipe Don’t need to enter UserID Don’t need to enter passcode Don’t need to re-enter passcode JUST PIN & SWIPE No Signal VPN Login Templates Isolated
© 2014 SecurEnvoy One Swipe Future Road Map ****** *********** Enter Pin AAA Secure UX ROI
© 2014 SecurEnvoy 2FA Token Types, Talk To Us @ Stand H10 • Hard Tokens • Certificates • Push • Adaptive • RealTime SMS • Pre Load SMS • Soft Token • One Swipe AAA Sec UX ROI AAA Sec UX ROI AAA UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI
© 2014 SecurEnvoy See us on Stand H10

Recommended

Traditional or Hosted Phone: Which Is The Right Choice For Your Business?
Traditional or Hosted Phone: Which Is The Right Choice For Your Business? Traditional or Hosted Phone: Which Is The Right Choice For Your Business?
Traditional or Hosted Phone: Which Is The Right Choice For Your Business? Swastika Dhakal
 
How to setup se tracker
How to setup se trackerHow to setup se tracker
How to setup se trackersimplaxo
 
Voip mobile dialer
Voip mobile dialerVoip mobile dialer
Voip mobile dialerVoIP Infotech
 
Iphone sip dialer
Iphone sip dialerIphone sip dialer
Iphone sip dialerVoIP Infotech
 
Android sip dialer
Android sip dialerAndroid sip dialer
Android sip dialerVoIP Infotech
 
Android sip dialer
Android sip dialerAndroid sip dialer
Android sip dialerVoIP Infotech
 
SYPHERSAFE
SYPHERSAFESYPHERSAFE
SYPHERSAFEMustafa Kuğu
 
SPY Mobile Software
SPY Mobile SoftwareSPY Mobile Software
SPY Mobile SoftwarePooja Seo
 

Recommended

Traditional or Hosted Phone: Which Is The Right Choice For Your Business?
Traditional or Hosted Phone: Which Is The Right Choice For Your Business? Traditional or Hosted Phone: Which Is The Right Choice For Your Business?
Traditional or Hosted Phone: Which Is The Right Choice For Your Business? Swastika Dhakal
 
How to setup se tracker
How to setup se trackerHow to setup se tracker
How to setup se trackersimplaxo
 
Voip mobile dialer
Voip mobile dialerVoip mobile dialer
Voip mobile dialerVoIP Infotech
 
Iphone sip dialer
Iphone sip dialerIphone sip dialer
Iphone sip dialerVoIP Infotech
 
Android sip dialer
Android sip dialerAndroid sip dialer
Android sip dialerVoIP Infotech
 
Android sip dialer
Android sip dialerAndroid sip dialer
Android sip dialerVoIP Infotech
 
SYPHERSAFE
SYPHERSAFESYPHERSAFE
SYPHERSAFEMustafa Kuğu
 
SPY Mobile Software
SPY Mobile SoftwareSPY Mobile Software
SPY Mobile SoftwarePooja Seo
 
Cellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhoneCellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhoneCellcrypt
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialerVoIP Infotech
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialerVoIP Infotech
 
IETF meeting - SIP OAuth use cases
IETF meeting - SIP OAuth use casesIETF meeting - SIP OAuth use cases
IETF meeting - SIP OAuth use casesVictor Pascual Ávila
 
VoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providersVoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providersVoIP Infotech
 
Android sip client
Android sip client Android sip client
Android sip client VoIP Infotech
 
SOTP_Introduction
SOTP_IntroductionSOTP_Introduction
SOTP_IntroductionJohnson Wu
 
Yakovoice
Yakovoice Yakovoice
Yakovoice Yakovoice IVR
 
Taking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case studyTaking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case studyTeleSign Corporation
 
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015VOIP2DAY
 
FonB Sales presentation
FonB Sales presentationFonB Sales presentation
FonB Sales presentationaptustel
 
Escene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manualEscene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manualEmre Ozcan
 
MARS VOIP Notification
MARS VOIP NotificationMARS VOIP Notification
MARS VOIP NotificationAjoy Dasgupta
 
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesDefcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesPriyanka Aash
 
General brochure
General brochureGeneral brochure
General brochureastTECSMiddleEast
 
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEW
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEWVIRDI COMPANY PROFILE & PRODUCTS OVERVIEW
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEWVIRDI Biometric Access Control System
 
Open Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice ServicesOpen Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice ServicesIberdrola
 
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...Martin Prosek
 
The Unstoppable Demand for the All-Wireless Workplace
The Unstoppable Demand for the All-Wireless WorkplaceThe Unstoppable Demand for the All-Wireless Workplace
The Unstoppable Demand for the All-Wireless WorkplaceAruba, a Hewlett Packard Enterprise company
 
Cloud telephony
Cloud telephonyCloud telephony
Cloud telephonyabhinandanyadavg
 
Beyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarBeyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarForgeRock
 
DIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric FazendinDIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric FazendinCloudIDSummit
 

More Related Content

What's hot

Cellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhoneCellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhoneCellcrypt
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialerVoIP Infotech
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialerVoIP Infotech
 
VoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providersVoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providersVoIP Infotech
 
SOTP_Introduction
SOTP_IntroductionSOTP_Introduction
SOTP_IntroductionJohnson Wu
 
Taking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case studyTaking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case studyTeleSign Corporation
 
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015VOIP2DAY
 
FonB Sales presentation
FonB Sales presentationFonB Sales presentation
FonB Sales presentationaptustel
 
Escene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manualEscene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manualEmre Ozcan
 
MARS VOIP Notification
MARS VOIP NotificationMARS VOIP Notification
MARS VOIP NotificationAjoy Dasgupta
 
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesDefcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesPriyanka Aash
 
Open Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice ServicesOpen Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice ServicesIberdrola
 
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...Martin Prosek
 

What's hot (20)

Cellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhoneCellcrypt Mobile for iPhone
Cellcrypt Mobile for iPhone
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialer
 
Android voip mobile dialer
Android voip mobile dialerAndroid voip mobile dialer
Android voip mobile dialer
 
IETF meeting - SIP OAuth use cases
IETF meeting - SIP OAuth use casesIETF meeting - SIP OAuth use cases
IETF meeting - SIP OAuth use cases
 
VoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providersVoIP Infotech: Android sip client providers
VoIP Infotech: Android sip client providers
 
Android sip client
Android sip client Android sip client
Android sip client
 
SOTP_Introduction
SOTP_IntroductionSOTP_Introduction
SOTP_Introduction
 
Yakovoice
Yakovoice Yakovoice
Yakovoice
 
Taking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case studyTaking note of two factor authentication - TeleSign & Evernote case study
Taking note of two factor authentication - TeleSign & Evernote case study
 
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
Interfaces de Voz avanzadas con VoiceXML - Iván Sixto | VoIP2DAY 2015
 
FonB Sales presentation
FonB Sales presentationFonB Sales presentation
FonB Sales presentation
 
Escene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manualEscene ceiling public broadcasting ip phone ps760 user manual
Escene ceiling public broadcasting ip phone ps760 user manual
 
MARS VOIP Notification
MARS VOIP NotificationMARS VOIP Notification
MARS VOIP Notification
 
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phonesDefcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
Defcon 22-fatih-ozavci-vo ip-wars-attack-of-the-cisco-phones
 
General brochure
General brochureGeneral brochure
General brochure
 
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEW
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEWVIRDI COMPANY PROFILE & PRODUCTS OVERVIEW
VIRDI COMPANY PROFILE & PRODUCTS OVERVIEW
 
Open Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice ServicesOpen Touch Message Center - Alcatel-Lucent Voice Services
Open Touch Message Center - Alcatel-Lucent Voice Services
 
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
Mobile Identity 2013 - Optimising and simplifying authentication and authoriz...
 
The Unstoppable Demand for the All-Wireless Workplace
The Unstoppable Demand for the All-Wireless WorkplaceThe Unstoppable Demand for the All-Wireless Workplace
The Unstoppable Demand for the All-Wireless Workplace
 
Cloud telephony
Cloud telephonyCloud telephony
Cloud telephony
 

Similar to Two factor Authentication

Beyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarBeyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarForgeRock
 
DIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric FazendinDIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric FazendinCloudIDSummit
 
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'manCIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'manCloudIDSummit
 
Mobile Device Mismanagement
Mobile Device MismanagementMobile Device Mismanagement
Mobile Device Mismanagementbreenmachine
 
Assurity seminar 24 jan
Assurity seminar 24 janAssurity seminar 24 jan
Assurity seminar 24 janJason Kong
 
VoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco PhonesVoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco PhonesFatih Ozavci
 
Hp secap android
Hp secap androidHp secap android
Hp secap androidrajeshckr
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul MadsenCIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul MadsenCloudIDSummit
 
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...modolabs
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO Alliance
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" mycroftinc
 
CNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsCNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsSam Bowne
 
Mobile Monday (May 2014) - myKyat - Branchless Banking
Mobile Monday (May 2014) - myKyat - Branchless BankingMobile Monday (May 2014) - myKyat - Branchless Banking
Mobile Monday (May 2014) - myKyat - Branchless BankingMobile Monday Yangon
 
Sierraware virtual phone
Sierraware virtual phoneSierraware virtual phone
Sierraware virtual phoneSierraware
 
Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Fulllfilliat
 
NewAer Beacon Summit Dusseldorf 2015
NewAer Beacon Summit Dusseldorf 2015NewAer Beacon Summit Dusseldorf 2015
NewAer Beacon Summit Dusseldorf 2015Dave Mathews
 

Similar to Two factor Authentication (20)

Beyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinarBeyond username and password it's continuous authorization webinar
Beyond username and password it's continuous authorization webinar
 
DIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric FazendinDIRECTORY CIS 2015 - Eric Fazendin
DIRECTORY CIS 2015 - Eric Fazendin
 
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'manCIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
 
Mobile Device Mismanagement
Mobile Device MismanagementMobile Device Mismanagement
Mobile Device Mismanagement
 
Assurity seminar 24 jan
Assurity seminar 24 janAssurity seminar 24 jan
Assurity seminar 24 jan
 
VoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco PhonesVoIP Wars: Attack of the Cisco Phones
VoIP Wars: Attack of the Cisco Phones
 
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf ItalyAdvanced Access Management with Aruba ClearPass #AirheadsConf Italy
Advanced Access Management with Aruba ClearPass #AirheadsConf Italy
 
Defining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access NetworksDefining Advanced AAA Policies for Access Networks
Defining Advanced AAA Policies for Access Networks
 
Hp secap android
Hp secap androidHp secap android
Hp secap android
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul MadsenCIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
CIS 2015- IoT? The ‘I’ needs to be ‘Identity’- Paul Madsen
 
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
Kurogo Higher Ed Mobile Conference 2017: How Mobility is Driving Changes in C...
 
CIS14: PingID
CIS14: PingIDCIS14: PingID
CIS14: PingID
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
CNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile paymentsCNIT 128: 9: Mobile payments
CNIT 128: 9: Mobile payments
 
Mobile Monday (May 2014) - myKyat - Branchless Banking
Mobile Monday (May 2014) - myKyat - Branchless BankingMobile Monday (May 2014) - myKyat - Branchless Banking
Mobile Monday (May 2014) - myKyat - Branchless Banking
 
Sierraware virtual phone
Sierraware virtual phoneSierraware virtual phone
Sierraware virtual phone
 
Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Full
 
NewAer Beacon Summit Dusseldorf 2015
NewAer Beacon Summit Dusseldorf 2015NewAer Beacon Summit Dusseldorf 2015
NewAer Beacon Summit Dusseldorf 2015
 

More from Ricardo Resnik

Psb ec sales presentation
Psb ec sales presentation Psb ec sales presentation
Psb ec sales presentation Ricardo Resnik
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Whatsnew gfi languard2014partners_en_gen
Whatsnew gfi languard2014partners_en_genWhatsnew gfi languard2014partners_en_gen
Whatsnew gfi languard2014partners_en_genRicardo Resnik
 
Effective security monitoring mp 2014
Effective security monitoring mp 2014Effective security monitoring mp 2014
Effective security monitoring mp 2014Ricardo Resnik
 
Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Ricardo Resnik
 
MultPoint Ltd.company overview 2014 3214 short version
MultPoint Ltd.company overview 2014 3214 short version MultPoint Ltd.company overview 2014 3214 short version
MultPoint Ltd.company overview 2014 3214 short version Ricardo Resnik
 
Gfi corporate presentation_en_gen
Gfi corporate presentation_en_genGfi corporate presentation_en_gen
Gfi corporate presentation_en_genRicardo Resnik
 

More from Ricardo Resnik (9)

Psb ec sales presentation
Psb ec sales presentation Psb ec sales presentation
Psb ec sales presentation
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014
 
Whatsnew gfi languard2014partners_en_gen
Whatsnew gfi languard2014partners_en_genWhatsnew gfi languard2014partners_en_gen
Whatsnew gfi languard2014partners_en_gen
 
Effective security monitoring mp 2014
Effective security monitoring mp 2014Effective security monitoring mp 2014
Effective security monitoring mp 2014
 
Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3Mp company overview 2014 0214 version 3
Mp company overview 2014 0214 version 3
 
MultPoint Ltd.company overview 2014 3214 short version
MultPoint Ltd.company overview 2014 3214 short version MultPoint Ltd.company overview 2014 3214 short version
MultPoint Ltd.company overview 2014 3214 short version
 
Ironkey Windows to go
Ironkey Windows to goIronkey Windows to go
Ironkey Windows to go
 
Gfi corporate presentation_en_gen
Gfi corporate presentation_en_genGfi corporate presentation_en_gen
Gfi corporate presentation_en_gen
 

Two factor Authentication

  • 1. © 2014 SecurEnvoy Revolutionising 2FA to enhance the user experience Andy Kemshall – Co Founder 01/01/14 Company logo
  • 2. © 2014 SecurEnvoy Ideal Solution To Allow Secure Remote Access with 2FA • Anywhere, Anytime, on Any device • Strong security • Consistent Simple User eXperience • Cost Effective iPad Smart Phone Home PC Business Lounge AAA Secure UX ROI
  • 3. © 2014 SecurEnvoy 2FA Token Types • Hard Tokens • Certificates • Push • Adaptive Authentication • Real Time SMS • Preload SMS • Soft Tokens Apps • One Swipe
  • 4. © 2014 SecurEnvoy Hard Token • Hardware Tokens – Require distribution, synchronizing – 30 year old technology – Seed records known to vendors / governments • Smart Cards – Needs a reader and local driver software – Require distribution, certificate management • USB Sticks – Local driver software – Require distribution, certificate management • User must carry the token  AAA Secure UX ROI
  • 5. © 2014 SecurEnvoy Certificates • Enrolment authentication • Only authenticate on this device • Leaving identity everywhere • What happens when? – Cert Expires every year – CA Expires every 5 years – Device is upgraded or sold X AAA Sec UX ROI
  • 6. © 2014 SecurEnvoy One Identity is the Solution SMS Pre-Load On-Demand 3 Codes Periodic Phone or Tablet App Laptop X X X • One Soft Token Identity • Self Service “Manage My Token” portal • Change many times @ no additional cost
  • 7. © 2014 SecurEnvoy Push Technologies • Requires GSM DATA • No unique Passcode • Push sent to all devices • No session locking – Shoulder surfer connects just before? AAA Sec UX ROI
  • 8. © 2014 SecurEnvoy Adaptive Authentication Bob - Logs in from coffee shop No Passcode Prompt Bob - Logs in from home No Passcode Prompted Bob - Logs in from USA Passcode Prompted Bob - Logs in from airport Passcode Prompt AAA UX ROINOT a consistent user experience 
  • 9. © 2014 SecurEnvoy The Problem • SMS delivery delays • Expect around 4% of SMS messages to takes longer that 1 minute • SLA’s on delivery DON’T cover sending to the user’s phone • Signal dead spots • buildings with wide outer walls • underground basements • computer rooms • Phone is used to connect to the internet • Some phones can’t receive SMS when a data connection is active “96% of texts are delivered within 10 seconds” source Vodafone Real Time SMS UserID & Pin SMS Sent to Phone AAA Secure UX ROI
  • 10. © 2014 SecurEnvoy Something You Know Something You Own Andyk P0stcode 956324 Next Required Passcode Sent To Phone (overwrites previous message) Passcode 769310 Pre-Loaded SMS AAA Secure UX ROI
  • 11. © 2014 SecurEnvoy SMS Gateway Delivery Wrong Approach • Limited SMS Gateways options • Tied to one provider – Be wary of hidden costs – International coverage Correct Approach • Multiple SMS gateway options – Intelligent routing – Redundant failover – Multiple methods – competitive SMS providers brings lower costs Telco SMS Provider
  • 13. © 2014 SecurEnvoy SEED Security XXX XXX
  • 14. © 2014 SecurEnvoy Seed 1st Part QRCode Scan 8 Digit Code Seed 1st Part Fingerprint of Phone Seed 2nd PartSeed 2nd Part 2nd Seed Part is recreated each time a passcode is crea Seed 2nd PartSeed 2nd PartSeed 2nd Part Random 1st Seed Part Created Locally Seeds are NOT stored by SecurEnvoy AES 256 Bit Encrypted SEED Security
  • 15. © 2014 SecurEnvoy iPhone 4 iPhone 5 No Additional Cost To upgrade to a new phone Old Seed Deleted From Server New Seed Created Soft Token - Upgrade Phone AAA Secure UX ROI
  • 16. © 2014 SecurEnvoy What does the user want? This? AQ4£Dhdboie Bu7&6tgy)99 7h15!s57up!d Or this? This?
  • 17. © 2014 SecurEnvoy One Swipe Via QRCode ****** *********** Scan QRCode From Phone Enter Pin One Time QRCode • No Phone Signal or Data Connection Required • Automatic Time Sync to +/- 13 Hours GMT (any time zone)
  • 18. © 2014 SecurEnvoy Off-line or behind a firewall One Swipe Don’t need to enter UserID Don’t need to enter passcode Don’t need to re-enter passcode JUST PIN & SWIPE No Signal VPN Login Templates Isolated
  • 19. © 2014 SecurEnvoy One Swipe Future Road Map ****** *********** Enter Pin AAA Secure UX ROI
  • 20. © 2014 SecurEnvoy 2FA Token Types, Talk To Us @ Stand H10 • Hard Tokens • Certificates • Push • Adaptive • RealTime SMS • Pre Load SMS • Soft Token • One Swipe AAA Sec UX ROI AAA Sec UX ROI AAA UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI AAA Secure UX ROI
  • 21. © 2014 SecurEnvoy See us on Stand H10