SlideShare a Scribd company logo

Mobile Authentication on the Internet

Download as PPTX, PDF
evidos
evidos

The document discusses using the SIM card for secure authentication on the internet. It notes growing demand for authentication of online banking, corporate systems, and government services. The SIM card provides a secure, standardized platform that over 4 billion users always carry. It could enable mobile operators to become internet security providers by leveraging the SIM card for authentication through technologies like one-time passwords and wireless PKI. A demonstration showed how the SIM could support authentication through OpenID for social networks, banking, and other online services.

Technology
1 of 10
Mobile Authentication on the Internet Presented by Paul Lahaije “OpenID Event”, Haarlem, 12 May 2009 1 Extended roles for the SIM C1 14 May 2009 Group R&D
Increasing demand for secure authentication on the Internet • Secure remote access to Corporate IT systems Online –Market value of $608Mn in 2008 governmental services (IDC). • Online banking –A survey of European retail banks identified ID theft as the highest financial crime priority to address User authentication • Online identity “Are you really the –challenge of securely managing person you claim to be?” multiple passwords and online identities • E-government –Filing online tax returns (e.g. DIGID in the Netherlands) 2 Extended roles for the SIM C1 14 May 2009 Group R&D
The added value of Mobile Authentication • Adding security to online services (Second channel for authentication) • Improved user convenience (Single Sign On) • Availability: User’s always carry their mobile phone with them Picture to be added • Mobile phone penetration is close to 100% in many markets • Real-time communication interface to the user • Effective fraud control - customers on average report a stolen mobile phone in 28 minutes and application can be stopped immediately over the mobile network. 3 Extended roles for the SIM C1 14 May 2009 Group R&D
The core value of the SIM • Secure authentication for more than 4 Billion users • As secure as banking cards • Standardized – Global Platform, ETSI-SCP – SIM Toolkit applications / Java clients • Multi application platform – The SIM can host service provider trusted applications (e.g. banking application, NFC ticketing) in separate security domains – Service providers can “rent” their own space in the SIM • Remote Management over the air – Payment providers can remotely manage their own applications via a trusted third party • Portable, terminal independent 4 Extended roles for the SIM C1 14 May 2009 Group R&D
SIM technology evolution • Smart Card Web Server (OMA); an embedded web server on the SIM • USB High Speed Interface, TCP/IP supported • Secure domains on smartcards to support multiple applications • Towards an open internet compatible smart card execution environment: Javacard, .NET, Java Servlet, SCWS The SIM is becoming a secure IP network element 5 Extended roles for the SIM C1 14 May 2009 Group R&D
The SIM as the Identity Token for the Internet Enabling the Mobile Operator to become an Internet Security Provider • Adding Security to the Internet (e.g. PKI based user authentication) • Improving user convenience more more convenience security (no need to remember multiple usernames/passwords) less less • Digital Identity Management (private information stored on the SIM) 6 Extended roles for the SIM C1 14 May 2009 Group R&D
SIM-Based Authentication Architecture Identity Provider: Web Service: -OpenID -Online Banking -Liberty Alliance -E-Government service -Microsoft CardSpace -Social network service - ... -OpenID Consumer Authentication Services: IP/Device -One-Time-Password -Wireless PKI Convergence -.... User Interface: -(Mobile) Web Browser -(Mobile) Widget -SIM Intelligent Client - ... 7 Extended roles for the SIM C1 14 May 2009 Group R&D
Demonstration • Introducing SIM based authentication to OpenID • Supporting different authentication methods – One-Time-Password – WPKI • Could be applied to various online services – Online social network services – Online banking – E-government services • Demonstration movie 8 Extended roles for the SIM C1 14 May 2009 Group R&D
Summary and Conclusions • The SIM can enable Mobile Operators to become Internet Security Providers, offering Security and Identity for online services Let’s join forces to exploit the SIM strength’s to become “The Identity Token” for the Internet. 9 Extended roles for the SIM C1 14 May 2009 Group R&D
Thank you 10 Extended roles for the SIM C1 14 May 2009 Group R&D

Recommended

Industrial application on online banking
Industrial application on online bankingIndustrial application on online banking
Industrial application on online bankingAbhilash Kallayil
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Knowledge Group
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CloudIDSummit
 
A Telco and End-user Perspective on the Authentication Journey
A Telco and End-user Perspective on the Authentication JourneyA Telco and End-user Perspective on the Authentication Journey
A Telco and End-user Perspective on the Authentication Journey
FIDO Alliance
 
Cidway Byod Authentication
Cidway Byod AuthenticationCidway Byod Authentication
Cidway Byod Authentication
lfilliat
 
Business2Blockchain Product Example
Business2Blockchain Product ExampleBusiness2Blockchain Product Example
Business2Blockchain Product Example
Morne Olivier
 
Telia - The New Norm of the Digital World
Telia - The New Norm of the Digital WorldTelia - The New Norm of the Digital World
Telia - The New Norm of the Digital World
Ubisecure
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network Security
Andreas Leicher
 

Recommended

Industrial application on online banking
Industrial application on online bankingIndustrial application on online banking
Industrial application on online bankingAbhilash Kallayil
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Knowledge Group
 
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David PollingtonCIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CIS 2015-Putting Control Back in the Users’ Hands- David Pollington
CloudIDSummit
 
A Telco and End-user Perspective on the Authentication Journey
A Telco and End-user Perspective on the Authentication JourneyA Telco and End-user Perspective on the Authentication Journey
A Telco and End-user Perspective on the Authentication Journey
FIDO Alliance
 
Cidway Byod Authentication
Cidway Byod AuthenticationCidway Byod Authentication
Cidway Byod Authentication
lfilliat
 
Business2Blockchain Product Example
Business2Blockchain Product ExampleBusiness2Blockchain Product Example
Business2Blockchain Product Example
Morne Olivier
 
Telia - The New Norm of the Digital World
Telia - The New Norm of the Digital WorldTelia - The New Norm of the Digital World
Telia - The New Norm of the Digital World
Ubisecure
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network Security
Andreas Leicher
 
case-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_encase-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_enAlix Murphy
 
Mobile Payments
Mobile PaymentsMobile Payments
Mobile Payments
Mike Batton
 
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting SeriousThe Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
IBM Security
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop
 
Mobile Payments Framework
Mobile Payments FrameworkMobile Payments Framework
Mobile Payments Framework
Lakshmana Kattula
 
Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?
Isabelle Berner
 
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
IJNSA Journal
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013Alix Murphy
 
Iiw13 identifying with_your_bank
Iiw13 identifying with_your_bankIiw13 identifying with_your_bank
Iiw13 identifying with_your_bank
Steve Sidner
 
Mobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional BankingMobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional Banking
Infosys Finacle
 
Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013Tarang Shah
 
Is714 visa
Is714 visaIs714 visa
Is714 visa
monicalejandra11
 
We Authenticate the World
We Authenticate the WorldWe Authenticate the World
We Authenticate the World
VASCO Data Security
 
Mobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpointMobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpoint
AJAVON Samuel
 
Mobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of ViewMobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of View
Mark Sherman
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
TransUnion
 
Identity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuIdentity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanu
E-Government Center Moldova
 
WTT
WTTWTT
WTTPabliXBA
 
OpenID SWOT analysis 2011
OpenID SWOT analysis 2011OpenID SWOT analysis 2011
OpenID SWOT analysis 2011
evidos
 
памятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березникипамятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березники
YachmenevaIrene
 
De Rechtsstaat
De RechtsstaatDe Rechtsstaat
De Rechtsstaat
Tijsteriffic
 

More Related Content

What's hot

case-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_encase-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_enAlix Murphy
 
Mobile Payments
Mobile PaymentsMobile Payments
Mobile Payments
Mike Batton
 
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting SeriousThe Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
IBM Security
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop
 
Mobile Payments Framework
Mobile Payments FrameworkMobile Payments Framework
Mobile Payments Framework
Lakshmana Kattula
 
Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?
Isabelle Berner
 
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
IJNSA Journal
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013Alix Murphy
 
Iiw13 identifying with_your_bank
Iiw13 identifying with_your_bankIiw13 identifying with_your_bank
Iiw13 identifying with_your_bank
Steve Sidner
 
Mobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional BankingMobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional Banking
Infosys Finacle
 
Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013Tarang Shah
 
Is714 visa
Is714 visaIs714 visa
Is714 visa
monicalejandra11
 
We Authenticate the World
We Authenticate the WorldWe Authenticate the World
We Authenticate the World
VASCO Data Security
 
Mobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpointMobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpoint
AJAVON Samuel
 
Mobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of ViewMobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of View
Mark Sherman
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
TransUnion
 
Identity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuIdentity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanu
E-Government Center Moldova
 

What's hot (18)

case-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_encase-study-on-digital-identity-swisscom-mobile-id_en
case-study-on-digital-identity-swisscom-mobile-id_en
 
Mobile Payments
Mobile PaymentsMobile Payments
Mobile Payments
 
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting SeriousThe Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
The Cybercriminal Approach to Mobile Fraud: Now They’re Getting Serious
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
 
Mobile Payments Framework
Mobile Payments FrameworkMobile Payments Framework
Mobile Payments Framework
 
Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?Mobile Money: Banks & Telcos, who’s the Boss?
Mobile Money: Banks & Telcos, who’s the Boss?
 
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
A need for peer to-peer strong local authentication protocol (p2 pslap) in mo...
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
GSMA-Mobile-Identity_Case-Study_Dialog-Connect_May2013
 
Iiw13 identifying with_your_bank
Iiw13 identifying with_your_bankIiw13 identifying with_your_bank
Iiw13 identifying with_your_bank
 
Mobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional BankingMobile Banking – A Transformation of Traditional Banking
Mobile Banking – A Transformation of Traditional Banking
 
Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013Future of mobile payment and mobile commerce may 2013
Future of mobile payment and mobile commerce may 2013
 
Is714 visa
Is714 visaIs714 visa
Is714 visa
 
We Authenticate the World
We Authenticate the WorldWe Authenticate the World
We Authenticate the World
 
Mobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpointMobile money, a development tool for benin powerpoint
Mobile money, a development tool for benin powerpoint
 
Mobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of ViewMobile Payments: An IBM Point of View
Mobile Payments: An IBM Point of View
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
 
Identity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuIdentity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanu
 

Viewers also liked

OpenID SWOT analysis 2011
OpenID SWOT analysis 2011OpenID SWOT analysis 2011
OpenID SWOT analysis 2011
evidos
 
памятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березникипамятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березники
YachmenevaIrene
 
De Rechtsstaat
De RechtsstaatDe Rechtsstaat
De Rechtsstaat
Tijsteriffic
 
Why Relying Party´s should implement OpenID
Why Relying Party´s should implement OpenIDWhy Relying Party´s should implement OpenID
Why Relying Party´s should implement OpenID
evidos
 
Achievement motivation in imaginative thought
Achievement motivation in imaginative thoughtAchievement motivation in imaginative thought
Achievement motivation in imaginative thought
kanaidi
 

Viewers also liked (6)

WTT
WTTWTT
WTT
 
OpenID SWOT analysis 2011
OpenID SWOT analysis 2011OpenID SWOT analysis 2011
OpenID SWOT analysis 2011
 
памятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березникипамятник Алексею Решетову, Пермский край, город Березники
памятник Алексею Решетову, Пермский край, город Березники
 
De Rechtsstaat
De RechtsstaatDe Rechtsstaat
De Rechtsstaat
 
Why Relying Party´s should implement OpenID
Why Relying Party´s should implement OpenIDWhy Relying Party´s should implement OpenID
Why Relying Party´s should implement OpenID
 
Achievement motivation in imaginative thought
Achievement motivation in imaginative thoughtAchievement motivation in imaginative thought
Achievement motivation in imaginative thought
 

Similar to Mobile Authentication on the Internet

Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingOKsystem
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Miguel Pardal
 
Kona SL Profile
Kona SL ProfileKona SL Profile
Kona SL Profile
ssuser0cb2a5
 
IoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthingsIoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthings
Ed Pimentel
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
FIDO Alliance
 
Cloud signature chatbot
Cloud signature chatbotCloud signature chatbot
Cloud signature chatbot
Paolo Montrasio
 
Cloud signature chatbot
Cloud signature chatbotCloud signature chatbot
Cloud signature chatbot
Emanuele Cisbani
 
SmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseSmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseOKsystem
 
OmniSource_ppt_2011_7-2 (2)(1)
OmniSource_ppt_2011_7-2 (2)(1)OmniSource_ppt_2011_7-2 (2)(1)
OmniSource_ppt_2011_7-2 (2)(1)Andrea Colombetti
 
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET Journal
 
CM Breakfast: itsme by Belgian Mobile ID (may 2018)
CM Breakfast: itsme by Belgian Mobile ID (may 2018)CM Breakfast: itsme by Belgian Mobile ID (may 2018)
CM Breakfast: itsme by Belgian Mobile ID (may 2018)
CM.com
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
ForgeRock
 
Optimising mobile signature v4
Optimising mobile signature v4Optimising mobile signature v4
Optimising mobile signature v4moldovaictsummit
 
Cidway Securing POS Transactions
Cidway Securing POS TransactionsCidway Securing POS Transactions
Cidway Securing POS Transactions
lfilliat
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
lfilliat
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
lfilliat
 
Cidway Banking 02 2011
Cidway Banking 02 2011Cidway Banking 02 2011
Cidway Banking 02 2011
lfilliat
 
Secure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologiesSecure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologies
marketingkobil
 

Similar to Mobile Authentication on the Internet (20)

Smart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud ComputingSmart Cards & Devices Forum 2012 - Securing Cloud Computing
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...Building multi-services in personal mobile devices based on partially trusted...
Building multi-services in personal mobile devices based on partially trusted...
 
Kona SL Profile
Kona SL ProfileKona SL Profile
Kona SL Profile
 
IoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthingsIoTcloud-cybersecurity-securityofthings
IoTcloud-cybersecurity-securityofthings
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
 
Cloud signature chatbot
Cloud signature chatbotCloud signature chatbot
Cloud signature chatbot
 
Cloud signature chatbot
Cloud signature chatbotCloud signature chatbot
Cloud signature chatbot
 
SmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseSmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterprise
 
OmniSource_ppt_2011_7-2 (2)(1)
OmniSource_ppt_2011_7-2 (2)(1)OmniSource_ppt_2011_7-2 (2)(1)
OmniSource_ppt_2011_7-2 (2)(1)
 
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
IRJET- Graphical Secret Code in Internet Banking for Improved Security Transa...
 
CM Breakfast: itsme by Belgian Mobile ID (may 2018)
CM Breakfast: itsme by Belgian Mobile ID (may 2018)CM Breakfast: itsme by Belgian Mobile ID (may 2018)
CM Breakfast: itsme by Belgian Mobile ID (may 2018)
 
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
 
Optimising mobile signature v4
Optimising mobile signature v4Optimising mobile signature v4
Optimising mobile signature v4
 
Cidway Securing POS Transactions
Cidway Securing POS TransactionsCidway Securing POS Transactions
Cidway Securing POS Transactions
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technology
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
 
Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12Cidway Secure Mobile Access Transactions Short 05 12
Cidway Secure Mobile Access Transactions Short 05 12
 
Cidway Banking 02 2011
Cidway Banking 02 2011Cidway Banking 02 2011
Cidway Banking 02 2011
 
Secure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologiesSecure E-Banking with KOBIL technologies
Secure E-Banking with KOBIL technologies
 

More from evidos

Hoe weet ik wie digitaal getekend heeft?
Hoe weet ik wie digitaal getekend heeft? Hoe weet ik wie digitaal getekend heeft?
Hoe weet ik wie digitaal getekend heeft?
evidos
 
OpenID Progress EEMA Conference
OpenID Progress EEMA ConferenceOpenID Progress EEMA Conference
OpenID Progress EEMA Conference
evidos
 
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
evidos
 
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010evidos
 
OpenID binnen de Rijksoverheid
OpenID binnen de RijksoverheidOpenID binnen de Rijksoverheid
OpenID binnen de Rijksoverheid
evidos
 
Hyves Open Id
Hyves Open IdHyves Open Id
Hyves Open Id
evidos
 
Open Id Security ITsec
Open Id Security ITsecOpen Id Security ITsec
Open Id Security ITsec
evidos
 
ConsumentenID
ConsumentenIDConsumentenID
ConsumentenID
evidos
 

More from evidos (8)

Hoe weet ik wie digitaal getekend heeft?
Hoe weet ik wie digitaal getekend heeft? Hoe weet ik wie digitaal getekend heeft?
Hoe weet ik wie digitaal getekend heeft?
 
OpenID Progress EEMA Conference
OpenID Progress EEMA ConferenceOpenID Progress EEMA Conference
OpenID Progress EEMA Conference
 
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
 
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010Ontwikkelen open id na 2009 openid_meetup_15sept_2010
Ontwikkelen open id na 2009 openid_meetup_15sept_2010
 
OpenID binnen de Rijksoverheid
OpenID binnen de RijksoverheidOpenID binnen de Rijksoverheid
OpenID binnen de Rijksoverheid
 
Hyves Open Id
Hyves Open IdHyves Open Id
Hyves Open Id
 
Open Id Security ITsec
Open Id Security ITsecOpen Id Security ITsec
Open Id Security ITsec
 
ConsumentenID
ConsumentenIDConsumentenID
ConsumentenID
 

Recently uploaded

Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 

Recently uploaded (20)

Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 

Mobile Authentication on the Internet

  • 1. Mobile Authentication on the Internet Presented by Paul Lahaije “OpenID Event”, Haarlem, 12 May 2009 1 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 2. Increasing demand for secure authentication on the Internet • Secure remote access to Corporate IT systems Online –Market value of $608Mn in 2008 governmental services (IDC). • Online banking –A survey of European retail banks identified ID theft as the highest financial crime priority to address User authentication • Online identity “Are you really the –challenge of securely managing person you claim to be?” multiple passwords and online identities • E-government –Filing online tax returns (e.g. DIGID in the Netherlands) 2 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 3. The added value of Mobile Authentication • Adding security to online services (Second channel for authentication) • Improved user convenience (Single Sign On) • Availability: User’s always carry their mobile phone with them Picture to be added • Mobile phone penetration is close to 100% in many markets • Real-time communication interface to the user • Effective fraud control - customers on average report a stolen mobile phone in 28 minutes and application can be stopped immediately over the mobile network. 3 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 4. The core value of the SIM • Secure authentication for more than 4 Billion users • As secure as banking cards • Standardized – Global Platform, ETSI-SCP – SIM Toolkit applications / Java clients • Multi application platform – The SIM can host service provider trusted applications (e.g. banking application, NFC ticketing) in separate security domains – Service providers can “rent” their own space in the SIM • Remote Management over the air – Payment providers can remotely manage their own applications via a trusted third party • Portable, terminal independent 4 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 5. SIM technology evolution • Smart Card Web Server (OMA); an embedded web server on the SIM • USB High Speed Interface, TCP/IP supported • Secure domains on smartcards to support multiple applications • Towards an open internet compatible smart card execution environment: Javacard, .NET, Java Servlet, SCWS The SIM is becoming a secure IP network element 5 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 6. The SIM as the Identity Token for the Internet Enabling the Mobile Operator to become an Internet Security Provider • Adding Security to the Internet (e.g. PKI based user authentication) • Improving user convenience more more convenience security (no need to remember multiple usernames/passwords) less less • Digital Identity Management (private information stored on the SIM) 6 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 7. SIM-Based Authentication Architecture Identity Provider: Web Service: -OpenID -Online Banking -Liberty Alliance -E-Government service -Microsoft CardSpace -Social network service - ... -OpenID Consumer Authentication Services: IP/Device -One-Time-Password -Wireless PKI Convergence -.... User Interface: -(Mobile) Web Browser -(Mobile) Widget -SIM Intelligent Client - ... 7 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 8. Demonstration • Introducing SIM based authentication to OpenID • Supporting different authentication methods – One-Time-Password – WPKI • Could be applied to various online services – Online social network services – Online banking – E-government services • Demonstration movie 8 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 9. Summary and Conclusions • The SIM can enable Mobile Operators to become Internet Security Providers, offering Security and Identity for online services Let’s join forces to exploit the SIM strength’s to become “The Identity Token” for the Internet. 9 Extended roles for the SIM C1 14 May 2009 Group R&D
  • 10. Thank you 10 Extended roles for the SIM C1 14 May 2009 Group R&D