Ping Identity, profile picture
Uploaded byPing Identity
478 views

Webinar: Three Steps to Transform Your Mobile App into a Security Factor

The document outlines three steps to transform a mobile app into a security factor, emphasizing the importance of creating a trusted device through device secrets rather than relying on SMS or email for two-factor authentication. It details enrollment strategies, execution methods for user interactions, and planning for emergencies to ensure user experience and security. Overall, the transformation requires careful planning but offers significant benefits, including increased control and user participation.

Embed presentation

THREE STEPS TO TRANSFORM YOUR MOBILE APP INTO A SECURITY FACTOR August, 2017 1 Copyright ©2017 Ping Identity Corporation. All rights reserved.
SECURE & CONVENIENT INTERACTIONS Customer Security Two-factor authentication is increasingly important [for CIAM] Copyright ©2017 Ping Identity Corporation. All rights reserved.2 “ “ Customer Experience Customers have a low tolerance for poor user experience “ “ Security Customer Experience
WHAT DOES YOUR APP LOOK LIKE TODAY? Copyright ©2017 Ping Identity Corporation. All rights reserved.3 Communication Channel Authentication Flows A
YOUR APP CAN BE SOMETHING ELSE …a security factor §  More secure than SMS §  Benefits beyond mobile §  Brand preservation §  Convenient and secure 4 Copyright ©2017 Ping Identity Corporation. All rights reserved.
CREATING A TRUSTED DEVICE Copyright ©2017 Ping Identity Corporation. All rights reserved.5 §  Your app has access to device secrets §  Device secrets associated with a user, create a trusted device §  Device secrets are secure A ******Device Secrets Your Server and Database
WHY IS A TRUSTED DEVICE MORE SECURE than SMS? 6 Copyright ©2017 Ping Identity Corporation. All rights reserved. SMS text messages are often the weakest link in two-step logins. ~www.wired.com “ “ An out-of-band secret sent via SMS is received by an attacker who has convinced the mobile operator to redirect the victim’s mobile phone to the attacker. ~National Institute for Standards & Technology “ “
WHY IS A TRUSTED DEVICE MORE SECURE than SMS? Copyright ©2017 Ping Identity Corporation. All rights reserved.7 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Number spoofed SMS intercepted Off-brand experience for user verification Hacker authenticated Credentials verified Sends credentials 4a Mobile App Hosting Server
WHY IS A TRUSTED DEVICE MORE SECURE than Email? Copyright ©2017 Ping Identity Corporation. All rights reserved.8 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Hacker uses stolen credentials to access email Clunky, multi-step process for user verification Hacker authenticated Credentials verified Sends credentials 4a Mobile App Hosting Server
WHY IS A TRUSTED DEVICE MORE SECURE? Device Secrets! Copyright ©2017 Ping Identity Corporation. All rights reserved.9 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Deny Touch ID for “Your App” A New Device is Attempting to Login Seamless, secure user experience Credentials verified Device secrets not verified Hacker access denied Sends credentials & device secretsMobile App Hosting Server
WHAT ABOUT MULTIPLE TRUSTED DEVICES? Copyright ©2017 Ping Identity Corporation. All rights reserved.10 Primary Device Other Trusted Devices •  Shared Smart Phones •  Shared Tablets •  Secondary Devices Primary Device Trusted iOS Tablet Trusted Android Tablet •  Add New Devices •  Block Devices •  Change Primary Device Delegated Device Admin
UTILIZE YOUR MOBILE APP FOR: ü  Web authentications ü  Device-based, mobile authentications ü  Transaction approvals ü  Identity verifications by CSRs ü  Password resets ü  Many more! Copyright ©2017 Ping Identity Corporation. All rights reserved.11
TO START: DISCONNECTION Confidential | Do not distribute — Copyright ©2017 Ping Identity Corporation. All rights reserved.12
TRUSTED DEVICE AS A FACTOR §  A trusted app on a trusted device buys you –  ”something you have” –  A feedback loop –  An anchor for trust §  The user becomes part of the process –  Can verify transactions –  Can notify on fraud Copyright ©2017 Ping Identity Corporation. All rights reserved.13 A
THE GOAL Copyright ©2017 Ping Identity Corporation. All rights reserved.14
THREE STEPS TO APP AS A FACTOR 1.  Enrollment –  What is your strategy to turn on a trusted device 2.  Execution –  How will you use the feedback loop 3.  Emergencies –  What happens when things go wrong –  Offline, theft Copyright ©2017 Ping Identity Corporation. All rights reserved.15
STEP 1: ENROLLMENT §  Several models to choose from: –  Opt-in in app –  Opt-in in preferences –  Required choice of factors –  Passive enrollment ›  The default with email & SMS Copyright ©2017 Ping Identity Corporation. All rights reserved.16
STEP 2: EXECUTION Copyright ©2017 Ping Identity Corporation. All rights reserved.17 §  Login time: –  Browser à Device ›  Interaction at web authentication –  Device à Device ›  Interaction at app installation –  Single Device – check for trust §  Transaction time –  Purchase –  Consent §  Management Time
STEP 3: EMERGENCIES §  99.99% of the time, these kinds of security factors are transparent. §  0.01% of the time they are the face of your organization §  Plan for the 0.01% Copyright ©2017 Ping Identity Corporation. All rights reserved.18
LOST A PASSWORD Copyright ©2017 Ping Identity Corporation. All rights reserved.19
ON AN AIRPLANE Copyright ©2017 Ping Identity Corporation. All rights reserved.20 Trusted Device not Found Shopco app Note: I mocked this up but the underlying functionality exists
LOST DEVICE 21 §  Trusted secondary devices can be promoted
LOST IT ALL §  Email recovery becomes the bottom of the sieve –  SMS is problematic when coupled with device theft §  Majority of customers are able to use self-service options Copyright ©2017 Ping Identity Corporation. All rights reserved.22
SUMMARY §  Converting your app into a security factor is not difficult but it takes planning §  Advantages are huge and the organization has a lot of control over how the user participates §  Be sure to spend time on failure cases, but don’t forget the large population that can navigate in a completely self-service and secure way Copyright ©2017 Ping Identity Corporation. All rights reserved.23
SEE A FULL DEMO OF PINGID DEMO LINK: https://www.pingidentity.com/en/resources/client-library/webinars/2017/PingID-sdk-multi-factor-authentication-for-customers.html Copyright ©2017 Ping Identity Corporation. All rights reserved.24
25 Q&A

More Related Content

PDF
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
byPing Identity
 
PPTX
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
byPing Identity
 
PDF
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
byPing Identity
 
PPTX
Criteria for Effective Modern IAM Strategies (Gartner IAM 2018)
byPing Identity
 
PDF
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
byPing Identity
 
PPTX
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
byPing Identity
 
PPTX
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
byPing Identity
 
PPTX
Managing Identity without Boundaries
byPing Identity
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
byPing Identity
 
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
byPing Identity
 
GDPR & Customer IAM: The Real Winners Won’t Stop At Compliance
byPing Identity
 
Criteria for Effective Modern IAM Strategies (Gartner IAM 2018)
byPing Identity
 
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
byPing Identity
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
byPing Identity
 
Identity Beyond Employees: How Customer Experience Impacts Your IAM Practices
byPing Identity
 
Managing Identity without Boundaries
byPing Identity
 

What's hot

PPTX
Catalyst 2015: Patrick Harding
byPing Identity
 
PPT
You Can't Spell Enterprise Security without MFA
byPing Identity
 
PPTX
Connecting The Real World With The Virtual World
byPing Identity
 
PPTX
9.35am robert humphrey
byArgyle Executive Forum
 
PPT
Identity-Defined Privacay & Security for Internet of Things
byPing Identity
 
PDF
The Case For Next Generation IAM
byPatrick Harding
 
PDF
Security On The Edge - A New Way To Think About Securing the Internet of Things
byForgeRock
 
PDF
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
byForgeRock
 
PPTX
Identity Live Sydney 2017 - Michael Dowling
byForgeRock
 
PPTX
Identity's Role in a Zero Trust Strategy
byOkta-Inc
 
PDF
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
byForgeRock
 
PDF
API Security Needs AI Now More Than Ever
byPing Identity
 
PDF
Clear and Present Danger
byPing Identity
 
PDF
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
byPing Identity
 
PPTX
Three ways-zero-trust-security-redefines-partner-access-v8
byZscaler
 
PDF
Optimize Your Zero Trust Infrastructure
byPing Identity
 
PDF
Sacon - IoT Hackfest (Sri Chakradhar K)
byPriyanka Aash
 
PDF
Okta Digital Enterprise Report
byOkta-Inc
 
PDF
SWM_WP_MaturityModel_July15
byMike Lemons
 
PDF
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 
Catalyst 2015: Patrick Harding
byPing Identity
 
You Can't Spell Enterprise Security without MFA
byPing Identity
 
Connecting The Real World With The Virtual World
byPing Identity
 
9.35am robert humphrey
byArgyle Executive Forum
 
Identity-Defined Privacay & Security for Internet of Things
byPing Identity
 
The Case For Next Generation IAM
byPatrick Harding
 
Security On The Edge - A New Way To Think About Securing the Internet of Things
byForgeRock
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
byForgeRock
 
Identity Live Sydney 2017 - Michael Dowling
byForgeRock
 
Identity's Role in a Zero Trust Strategy
byOkta-Inc
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
byForgeRock
 
API Security Needs AI Now More Than Ever
byPing Identity
 
Clear and Present Danger
byPing Identity
 
Hitchhikers Guide to the Identiverse - How Federated Business will Rule the W...
byPing Identity
 
Three ways-zero-trust-security-redefines-partner-access-v8
byZscaler
 
Optimize Your Zero Trust Infrastructure
byPing Identity
 
Sacon - IoT Hackfest (Sri Chakradhar K)
byPriyanka Aash
 
Okta Digital Enterprise Report
byOkta-Inc
 
SWM_WP_MaturityModel_July15
byMike Lemons
 
Identity and Access Management from Microsoft and Razor Technology
byDavid J Rosenthal
 

Similar to Webinar: Three Steps to Transform Your Mobile App into a Security Factor

PDF
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
byCloudIDSummit
 
PDF
Introduction to the FIDO Alliance
byFIDO Alliance
 
PDF
DIRECTORY CIS 2015 - Eric Fazendin
byCloudIDSummit
 
PDF
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
byCloudIDSummit
 
PDF
The State of Mobile Security and How Identity Advancement Plays an Essential ...
byDana Gardner
 
PDF
What about Two Factor Authentication?
bySinch
 
PDF
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...
byOKsystem
 
KEY
Smartphone security
byMike Brannon
 
PDF
Market Study on Mobile Authentication
byFIDO Alliance
 
PPTX
Outside the Office: Mobile Security
byMcKonly & Asbury, LLP
 
PDF
3 steps security
bybrightfire-slides
 
PDF
Smartphones' Security
byNicola Cadenelli
 
PPTX
Authentifusion: Clarifying the Future of Customer Authentication
byMichael Thelander
 
PDF
Introduction to FIDO Authentication
byFIDO Alliance
 
DOC
status
bypixeldemo
 
DOC
status
bypixeldemo
 
DOC
ffv
bypixeldemo
 
PDF
Intelligent Authentication (Identity Live Berlin 2018)
byForgeRock
 
PDF
Google Case Study - Towards simpler, stronger authentication
byFIDO Alliance
 
PDF
ConfidentID_broc
byWendy Wheeler
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
byCloudIDSummit
 
Introduction to the FIDO Alliance
byFIDO Alliance
 
DIRECTORY CIS 2015 - Eric Fazendin
byCloudIDSummit
 
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
byCloudIDSummit
 
The State of Mobile Security and How Identity Advancement Plays an Essential ...
byDana Gardner
 
What about Two Factor Authentication?
bySinch
 
Smart Cards & Devices Forum 2012 - Mobile ID usnadňuje život jak uživatelům, ...
byOKsystem
 
Smartphone security
byMike Brannon
 
Market Study on Mobile Authentication
byFIDO Alliance
 
Outside the Office: Mobile Security
byMcKonly & Asbury, LLP
 
3 steps security
bybrightfire-slides
 
Smartphones' Security
byNicola Cadenelli
 
Authentifusion: Clarifying the Future of Customer Authentication
byMichael Thelander
 
Introduction to FIDO Authentication
byFIDO Alliance
 
status
bypixeldemo
 
status
bypixeldemo
 
ffv
bypixeldemo
 
Intelligent Authentication (Identity Live Berlin 2018)
byForgeRock
 
Google Case Study - Towards simpler, stronger authentication
byFIDO Alliance
 
ConfidentID_broc
byWendy Wheeler
 

More from Ping Identity

PDF
Healthcare Patient Experiences Matter
byPing Identity
 
PDF
Ping’s Technology Partner Program
byPing Identity
 
PDF
Remote Work Fuels Zero Trust Growth
byPing Identity
 
PDF
Identity Verification: Who’s Really There?
byPing Identity
 
PDF
Extraordinary Financial Customer Experiences
byPing Identity
 
PDF
Extraordinary Retail Customer Experiences
byPing Identity
 
PDF
Security Practices: The Generational Gap | Infographic
byPing Identity
 
PDF
Security Concerns Around the World | Infographic
byPing Identity
 
PDF
LES ATTITUDES DES CONSOMMATEURS À L’ÈRE DES CYBERATTAQUES
byPing Identity
 
PDF
WIE TICKEN VERBRAUCHER IM ZEITALTER DER DATENSCHUTZVERLETZUNGEN?
byPing Identity
 
PDF
Consumer Attitudes in a Post-breach Era: The Geographical Gap
byPing Identity
 
PDF
ATTITUDES DES CONSOMMATEURS A L’ERE DES PIRATAGES LE CONFLIT DE GENERATIONS
byPing Identity
 
PDF
2018 Survey: Consumer Attitudes in a Post-Breach Era - The Generational Gap
byPing Identity
 
PDF
WIE TICKEN VERBRAUCHER IM ZEITALTER DER DATENSCHUTZVERLETZUNGEN? ALLES EINE F...
byPing Identity
 
PDF
Fishing for a CIAM Platform? 11 Question to Ask Before You Buy
byPing Identity
 
PDF
Digital Transformation and the Role of IAM
byPing Identity
 
PDF
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
byPing Identity
 
Healthcare Patient Experiences Matter
byPing Identity
 
Ping’s Technology Partner Program
byPing Identity
 
Remote Work Fuels Zero Trust Growth
byPing Identity
 
Identity Verification: Who’s Really There?
byPing Identity
 
Extraordinary Financial Customer Experiences
byPing Identity
 
Extraordinary Retail Customer Experiences
byPing Identity
 
Security Practices: The Generational Gap | Infographic
byPing Identity
 
Security Concerns Around the World | Infographic
byPing Identity
 
LES ATTITUDES DES CONSOMMATEURS À L’ÈRE DES CYBERATTAQUES
byPing Identity
 
WIE TICKEN VERBRAUCHER IM ZEITALTER DER DATENSCHUTZVERLETZUNGEN?
byPing Identity
 
Consumer Attitudes in a Post-breach Era: The Geographical Gap
byPing Identity
 
ATTITUDES DES CONSOMMATEURS A L’ERE DES PIRATAGES LE CONFLIT DE GENERATIONS
byPing Identity
 
2018 Survey: Consumer Attitudes in a Post-Breach Era - The Generational Gap
byPing Identity
 
WIE TICKEN VERBRAUCHER IM ZEITALTER DER DATENSCHUTZVERLETZUNGEN? ALLES EINE F...
byPing Identity
 
Fishing for a CIAM Platform? 11 Question to Ask Before You Buy
byPing Identity
 
Digital Transformation and the Role of IAM
byPing Identity
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
byPing Identity
 

Recently uploaded

PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
DOCX
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
The year in review - MarvelClient in 2025
bypanagenda
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Cloud Security, Serverless Security. Cybersecurity
byEdcelPacayraDuena
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 

Webinar: Three Steps to Transform Your Mobile App into a Security Factor

  • 1.
    THREE STEPS TO TRANSFORMYOUR MOBILE APP INTO A SECURITY FACTOR August, 2017 1 Copyright ©2017 Ping Identity Corporation. All rights reserved.
  • 2.
    SECURE & CONVENIENTINTERACTIONS Customer Security Two-factor authentication is increasingly important [for CIAM] Copyright ©2017 Ping Identity Corporation. All rights reserved.2 “ “ Customer Experience Customers have a low tolerance for poor user experience “ “ Security Customer Experience
  • 3.
    WHAT DOES YOURAPP LOOK LIKE TODAY? Copyright ©2017 Ping Identity Corporation. All rights reserved.3 Communication Channel Authentication Flows A
  • 4.
    YOUR APP CANBE SOMETHING ELSE …a security factor §  More secure than SMS §  Benefits beyond mobile §  Brand preservation §  Convenient and secure 4 Copyright ©2017 Ping Identity Corporation. All rights reserved.
  • 5.
    CREATING A TRUSTEDDEVICE Copyright ©2017 Ping Identity Corporation. All rights reserved.5 §  Your app has access to device secrets §  Device secrets associated with a user, create a trusted device §  Device secrets are secure A ******Device Secrets Your Server and Database
  • 6.
    WHY IS ATRUSTED DEVICE MORE SECURE than SMS? 6 Copyright ©2017 Ping Identity Corporation. All rights reserved. SMS text messages are often the weakest link in two-step logins. ~www.wired.com “ “ An out-of-band secret sent via SMS is received by an attacker who has convinced the mobile operator to redirect the victim’s mobile phone to the attacker. ~National Institute for Standards & Technology “ “
  • 7.
    WHY IS ATRUSTED DEVICE MORE SECURE than SMS? Copyright ©2017 Ping Identity Corporation. All rights reserved.7 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Number spoofed SMS intercepted Off-brand experience for user verification Hacker authenticated Credentials verified Sends credentials 4a Mobile App Hosting Server
  • 8.
    WHY IS ATRUSTED DEVICE MORE SECURE than Email? Copyright ©2017 Ping Identity Corporation. All rights reserved.8 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Hacker uses stolen credentials to access email Clunky, multi-step process for user verification Hacker authenticated Credentials verified Sends credentials 4a Mobile App Hosting Server
  • 9.
    WHY IS ATRUSTED DEVICE MORE SECURE? Device Secrets! Copyright ©2017 Ping Identity Corporation. All rights reserved.9 Credentials Stolen •  Phishing •  Brute Force •  Password Reuse Deny Touch ID for “Your App” A New Device is Attempting to Login Seamless, secure user experience Credentials verified Device secrets not verified Hacker access denied Sends credentials & device secretsMobile App Hosting Server
  • 10.
    WHAT ABOUT MULTIPLETRUSTED DEVICES? Copyright ©2017 Ping Identity Corporation. All rights reserved.10 Primary Device Other Trusted Devices •  Shared Smart Phones •  Shared Tablets •  Secondary Devices Primary Device Trusted iOS Tablet Trusted Android Tablet •  Add New Devices •  Block Devices •  Change Primary Device Delegated Device Admin
  • 11.
    UTILIZE YOUR MOBILEAPP FOR: ü  Web authentications ü  Device-based, mobile authentications ü  Transaction approvals ü  Identity verifications by CSRs ü  Password resets ü  Many more! Copyright ©2017 Ping Identity Corporation. All rights reserved.11
  • 12.
    TO START: DISCONNECTION Confidential| Do not distribute — Copyright ©2017 Ping Identity Corporation. All rights reserved.12
  • 13.
    TRUSTED DEVICE ASA FACTOR §  A trusted app on a trusted device buys you –  ”something you have” –  A feedback loop –  An anchor for trust §  The user becomes part of the process –  Can verify transactions –  Can notify on fraud Copyright ©2017 Ping Identity Corporation. All rights reserved.13 A
  • 14.
    THE GOAL Copyright ©2017Ping Identity Corporation. All rights reserved.14
  • 15.
    THREE STEPS TOAPP AS A FACTOR 1.  Enrollment –  What is your strategy to turn on a trusted device 2.  Execution –  How will you use the feedback loop 3.  Emergencies –  What happens when things go wrong –  Offline, theft Copyright ©2017 Ping Identity Corporation. All rights reserved.15
  • 16.
    STEP 1: ENROLLMENT § Several models to choose from: –  Opt-in in app –  Opt-in in preferences –  Required choice of factors –  Passive enrollment ›  The default with email & SMS Copyright ©2017 Ping Identity Corporation. All rights reserved.16
  • 17.
    STEP 2: EXECUTION Copyright©2017 Ping Identity Corporation. All rights reserved.17 §  Login time: –  Browser à Device ›  Interaction at web authentication –  Device à Device ›  Interaction at app installation –  Single Device – check for trust §  Transaction time –  Purchase –  Consent §  Management Time
  • 18.
    STEP 3: EMERGENCIES § 99.99% of the time, these kinds of security factors are transparent. §  0.01% of the time they are the face of your organization §  Plan for the 0.01% Copyright ©2017 Ping Identity Corporation. All rights reserved.18
  • 19.
    LOST A PASSWORD Copyright©2017 Ping Identity Corporation. All rights reserved.19
  • 20.
    ON AN AIRPLANE Copyright©2017 Ping Identity Corporation. All rights reserved.20 Trusted Device not Found Shopco app Note: I mocked this up but the underlying functionality exists
  • 21.
    LOST DEVICE 21 §  Trustedsecondary devices can be promoted
  • 22.
    LOST IT ALL § Email recovery becomes the bottom of the sieve –  SMS is problematic when coupled with device theft §  Majority of customers are able to use self-service options Copyright ©2017 Ping Identity Corporation. All rights reserved.22
  • 23.
    SUMMARY §  Converting yourapp into a security factor is not difficult but it takes planning §  Advantages are huge and the organization has a lot of control over how the user participates §  Be sure to spend time on failure cases, but don’t forget the large population that can navigate in a completely self-service and secure way Copyright ©2017 Ping Identity Corporation. All rights reserved.23
  • 24.
    SEE A FULLDEMO OF PINGID DEMO LINK: https://www.pingidentity.com/en/resources/client-library/webinars/2017/PingID-sdk-multi-factor-authentication-for-customers.html Copyright ©2017 Ping Identity Corporation. All rights reserved.24
  • 25.