This document summarizes a presentation by Michael Thelander on leveraging trusted identity capabilities. The presentation discusses how fraud, cybersecurity, and user experience teams can better communicate by taking a risk-based approach to dynamic authentication. It provides examples of lightweight and multifactor authentication solutions and emphasizes engaging cross-functional teams to improve security while enhancing the user experience.

1. GARTNER’S CONVERGED &
COMPELLING FUTURE
MICHAEL THELANDER, SR DIR PRODUCT MARKETING
LEVERAGING THE TRUSTED IDENTITY CAPABILITIES MODEL - PART
3
JULY 2018

2. 2
MICHAEL THELANDER
S E N I O R D I R E C T O R P R O D U C T M A R K E T I N G ,
I O V A T I O N
 CISSP-trained through SANS with experience in
configuration security and authentication
 25 years in product management and product marketing, with
the last 10 focused on cyber security
 Articles have appeared in SC Magazine, IT Professional
Magazine, CyberDefense Magazine, and SoftwareCEO.com
 Drives go-to-market initiatives at iovation

3. 3
HOW CAN WE COMMUNICATE ACROSS TEAMS?

4. 4
HOW CAN WE COMMUNICATE ACROSS TEAMS?

5. 5

6. 6
FRAUD & RISK
1st and 3rd Party Fraud
Identity Theft
Application Fraud
Online Abuse
Policy Violation
Account Takeover
CYBERSECURITY
Identity and Access
Mgmt
Large-Scale
Account Takeover
Session Hijacking
Man-in-the-Middle
Attacks
SCA for PSD2
USER
EXPERIENCE
Grow the Business
Reduce Friction
Improve NPS
Omni-channel
Access
Increased
Visits/Month
Cross-device
Experience

7. 7
FRAUD & RISK
1st and 3rd Party Fraud
Identity Theft
Application Fraud
Online Abuse
Policy Violation
Account Takeover
CYBERSECURITY
Identity and Access
Mgmt
Large-Scale
Account Takeover
Session Hijacking
Man-in-the-Middle
Attacks
SCA for PSD2
USER
EXPERIENCE
Grow the Business
Reduce Friction
Improve NPS
Omni-channel
Access
Increased
Visits/Month
Cross-device
Experience

8. 8
OPERATING AT THE MARGINS

9. 9
OPERATING AT THE MARGINS

10. 10
EXPLORING GARTNER’S TICM
T H E T R U S T E D I D E N T I T Y C A P A B I L I T I E S M O D E L

11. 11
SESSION 3 AGENDA
H O W U S E R E X P E R I E N C E W I L L D R I V E T H E F U T U R E O F I A M A N D F R A U D
3
2
1

12. EXPERIENCE
THE AUTHENTICATION EXPERIENCE MATTERS

13. 13
WHICH EXPERIENCE ARE YOU
OFFERING YOUR CUSTOMER?

14. 14
WHICH EXPERIENCE ARE YOU
OFFERING YOUR CUSTOMER?

15. 15
NUMBERS TO
CONSIDER…

16. 16
VISIT RATES
H O W M A N Y T I M E S P E R M O N T H D O C U S T O M E R S V I S I T Y O U R S I T E S ?

17. 17
TIME SPENT ON SITE
H O W L O N G I S T H E A V E R A G E U S E R S E S S I O N B Y I N D U S T R Y ?

18. 18
HOW MANY DEVICES DO YOUR CUSTOMERS USE?

19. 19
PAIN FROM LOGIN
“Having to log in again to access content”

20. INTERPRETING
SIGNALS
RISK AND REWARD ARE TWO SIDES OF ONE
COIN

21. 21

22. 22
TR U STED ID EN TITY C A PA B ILITIES MOD EL
( TIC M)
W H A T T H E S I G N A L S S A Y
 “Goodness” signals
 High assurance
 Good practices for
ID proofing
 Known identities
 “Badness” signals
 Device risks
 Session risks
 Behavioral anomalies
for single targets and
organized attacks
 Bots and malware

23. 23
TR U STED ID EN TITY C A PA B ILITIES MOD EL
( TIC M)
W H E R E T H E S I G N A L S C O M E F R O M
 Authentication and
Online Fraud Detection
often use common tools
and signals
 Identity proofing
provides the critical
ingredient of Third-Party
Credentials
 The convergence of
“ID Proofing + Online
Fraud Detection” provides
the strongest overall
assurance

24. 24
TR U STED ID EN TITY C A PA B ILITIES MOD EL
( TIC M)
C O M M O N G R O U N D : F A M I L I A R P E O P L E v s . S T R A N G E P E O P L E

25. MAKING IT REAL
A CASE STUDY THAT’S NOT A “CASE STUDY”

26. 26
1. A lightweight, low impact authentication method
based on device fingerprinting and risk signals
2. A strong multifactor solution based on latest
cryptographic practices but powered by mobile apps
3. An authorization solution based on specific requests
and carrying specific details about approval

27. 27
WHAT MAKES IT WORK?
D Y N A M I C A U T H E N T I C A T I O N : R I S K - A P P R O P R I A T E , L A Y E R E D S O L U T I O N S
Transparent device-based
authentication service
Interactive multifactor
authentication solution
Interactive
group or individual authorization

28. 28
WHAT MAKES IT WORK?
D Y N A M I C A U T H E N T I C A T I O N : R I S K - A P P R O P R I A T E , L A Y E R E D S O L U T I O N S
Transparent device-based
authentication service
Interactive multifactor
authentication solution
Real-time group or individual
authorization

29. 29
WHAT MAKES IT WORK?
D Y N A M I C A U T H E N T I C A T I O N : R I S K - A P P R O P R I A T E , L A Y E R E D S O L U T I O N S
Transparent device-based
authentication service
Interactive multifactor
authentication solution
Real-time group or individual
authorization

30. 30
WHAT MAKES IT WORK?
D Y N A M I C A U T H E N T I C A T I O N : R I S K - A P P R O P R I A T E , L A Y E R E D S O L U T I O N S
Transparent device-based
authentication service
Interactive multifactor
authentication solution
Real-time group or individual
authorization

31. 31

32. 32FRAUD TEAM IAM & INFOSEC TEAM USER EXPERIENCE TEAM
HOW? ENGAGE YOUR CROSS -FUNCTIONAL TEAMS

33. 33
HOW? ENGAGE YOUR CROSS -FUNCTIONAL TEAMS
 The Fraud Team
has irreplaceable
insight but is often
seen as tactical
 The fraud team also
has something most
teams don’t (actual
cost / benefit
metrics!)
FRAUD TEAM
 Nobody wants to be
the “Director of No”
 If you’re in a
consumer space, be
customer-centric
 Consider ideas
outside of the
infosec sphere
IAM & INFOSEC TEAM
 Be a Change Agent
(all the power is in
your hands)
 Teach other teams
your language and
metrics
 Get everyone to
care about the user
journey
USER EXPERIENCE TEAMIAM & INFOSEC TEAM USER EXPERIENCE TEAM

34. 34
 www.iovation.com
/resources/reports
 Unlimited copies
through June
2017
 Perfect for both
technical and
business leaders
in all teams
NEW FROM GARTNER
S U S T A I N I N G T R U S T I N D I G I T A L I D E N T I T I E S : R E S E A R C H A N D
G U I D A N C E

35. 35
GET A FREE COPY OF ANOTHER GARTNER REPORT

36. Q&A

37. CONTACT US
www.iovation.com
@TheOtherMichael
SENIOR DIRECTOR PRODUCT MARKETING
MICHAEL
THELANDER
michael.thelander@iovation.com
503.943.6700