IT Security: Implications for the Technology Vision 2015
Business Whitepaper 2015 V1.0
1. Enabling Secure Mobility to gain a
competitive edge
The use of mobile Apps to engage with customers continues to increase rapidly in sheer volume. Forward-looking
companies embrace mobile strategies to realize digital transformation and reap the benefits from the apps they
deploy. These apps often integrate new, mobile-specific data and authorization types that require back-end
support. This paper exposes today’s mobile identity and security needs and details the holistic solution available
to capitalize on the mobility opportunity.
Authors: Denis Joannides & Alex Bausch Q1 2015 - Version 1.0
Business
Whitepaper
2. T +31(0)30 711 6845 | E info@onegini.com | www.onegini.com
The growing use of smart mobile devices accessing
personal services has a big effect on authentication
and identity assurance. As the smartphone
has become the “remote control” to the cloud,
proving your identity has become imperative.
Traditional password and 2-Factor solutions are
often inconvenient for smartphones, not secure
and difficult to scale to mass consumer services.
Meanwhile, businesses are adopting mobile
strategies in order to fuel strategic business
initiatives that increase revenues, open new
markets, lower expenses and enhance market
share.
Onegini strongly believes that the high penetration
of smartphones and other smart devices, combined
with the need for personalized online services will
boost the need for a robust, integrated and easy to
use secure authentication solution.
Consumers expect more ways to engage with
your business, in particular through mobile
Apps. Consumers don’t just expect a seamless
experience; they also want the ability to leverage
new technology in their everyday lives. Mobile
engagement tools have become a basic necessity
for doing business, and are tied directly to
the bottom line. A secure mobile identity
and authentication solution is a fundamental
requirement. Businesses and organizations cannot
properly take advantage of mobile and cloud
without a scalable strategy on mobile identity.
Without it, they have no way to identify and engage
with their customers in a meaningful way.
Internet scale, ease of use, secure and modular
Onegini developed the Mobile Security Platform
for enterprises who need to serve millions of end
users 24/7 where authentication and transactions
require “non-stop” attention. The Onegini platform
protects enterprise resources against abuse, helps
meet compliancy obligations and at the same time
brings ease of use to the end-user. It unites mobile
authentication, Mobile Single Sign-on, end-to-
end security (API protection) and monitoring &
reporting tools in one solution.
Onegini delivers an easy to use solution including
all the security standards and monitoring tools
so your mobile Apps can access your enterprise
data. Mobile App developers can focus on the
functionality and do not have to trouble themselves
about security. You can now meet the highest
security and compliancy standards as they are
all taken care of by the Onegini Mobile Security
Platform.
The Onegini Mobile Security Platform was designed
for top insurance and financials institutions who
require the highest standards of security.
Mobile Apps connecting your customer to the
Enterprise have great potential. Beyond simple
marketing, organizations increasingly take
advantage of transaction type Apps for increased
revenue and lowered cost. With this in mind it is
imperative for any business to engage with their
customers in a secure and efficient way. This is
essential because these methods of engagement
directly drive revenue and impact brand value.
1
END USER
SECURITY
CONTROL
COMPLIANCE
SHORT TIME-TO-MARKET
ENGAGE WITH THE END USER
CONVENIENCE
EASE OF USE
CONNECT ALL DEVICES
FLEXIBILITY
ITBUSINESS
3. T +31(0)30 711 6845 | E info@onegini.com | www.onegini.com
To connect your customers to relevant services in
a secure way, organizations require client-focused
identity management. The Onegini platform
was specifically developed for this and delivers
capabilities such as:
■ A common identity for different backends
■ A flexible easy to use & repeatable process
■ A platform that is device agnostic
■ A platform designed to handle the masses
■ Support for all authentication standards
Because the Onegini platform was designed for
customers - built for flexibility, scale, and the
internet of things - it can interact with healthcare
wearables, connected cars, set-top boxes, e-citizen
portals, home security systems, medical devices,
and whatever ‘yet-to-be-invented’ “thing”
customers will be using in the years ahead.
Consumers, top line revenue and agility
Most Identity and Access Management (IAM)
solutions are used to manage access for employees
to systems behind the firewall. Nowadays, more
dynamic cloud solutions are required that not only
serve employees, but also partners and customers.
At its core, the Onegini Platform uses identity
to break down organizational silos and create a
single, company-wide view of the customer. It
uses data to build customer profiles that help
organizations engage with their customers
effectively. Understanding WHO these customers
are leads organizations to provide improved
services, making for loyal customers. Businesses
have the opportunity to build new revenue-driving
initiatives that capitalize on this new customer
data.
The Onegini platform allows businesses to rapidly
identity-enable new cloud, mobile, and IoT services
in order to offer a richer, seamless customer
experience across applications, devices, and
internet-connected ‘things.’
2
4. T +31(0)30 711 6845 | E info@onegini.com | www.onegini.com
Because the Onegini Platform is designed as a
customer-facing driver of business value, it must
cater to speed and developer ease-of-use to match
the pace of customer demands. The Onegini
SDK allows developers to enable cloud services
and accompanying mobile Apps with Identity
Management tooling in days rather than months.
Businesses that can quickly establish an engaging
customer experience at any time, from any place,
device, or thing, will satisfy their current customers
and rapidly attract new ones. Organizations cannot
properly take advantage of cloud, mobility, IoT
or any other online initiative without identity.
Businesses must manage and protect every user in
order to engage with them. Therefore, identity is a
fundamental requirement.
■ Reduce the time to market for your App
■ Manage Identity, Security, Data, Apps and
devices from one common platform
■ Easy enrollment of your customer base
■ Highest security standards including
2-Factor Authentication
■ Meet compliancy rules & regelations
One Mobile Identity Platform
Traditionally IAM-systems were built on different
point solutions, that are complex and cumbersome
to build and maintain, taking years to deploy
and integrate. The Onegini platform delivers an
overarching Identity solution, which is easily and
quickly deployed. The Onegini Platform requires
a unified identity model. The core tenant is that
identity should be exposed in a single, repeatable
way that makes it easy to roll out new services.
The goal behind this principle is to provide new
services quickly, taking years down to months,
and months down to weeks. The Onegini platform
gives you a common identity platform with a
single, repeatable API for developers to implement
identity services. For developers it is an easy
process and it ensures reliability.
The Onegini platform delivers functions such
as monitoring, audit trails to be compliant,
management dashboards, and behavior analysis to
guarantee end-to-end security. Onegini supports
different combinations of authentication to address
different security needs. Authentication factors are
based on:
1) Something you know
2) Something you have
3) Something you are
4) Where you are
Built on industry standards and proven
technology
Both the telecom and security industry are rapidly
evolving, introducing new technology standards
at a rapid pace. As a result, both proprietary-
and standards-based mobile security solutions
have been introduced that focus on technology
areas that cover both mobile authentication and
authorization. Organizations that are involved
in standardization include the GSMA, the FIDO
Alliance, The Organization for the Advancement of
Structured Information Standards (OASIS) and The
OpenID Foundation.
Onegini is member of the FIDO alliance and
supports the GSMA Mobile Connect initiative. FIDO
standards have been integrated into the Mobile
Security Platform, which provides browser-based
or in-App, 2-Factor Authentication. Onegini takes
mature security standards and improves the user
experience, while creating a solution customized to
the e-business needs of an organization.
3