In this presentation you will learn:
-Industry best practices in ensuring the highest security and improved user experience.
-How to prevent fraud with advanced SCA techniques.
-Solving operational issues and optimizing costs with the all-in-one authentication system.
-Real examples of practical steps to ensure seamless UX.
-How to enhance your existing VPN security for remote work.
-From OTP to push and biometry – which authentication method is the best fit for your business needs.
For more info go to https://sxs.asseco.com/
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
Move your customer authentication to the next level!
1.
2. Moving your customer authentication
to the next level with SxS.
Robert Mihaljek
Sales Manager, International Markets
robert.mihaljek@asseco-see.hr
asseco.com/see
4. 4
Agenda
Staying secure in the era of impatient customers
On the “scale” from SMS to behavior authentication – which is the best for my organization?
Cut the cost and improve the user experience? Is this even possible?
How to build the optimal authentication ecosystem with minimum effort for the organization/best
practices?
Strong authentication for remote work
7. 7
References on 4 continents (Europe, Africa, USA, Asia) with more than 140 customers
Securing 5MM+ users on Banking Digital channels
Top player for banking in Europe, one of leading Banking Security and Compliance vendors
Succesful rollout of full scope PSD2 solutions, with focus on Strong Customer Authentication
Focus on digital banking channels (eBanking, mBanking, eCommerce…)
20+ years of experience
10. On the “scale” from SMS to behavior
authentication –
which is the best for my
organization?
10
11. 11
SMS
NIST recommended to replace
SMS as an authenticator in
2016
Ways of bypassing SMS 2FA:
interception at Mobile
Operator, social engineering,
man-in-the-middle
Each SMS has a cost
Easy to use
Everyone knows what SMS
is and is familiar with it
12. 12
HW tokens
Very useful substitution if end
user does not have a mobile
application or smartphone
With QR code hw tokens, UX is
highly improved
Does not require Internet
connection
End user needs to have
the physical device
User experience is not
that fluid
Must log in with PIN
13. 13
PUSH notifications
No additional cost when
compared to SMS OTP
Push notifications save a user
13 minutes annually over SMS
OTP (Source: Cisco)
Device with application is
needed
Trade wars can complicate
things: Google Services no longer
supports Huawei devices
14. 14
Behavioral analysis
Frictionless end user experience
Silent identity verification
No need for PIN & password
Latest technology which
prevents most advanced attack
methods
Some end users do not want
to be "watched"
Device with application is
needed
15. How to cut the cost and
improve user experience?
Is it even possible?
15
16. 16
You have to start with customer experience and work back toward the technology—not the other way around.
- STEVE JOBS
17.
18. 18
Paying bills and performin
transactions in banks
HW token Performing transactions
via internet & mobile
Multi-factor
authentication and
fraud management
Sign transaction
with a single click
BANK
INTERNET
BANKING
COMPLICATED
FORMS
mTOKEN &
mBANKING
BIOMETRY
ONE CLICK
19. How to build the optimal
authentication ecosystem
with minimum effort for the
organization?
19
20.
21. 21
ECOSYSTEM - THE POWER OF DIGITALIZATION
AUTHENTICATION
SERVER SIDE
MOBILE TOKEN
AI POWERED
SECURITY MODULE
IDENTITY AND
ACCESS
MANAGEMENT
Reduce end-user
time spent in your
branch
Enable end-users
easy transactions
with great
customer
EXPERIENCE
Develop the whole
end-to-end
authenticaton
experince
completely
frictionless
Manage your
applications, user
roles and their
access in less time
1 2 43
Ensure highest
security for
proving user
identity
22. 22
Challenges!
Security in
business and
retail
applications
Authentication
methods that
depend on only
one factor are
very easy to
compromise
Less
layers/factors in
place will cause
the risk of an
intruder gaining
access to critical
systems and
data
Having a weak
authentication
solution relying
solely on static
passwords
leaves the
system
completely
vulnerable to
attacks
Bad user
experience and
outdated
processes for
login and
transaction
verification
PSD2 regulation
driving strong
customer
authentication
(SCA)
23. 23
What will you gain?
On top of
regulation
(local, PSD2)
User experience
improved by
frictionless
methods
High level of
security enabled
by proven
security
mechanism
Easy integration
with any system
or application
Local presence
on the field
enabling
specialized
educations and
trainings
Cost reduction
24. We offer new features that:
24
Make client’s
business to be more
attractive to the
end-users
Offer the end-users
frictionless user
experience
Reduce time spent
on long processes
and services
26. 26
Challenge: How to identify and authenticate bank’s clients to ensure
a user-friendly but highly secure access to banking services?
AssecoAuthenticationSolution
multi-factor authtenticaton solution
wide range of strong authentication methods
high security - hardware or software tokens
https://sxs.asseco.com/
27. 27
Functionalities
ADMINISTRATION
• User management
• Device management
• Authentication properties
configuration
• Administrator management
REPORTING
• Token data
• User data
• Audit log
• Admin user data
AUTHENTICATION
• Multi-factor authentication
• Sign What You See
• Biometrics
• QR code authentication
• Push authentication
SXS SUPPORTS A WIDE RANGE OF AUTHENTICATION METHODS AND
ADMINISTRATION FUNCTIONS
28. 28
Functionalities
SELF-ADMINISTRATION
• Change PIN
• Enrollement
• Migration
• Token reset
• Token management
ADDITIONAL
• Offline and online mode of
work
• Multiple devices per user
• User unlocks his mobile token
with PIN (which is not stored
on the device)
AUTHENTICATION METHODS
• OTP, transaction signing,
challange/response
• Biometrics
• QR code authentication
• Push authentication (HMS also)
• PIN hint
BUILDING „ON-THE-GO” MOBILE USER IDENTITY WITH SECURITY BASED TECHNOLOGY
30. 30
IDENTITY AND ACCESS MANAGEMENT
IDENTITY ACCESS
Identity lifecycle
Roles and groupes
Process and structure
Authentication – who can
access
Authorization – is
respective user authorized
to have access
31. 31
Benefits
Save time and money
Improve IT efficiency -> single
place to administer user identity
and access rights
Reduce time to deliver of
applications and services -> no
need to reimplement
authentication mechanisms
across applications and services
Enhance security
Single point of authentication
Control person access to
multiple applications at one
place
Universal monitoring
and auditing
Authentication monitoring and
auditing in one system
Enable user behavior analysis
and better fraud detection
Higher user satisfaction
Reducing complexity for end-
users, application owners and IT
Admins
Single sign on (SSO) - access all
of the applications and services
that person needs by signing in
only once using single user
account
32. HOW WILL AUTHENTICATION LOOK LIKE
The user no longer has to memorize
passwords, enter pins, or rewrite
codes, his behavior is sufficient to
prove his identity.
Additionaly, based on the user
identity risk, user will be ask for
additional authentication.
37. Case study – Group Authentication and Mobile banking
solution – UniCredit CEE
• Project based in Vienna, started 2010.
• Private multitenant cloud deployment
• 9 countries, consistent UX and branding
• Taking care of all authentication needs, compliant
to PSD2 and local regulations
• Agile development team embedded with Bank
• Lower Group TCO for Authentication
• Innovative functionalities and technology
available to all subsidiaries
38. Case study – Group Authentication and Mobile banking
solution – Intesa Sanpaolo – Project Digical
• Project based in Milano, started 2016.
• Private multitenant cloud deployment
• 5 countries, consistent UX and branding, others
planned
• Agile development team embedded with Bank
• Lower Group TCO for Authentication
• Supporting different HW token devices in
subsidiaries
41. 41
Why is authentication needed for remote work?
99.9%
Of attacks can be
blocked with multi-
factor authentication.
Source: Microsoft
Most data breaches
involve weak, default,
or stolen passwords.
Source: Verizon, Telesign, Igloo
81% of breaches are caused by
credential teft
73% of passwords are
duplicates
50% of employees use apps that
aren’t approved by enterprise
43. 43
Existing clients
• New, internal use
cases initiated
• 10% of existing
clients asked for a
remote work
authentication
solution in last 6
months
New clients
• 50% of all
authentication
inquiries asking
for remote work
solution from the
start
• Smaller players
now need secure
solutions for
remote work also
Partners
• „Adapt or die”
surrounding
• Offering new
business models
as a solution
End users
• Looking for more
security in remote
work mode
• Striving to easy
access and
seamless UI
Market trends from Asseco point of view
44. 44
All in one solution
•Same solution for
clients and
employees
•Applicable to
corporations as well
as to SMEs
•Optional features
for specific
requirements
Variety of
authentication
methods
•From SMS to
behavior biometrics
•No vendor lock-in
•Regulation
compliant and
market proven
Adjustable products
•SDK or full
application for
mToken
•Customizable
application
•Modular solution
architecture
Adjustable business
models
•Perpetual or
subscription
•Monthly or yearly
subscription
•Subscription based
on active users- pay
as you grow
How Asseco can improve security for remote work?
46. 46
Your organization:
Staying secure in the era of impatient customers – you can do it!
Beheviour authentication with less friction will improve your business
Cut the cost and improve the user experience? It does not have to be a trade off
Optimizing authentication on all your channels can be done with singe UX
Remote work in (post) COVID19 era: you can make it secure