Más contenido relacionado Similar a CIS14: From Card to Mobile—Evolving Identity Credentials (20) Más de CloudIDSummit (20) CIS14: From Card to Mobile—Evolving Identity Credentials1. From Card to Mobile
Evolving Identity
Credentials
Julian Lovelock
Senior Director, Product Marketing
July 2014
An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
2. 2An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
How do I identify thee?
Let me count the ways
?
1. What you have
you hold a credential that proves who you are
2. What you do
you act in a recognizable way
3. What you know
you know the secret password
4. What you are
you have identifiable biometric characteristics
This is our traditional domain of expertise
3. 3An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
The mobile credential
Keys and access cards
in your daily life
Digital Form Factor,
Converged in
your smartphone
Challenges
• Multiple digital keys
on a single device
• Secure provisioning
of those keys
• Broad phone support
4. 4An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
The mobile credential
Keys and access cards
in your daily life
Digital Form Factor,
Converged in
your smartphone
5. 5An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Replacing the card with a phone
6. 6An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Seos: Powering Mobile Access
Hotel
Security
System
Residential
Security
System
Seos
TSM
Secure
Element
Issuer TSM
Enterprise
Security
System
Mobile
OperatorSeos
Mobile
App
Seos
Applet
Seos
Contactless
Technology
HID
Secure
Identity
Services™
Portal
Seos
Enabled Locks/
Readers
7. 7An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Mobile access control
Enjoyed at ASU
First Generation Mobile Access
Mobile access control
prized at Netflix
NFC technology in
phones enables them to
be used as RFID
credentials
8. 8An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
What did we learn?
Sleeves are
challenging
Balance between
security and
convenience
NFC
Host Card Emulation (HCE)
9. 9An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
9
NFC Host Card Emulation (HCE)
What is Host Card Emulation?
With the Android 4.4 release, it’s possible to
emulate a card in software.
Why is that important?
Card can be emulated in the HID mobile App
with no reliance on third-parties
What is the benefit?
Readers and locks supporting Seos over NFC
are compatible.
Note - HCE is supported by the financial
industry (Visa and Mastercard) which will drive
adoption.
10. 10An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
10
Bluetooth Smart
Bluetooth Smart
(BT Smart)
What is Bluetooth Smart?
Bluetooth with lower power consumption
Does not require pairing
Is supported in iPhone 4s and Android 4.3
forward.
Why is that important?
The use of Bluetooth smart allows Seos to
be used to open doors with iPhones,
Android phones and tablet devices with no
reliance on third-parties.
How will we benefit from it?
The longer reading distance will allow us to
open doors in new ways.
11. 11An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Deployment model
• Use existing purchase models
• Mobile credentials generated
• Supports a simple enablement process
• Receive an invitation
• Install the App from the App store
• Receive the digital key
• Offers centralized key management
through a mobile access portal
• For issuing, revoking, and managing
available digital credentials
• Focus on simplicity and a streamlined
process
HID Mobile
Access
New user
Invitation Digital key
E-mail
12. 12An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Evolution of the physical credential
§ Card remains good
§ Phone is interesting
– Cool
– Online
– Convenient
§ But…not owned by the enterprise
§ Heterogeneous platform (challenging to manage in a consistent way)
§ Doesn’t work well as a secure badge
§ Don’t just see the phone as a simple replacement for the badge but something that
supplements and extends the convenience and security
13. 13An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
The Mobile reader
Access
Granted
Identity
Validated
Card
updated
14. 14An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Use cases for Trusted Tags
Trusted Transaction Proof Of Presence Authenticity
Trusted loyalty cards
prevent unauthorized
loyalty points
Tap a tag to prove that
a home healthcare
visit took place
Prevent counterfeiting
and warranty fraud
while also engaging
the consumer
15. 15An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Future generation of laptops/tablets
Enabled for ‘contactless’ for contactless cards
Impact: Leverage contactless card for
two factor authentication, without the
need for a separate card reader
16. 16An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Conclusions
Evolving Identity Credentials
17. 17An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
First generation solutions
Replace an existing credential with a
mobile phone in a ‘like for like’ use
case
E.g.
§ Tap a phone instead of a card to
enter a building
§ Use a phone instead of a token to
generate an OTP
18. 18An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
Second generation solutions
Improve the use case by leveraging
capability of the phone
e.g.
§ Bluetooth based ‘frictionless’
access
§ Authentication to offline access
points
19. 19An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.
3rd Generation solutions
Support for a broad range of
interchangeable convenient form
factors
Identity managed through the
cloud for multiple applications
Mobile devices form an integral
part of that ecosystem
- Credentials
- Readers
- Encoders
- Applications
20. 20An ASSA ABLOY Group brand
PROPRIETARY INFORMATION.
© 2012 HID Global Corporation/ASSA ABLOY AB. All rights reserved. Contents are confidential and proprietary and not intended for external distribution.