Más contenido relacionado
La actualidad más candente (20)
Similar a SE-4110, Securing Identities in the Cloud, by Martin Ahlers (20)
Más de AMD Developer Central (20)
SE-4110, Securing Identities in the Cloud, by Martin Ahlers
- 1. Top Things to Consider When
Authenticating Web Applications
© 2013 - VASCO Data Security
November 2013
- 2. Increasing need to protect our online activities
End users
!
!
!
!
Confidential data leakage
Cyber bullying
“Gold farming”
Identity theft
2012: Hackers able to
access users’ personal
data for use in phishing
attacks
2012: Hacker able to
access billing
information and other
accounts
© 2013 - VASCO Data Security
2012: Exposed 6
million user account
passwords
ASP’s
!
!
!
!
Lost revenues
Tarnished brand
Low data integrity
Subscriber churn
2013: Hackers posted
fake news about bombing
of the White House, Dow
Jones dropped 100 points
2013: 10 million people
watch Netflix without
paying for it by sharing
passwords
2013: Hackers able to
access customer names,
credit/debit cards and
expiration dates of 2.9
million customers, and up
to 38 million ID’s and
passwords
2
- 3. Agenda
! Applications and pain points
! Cloud services
! Subscription services
! Gaming
!
!
!
!
Quick VASCO background
Combined AMD and VASCO solution
Sample business case
Sample competitive comparison
© 2013 - VASCO Data Security
3
- 4. Cloud Security Concerns
! Losing files
! Files not stored securely
! Loss of control
! Embarrassing files made public
! Computer viruses
© 2013 - VASCO Data Security
Source: Halon 2013 Security Survey
4
- 5. Cloud Providers Are Expected to Lead on Security
Within five years, cloud security will become one of the
primary drivers for adopting cloud computing. The reason
for a shift of security from obstacle to driver is that Cloud
Service Providers (CSPs) are expected to invest far
more in the development of their security
infrastructure and expertise than any typical enterprise
Ernst and Young: Cloud Computing Issues and Impacts, 2011
© 2013 - VASCO Data Security
5
- 6. Subscription Sharing: New York Times Analysis
BuzzFeed: It is representative of a rising generation of young people who
1) Like watching shows Online and 2) Cannot fathom paying for them
© 2013 - VASCO Data Security
6
- 7. Subscription Account Sharing Impacts
! Eliminate revenue leakage from
account sharing
! Account sharing is perceived as a
back-end security problem. But for
companies that rely on online
subscriptions as a primary revenue
stream, account sharing can mean
lost income
! What we found was that about 33
percent of the accounts on the
network were being shared
! Secure personal information
! Preserve data integrity for
advertising/marketing
"If you're running The Wall Street Journal or World of Warcraft, and you've got multiple
people sharing a single subscription, you're losing customers."
© 2013 - VASCO Data Security
Source: AdmitOne
7
- 8. Tier 1 ASP Example
Company Profile
!
One of the world's largest insight, information and
consultancy networks. By connecting its specialist
companies, the group aims to become the pre-eminent
provider of compelling insights for the global business
community.
Needs
!
!
!
!
!
Protect online assets/revenues and control their IP
Auditable and traceable accounts for Risk and Compliance
Dept.
No new overhead or code modification of existing web
portals
OpEx based purchases to tie to subscription services and
improve cash flow
Everything IT must move to the cloud
In need of a cloud based two-factor authentication platform
© 2013 - VASCO Data Security
8
- 9. Creating Secure Communities Raises Revenues
! University of Michigan studied a Tier 1
online retailer
! Study found a 19% increase in
revenue when customers were
connected in an online community
“While the major share of firm and
media attention has focused on thirdparty online social networks such as
Facebook, many firms have made the
choice to build their own such
networks.”
http://info.socious.com/bid/56237/How-Online-Customer-Communities-Can-Increase-Revenue-By-19-Research
© 2013 - VASCO Data Security
9
- 10. Current state of Gaming
Online
gaming
industry
growing
significantly…..
…..however
ARPU
is
steadily
declining
Online
Gaming
Market
Share
by
Geography
(USD
$B)
$20.0
$18.0
$16.0
$14.0
$12.0
$10.0
ROW
$8.0
US
$6.0
$4.0
$2.0
$-‐
2012
2013
2014
2015
Publishers need assistance to stabilize ARPU by providing
additional value to paying customers
© 2013 - VASCO Data Security
Source: SuperData Research and Newzoo Games
10
- 11. US Gaming Demographics
117m
Online
Gamers
in
the
US
Typical US Gamer
Age 25-44
Income $35k-$75k
60% male
79% college degree
© 2013 - VASCO Data Security
Affinity
to
online
security
1. Above average income and education
2. Tech savvy
3. Understand the value of security
Sources: *Nielsen Entertainment's third annual Active Gamer Benchmark Study; ** StatGrab; ***SuperData Research/Newzoo
11
- 12. Gaming companies must capitalize on hits
! Example: Diablo 3
! Fastest selling PC game to date
! Broke Amazon record for most preorders
! Sold 3.5m copies on the 1st day
! Sold 6m copies in 1st week
! Within 1 week, it became the most
played game in Korea, 39% of Korean
gamers logging in daily
Securing new game revenue is a natural fit
© 2013 - VASCO Data Security
12
- 13. Gaming ASP Pain Points
! Account sharing
! Increase revenues and subscriptions with stronger
authentication
! New releases are very competitive, must capitalize on hits
! Account bullying
! Hackers stealing credentials to tamper with account holders
! Gold farming
! Dissatisfaction lowers switching costs and increases churn
! Less of an issue with advent of free to play and ability to buy/sell
with real dollars
! User islands
! Create communities of users to increase stickiness and
monetize free to play
! Cross sell gaming assets
! One credential to access all game sites
“MMO players are very dedicated gamers. As the majority already plays games on other screens, it will be interesting
to see if publishers succeed in extending and monetizing their MMO experience across all screens.“
Peter Warman, CEO of Newzoo
© 2013 - VASCO Data Security
13
- 14. Agenda
! Applications and pain points
! Cloud services
! Subscription services
! Gaming
!
!
!
!
Quick VASCO background
Combined AMD and VASCO solution
Sample business case
Sample competitive comparison
© 2013 - VASCO Data Security
14
- 17. Agenda
! Applications and pain points
! Cloud services
! Subscription services
! Gaming
!
!
!
!
Quick VASCO background
Combined AMD and VASCO solution
Sample business case
Sample competitive comparison
© 2013 - VASCO Data Security
17
- 18. Secure Portal to Web Apps
App1
App2
Numerous
Logins
Passwords
QR code scan
App3
App4
Cloud Subscribers
OTP
App5
App6
Complex for users, headache IT helpdesk
Simple for users, savings for for IT helpdesk
© 2013 - VASCO Data Security
18
18
- 19. Integration overview
AMD
chipset
Normal
SecDon
App
App
Secure
SecDon
App
Trusted
Trusted
App
App
Secure
OS
TEE
Client
API
PlaBorm/Rich
OS
(e.g.
Windows,
etc)
DIGIPASS
(TEE)
Secure
Monitor
Secure
Boot
ARM
Cortex
A5
Processor
with
Trustzone
Security
Extensions
© 2013 - VASCO Data Security
19
- 20. Highly secure yet familiar, simple user experience
© 2013 - VASCO Data Security
20
- 21. Agenda
! Applications and pain points
! Cloud services
! Subscription services
! Gaming
!
!
!
!
Quick VASCO background
Combined AMD and VASCO solution
Sample business case
Sample competitive comparison
© 2013 - VASCO Data Security
21
- 23. MYDIGIPASS.COM Subscription Business Case
ASP with 1M users per month
Increased Subscription Assumptions:
• Per a Tier 1 subscription account, 2FA will
increase revenues by 10% in YR 1
increasing to 20% by YR 5
• $100 annual subscription revenue
• $10 per user 2FA cost
20,000,000
16,000,000
12,000,000
Incremental revenues
Incremental costs
8,000,000
4,000,000
YR 1
YR 2
YR 3
YR 4
YR 5
MDP.com would return $17.5M net profit over 5 years.
© 2013 - VASCO Data Security
23
- 25. Agenda
! Applications and pain points
! Cloud services
! Subscription services
! Gaming
!
!
!
!
Quick VASCO background
Combined AMD and VASCO solution
Sample business case
Sample competitive comparison
© 2013 - VASCO Data Security
25
- 26. Comparison vs. Home Grown SMS
Home Grown SMS
Your unique
code is
w2z356
Does not operate on WiFi
Not delivered in poor coverage area
Not delivered when out of range
Not delivered under heavy traffic
congestion
Over 5% of SMS deliveries fail*
Operates on 3G/4G, WiFi or LAN
Over 9% take over 5 minutes*
* Per UCLA study Analysis of the Reliability of
a Nationwide Short Message Service
© 2013 - VASCO Data Security
26
- 27. Spying on SMS
Home Grown SMS
Your unique
code is
w2z356
Your unique
code is
w2z356
Secure out of band QR code
transmission
© 2013 - VASCO Data Security
Unsecure text message can be
intercepted using off the shelf
software
27
- 28. Baseline Mobile App Security
Home Grown SMS
Your unique
code is
w2z356
Federate Multiple
Applications
No
Federate Multiple Applications
YES
Incremental SMS Opex
NO
Authentication method
Challenge/response - more secure
Incremental SMS Opex
YES
Authentication method
Standard OTP
Back-up methods
Written code
Back-up methods
Smartphone
Hardware token
© 2013 - VASCO Data Security
28
- 29. Top Things to Remember for ASP’s
! Are you creating a secure cloud community?
! Application
! Delivery
! Is account vulnerability limiting your revenue growth?
! Losing potential customers
! High cost of fixing account hacking events
! Causing customer churn
! Could strong two-factor authentication in the cloud
meet your needs?
! Speedy ROI
! Easy to manage / Easy for users
! More secure than SMS
© 2013 - VASCO Data Security
29
- 30. For More Information
! Contact us at
! martin.ahlers@vasco.com
! jonathan.abon@vasco.com
! And go to our Application Service Provider site
! http://mydigipass.vasco.com/
© 2013 - VASCO Data Security
30