Authentifusion: Clarifying the Future of User Authentication

1. WEBINAR AUTHENTIFUSION CLARIFYING THE FUTURE OF USER AUTHENTICATION MARCH 2016 MICHAEL THELANDER Product Marketing Manager, Authentication

2. 2 Understand Advanced Authentication as a multilayered approach Understand the critical relationship between Advanced Authentication and Risk Understand the role of device recognition in a “passwordless” future Provide a three-step plan to evaluate device-based authentication for your customers

5. 5 PASSWORDS HAVE BEEN WITH US A LONG TIME PA S S W O R D S I N R O M A N G A R R I S O N S 1 2 3 4 5 6 7 81 0 9

6. 6 PASSWORDS HAVE BEEN WITH US A LONG TIME PA S S W O R D S I N H A M L E T

7. 7 PASSWORDS HAVE BEEN WITH US A LONG TIME PA S S W O R D S I N D - D AY, 1 9 4 4

8. 8 The credential market is huge TARGE T70M SONY 10M EBAY 145M ADOBE 152M HOME DEPOT 56M 2014: 675 MILLION RECORDS EXPOSED IDENTITY THEFT RESOURCE CENTER

9. 9 2015 adds to 2014’s record OPM 22M ANTHEM 80M Experian / T-Mobile 15M 2015: 169 MILLION MORE RECORDS EXPOSED IDENTITY THEFT RESOURCE CENTER 11M PREMERA PATREON Unknown (15GB of passwords)

10. 10 2015 adds to the record exposures from 2014 FROM ONE SELLER * NOW 1.2 BILLION CREDENTIALS AVAILABLE ON BLACK MARKET *An active FBI investigation as reported by SC Magazine, November 2015

11. 11 Protected by only 6 passwords. 1 2 3 4 5 6 PASSWORDS ARE INCREASINGLY UNRELIABLE Consumers have an average of 24 online accounts. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 21GRBlue1421GRGreen1 4 21BlackGR1414PurpleGR2 1

12. 12 “In an era in which passwords are generally considered inadequate, at best, it’s easy to understand why many organizations are turning to advanced authentication” -PwC’s Global State of Information Security 2016

13. 13 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … W I T H O N E I M P O R TA N T A D D I T I O N Devices & Hardware  PC fingerprint based on JS  Phones & devices with SDKs  Bluetooth & NFC  Consumer IoT  Contextual data (geo, IP, etc.) Operating System Hash of fonts IP Address Flash execution Browser version Plugin inventory Language Flash 4-part vers. Screen Resolution Hundreds of attributes

14. 14 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … W I T H O N E I M P O R TA N T A D D I T I O N Devices & Hardware  PC fingerprint based on JS  Phones & devices with SDKs  Bluetooth & NFC  Consumer IoT  Contextual data (geo, IP, etc.) One-Time Passwords  Valid for a session  SMS Text Push  Mobile token  Mobile “in-app”  Proprietary token  Smart cards

15. 15 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … W I T H O N E I M P O R TA N T A D D I T I O N Devices & Hardware  PC fingerprint based on JS  Phones & devices with SDKs  Bluetooth & NFC  Consumer IoT  Contextual data (geo, IP, etc.) One-Time Passwords  Valid for a session  SMS Text Push  Mobile token  Mobile “in-app”  Proprietary token  Smart cards Biometric / Behavior  Fingerprint scans  Retinal, facial scans  Voice analysis  Brain/heart signals  Behavior patterns

16. 16 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … W I T H O N E I M P O R TA N T A D D I T I O N Devices & Hardware  PC fingerprint based on JS  Phones & devices with SDKs  Bluetooth & NFC  Consumer IoT  Contextual data (geo, IP, etc.) One-Time Passwords  Valid for a session  SMS Text Push  Mobile token  Mobile “in-app”  Proprietary token  Smart cards Biometric / Behavior  Fingerprint scans  Retinal, facial scans  Voice analysis  Brain/heart signals  Behavior patterns Knowledge  Secret questions  Captcha  Passwords  Pattern Matching  Local knowledge  Web pictographic

17. 17 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … W I T H O N E I M P O R TA N T A D D I T I O N  Context  User’s goal & request  Data sensitivity  Geo location Risk-Aware  IP Address (real and implied)  Device reputation  Privileged access  Vector (TOR browsers, anonymizers)

18. 18 “ADVANCED” ACCORDING TO PwC U S E A N Y O F F O U R M E T H O D S … . W I T H O N E I M P O R TA N T A D D I T I O N Devices & Hardware  PC fingerprint based on JS  Phones & devices with SDKs  Bluetooth & NFC  Consumer IoT  Contextual data (geo, IP, etc.) One-Time Passwords  Valid for a session  SMS Text Push  Mobile token  Mobile “in-app”  Proprietary token  Smart cards Biometric / Behavior  Fingerprint scans  Retinal, facial scans  Voice analysis  Brain/heart signals  Behavior patterns Knowledge  Secret questions  Captcha  User details  Pattern Matching  Local knowledge  Web pictographic  User’s goal & request  Data sensitivity  Geo location  IP Address (real and implied) Risk-Aware  Device reputation  Privileged access  Language  Patterns of usage

19. 19 “Consumers will adopt solutions that ease the burden of remembering passwords or carrying tokens. Authentication must be frictionless and easy to use.” Suzanne Hall, Managing Director, from PwC’s Global State of Information Security 2016

20. 20 1 Use device recognition to augment passwords and reduce friction Device-based authentication with context-aware risk assessment becomes the norm 3 Limit the use of passwords to high-risk transactions and requests only 2 iovation’s milestones on the road to passwordless IMPROVEMENT AVOIDANCE REPLACEMEN T

21. 21 Something you KNOW Something you HAVE Something you ARE ADVANCED AUTHENTICATION REQUIRES 2 FACTORS W H Y “ D E V I C E I D ” I S T H E F O U N D AT I O N O F A PA S S W O R D L E S S F U T U R E

22. 22 ADVANCE AUTHENTICATION INCLUDES RISK CONTEXT W H E R E D O W E E X P E R I E N C E T H E G R E AT E S T R I S K ? WEBSITE

23. 23 RISK IN CONTEXT W I T H D I F F E R E N T A U T H E N T I C AT I O N M E T H O D S

24. 24 DEVICE AUTHENTICATION WORKFLOW DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER ACCESS

25. 25 DEVICE AUTHENTICATION WORKFLOW DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER ACCESS +10 SCORE LOW RISK = Frictionless Consumer Experience SHOPPING RESOURCES NEWS +10 SCORE

26. 26 DEVICE AUTHENTICATION WORKFLOW DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER ACCESS 0 SCORE MEDIUM RISK= Moderate Friction USERNAME & PASSWORD

27. 27 DEVICE AUTHENTICATION WORKFLOW DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER ACCESS -10 SCORE HIGH RISK= Step-Up Authentication FRAUD TEAM

28. 28 DEVICE AUTHENTICATION WORKFLOW DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER ACCESS +10 SCORE 0 SCORE -10 SCORE LOW RISK = Frictionless Consumer Experience MEDIUM RISK= Moderate Friction HIGH RISK= Step-Up Authentication CREDENTIAL INPUT CREDENTIAL INPUT SHOPPING RESOURCES NEWS USERNAME & PASSWORD CREDENTIAL INPUT

29. 29 DEVICE CHANGE TOLERANCE W H AT A B O U T N AT U R A L D AY- T O - D AY C H A N G E S ? FONTSBROWSERLOCATION EXPECTED NOT EXPECTED UPDATED BROWSER -12BROWSER REGRESSION +1LIMITED TRAVEL MULTIPLE TIME ZONES IN 1 HOUR Aa

30. 30 PRECISE MATCH FUZZY MATCH ELASTIC DEVICE MATCHING Device Type: MACBOOK PRO Device Type: MACBOOK PRO MINIMUM THRESHOLD MAXIMUM THRESHOLD Operating System OS X Yosemite IP Address 22.231.113.64 Browser Safari 8.0.2 Language English Screen Resolution 2880 x 1800 Operating System OS X Yosemite or later IP Address Similar Location Browser Safari 8.0.2 or later Language English Screen Resolution 2880 x 1800

31. 31 HISTORICAL REPUTATION SECURITY RISK INDICATORS LINKS AND ASSOCIATIONS ANOMALOUS BEHAVIOR AUTHORIZED FOR ACCOUNT

32. 32

33. 33 HISTORICAL REPUTATION SECURITY RISK INDICATORS LINKS AND ASSOCIATIONS ANOMALOUS BEHAVIOR AUTHORIZED FOR ACCOUNT

34. 34

35. 35 1. For brand managers, product owners, or web experience managers, understand where the greatest risk is in your site 2. Understand what benefits would be realized if your customers experienced less friction 3. Assess the impact of a device-based alternative to your current methods of authentication A Three-step Plan to evaluate iovation’s Customer Authentication for your sites

36. 36 iovation’s Customer Authentication service wins “Best Multi-factor Authentication Solution” in Cyber Defense Magazine’s 2016 Editor’s Choice Awards

37. CONTACT US www.iovation.com twitter.com/iovation Product Marketing Manager, Authentication Michael Thelander michael.thelander@iovation.co m +1 503-224-6010

Authentifusion: Clarifying the Future of User Authentication

Authentifusion: Clarifying the Future of User Authentication

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente(19)

Similar a Authentifusion: Clarifying the Future of User Authentication

Similar a Authentifusion: Clarifying the Future of User Authentication(20)

Último

Último(20)

Authentifusion: Clarifying the Future of User Authentication

Notas del editor