Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Banking and Mobile Identity

469 visualizaciones

Publicado el

Presentation from Apigee's Open Banking & PSD2 Summit in London on 19th May 2016.
This presentation covers how digital identity is becoming progressively important to governments and regulators. It uncovers banking and mobile identity and how to improve fraud detection and multi-factor authentication.

Publicado en: Tecnología
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Banking and Mobile Identity

  1. 1. Vertical Solutions & Mobile Identity David Andrzejek VP Vertical Solutions, Apigee
  2. 2. ©2015 Apigee Corp. All Rights Reserved. Not all your APIs have equal business impact 2
  3. 3. ©2015 Apigee Corp. All Rights Reserved. 3 Accelerate your adoption of high business impact APIs
  4. 4. High business impact APIs 4 Unlock the most critical data Deliver high value use cases Drive ecosystem adoption
  5. 5. Apigee API Accelerators 5 Open Banking Identity Health
  6. 6. Banking and Mobile Identity Improving fraud detection & multi-factor authentication David Pollington GSMA
  7. 7. Secure Authentication & Identification services delivered by the Mobile Network Operators David Pollington, GSMA @ the Open Banking & PSD2 Summit, London, 19th May 2016
  8. 8. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. About the GSMA The GSMA represents the interests of mobile operators worldwide Spanning more than 220 countries, the GSMA unites nearly 800 of the world’s mobile operators, as well as more than 230 companies in the broader mobile ecosystem.
  9. 9. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Online privacy and security is the biggest threat to sustainable digital growth Personal Data – Mobile Connect9 The Challenge Digital services rely on username + password or social login to identify users However •  Hard to remember for users •  Security and personal data breaches •  Difficult to prove identity digitally Leads to abandoned log-ins and shopping carts and online fraud
  10. 10. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Hardware tokens tip the balance too far 1. Costly to deploy 2. Inconvenient for the user •  Poor user experience (copying the code across from the token) •  Necessity of carrying a different token per service Personal Data – Mobile Connect10
  11. 11. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Getting the balance right between convenience vs security is of paramount importance Personal Data – Mobile Connect11 Convenience Security
  12. 12. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Solution: Authenticators intrinsic to the mobile phone & network Personal Data – Mobile Connect12 Something I Know Something I Have Something I Have + Something I Know Something I Have + Something I Am or   or   Locally-verified +   Adaptive authentication Something I Have + Something I Know + Something I Am
  13. 13. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Mobile Connect: convenient alternative to passwords and protects consumers’ privacy Personal Data – Mobile Connect13 The key which unlocks access to online services •  Authentication and Identity from a Regulated Industry with strong KYC and privacy rules •  Backed by verified customer data •  Decades of experience in the secure management of their networks and their subscribers’ information •  Convenient and in your customer’s pocket
  14. 14. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. The global growth of Mobile Connect Personal Data – Mobile Connect14 Apr May Jun Jul Sep Oct Nov Dec Jan Feb MarAug 42m Australia 70m Bangladesh 85m Spain 178m Peru Turkey Argentina Mexico 622m Indonesia Spain China France Italy 2Billion Malaysia Bangladesh Indonesia Myanmar Switzerland Thailand Philippines Finland China Morocco Egypt Mexico Pakistan 2.5Billion Thailand India Sri Lanka 26m Mobile Connect has grown at an exceptionally rapid pace, and is available today to more than 2.5bn mobile users
  15. 15. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Mobile Connect enables Operators to support a portfolio of services Personal Data – Mobile Connect15 Mobile Connect Authenticate (LoA2) Higher security authentication (LoA3) Authorisation Identity Attributes Authentication: authentication of an individual Authorisation: authorisation of an action Identity: verification of customer identity Attributes: provision of customer information Provides a solution for PSD2 requirements around Strong Authentication Mobile Connect Identity & Attribute products support KYC validation and mitigate fraud
  16. 16. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Mitigating account takeover attacks Problem statement: •  Verify that a user request to their bank to update MSISDN details is genuine Solution: •  API call from Bank to Mobile Operator to verify a number of customer details •  Operator can also provide contextual information for Bank to use in spotting fraudulent behaviour Personal Data – Mobile Connect16
  17. 17. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA.Personal Data – Mobile Connect17 Mitigating account takeover attacks Contextual information for use in spotting fraudulent behaviour Set of signals that can be used by a Bank to catch a multitude of fraud attack vectors thereby mitigating against bank account takeover attacks •  Stolen/lost phone •  SIM swap •  Device change •  Unconditional call divert set •  Account activity
  18. 18. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Mobile network operators are ideal partners to provide flexible, secure authentication & identity services Personal Data – Mobile Connect18 •  Regulated Industry: Mobile Operators adhere to strong KYC and privacy rules •  Possess verified customer data •  Decades of experience in the secure management of their networks and their subscribers’ information
  19. 19. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. API documentation & sandbox: https://developer.mobileconnect.io Personal Data – Mobile Connect19
  20. 20. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA If you would like more information, please contact GSMA via mobileconnect@gsma.com GSMA London Office T +44 (0) 20 7356 0600 www.gsma.com/personaldata Follow the GSMA on Twitter: @GSMA Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA.
  21. 21. Copyright © 2016 GSMA. The Mobile Connect logo is a trade mark registered and owned by the GSMA. Decoupled architecture; consistency towards SP (single API); utilisation of open standards (OpenID Connect) Personal Data – Mobile Connect21 MNO Tablet/desktop Service access request Service Provider Authentication request Identity GW SIM applet protocol (CPAS8) AuthN server SIM applet Consistent user experience Consistent SP experience SIM applet Smartphone app SMS+URL USSD Builds on Web standard OAuth 2.0 ETSI TS 102 204
  22. 22. Thank You

×