SlideShare uma empresa Scribd logo

The Future of Secure, Mobile Authentication

D
derektop

From Voice Biometrics Conference San Francisco (May 8-9, 2013): Mobile devices have the potential to be the universal device to make authentication stronger. But a host of challenges stand in the way for mobile security platforms. What are the key enablers and how does voice fit into a comprehensive mobile security strategy? Ollie Whitehouse, Associate Director, NCC Group

TecnologiaNegócios
1 de 13
Baixar para ler offline
Mobile Security and 2FA The reality from the trenches… Ollie Whitehouse, Associate Director, NCC Group
Before we begin… • NCC = iSEC Partners in the USA • FTSE listed ~99 million GBP revenue • Independent security experts • Working in hardware, software and higher level business functions • Trusted advisor to many • ~ 250 technical security consultants • ~ 80 business security consultants
Agenda for the 15 minute positioning.. • Mobile Security • Reality and Elephants • Future Enablers • Authentication and mobile • 2FA – what it looks like today • Voice biometrics and its Role
Mobile Security – Security threats • Hardware • Platform • Android, iOS, Windows etc. • Vendor Customisation • Undermining platform security • Apps • Poorly designed / implemented • User activity •  Hygiene with regards to apps / jail breaking
Mobile Security – Challenges • Mobile vendor fragmentation • Vendor spend on security • 18 to 24 month device life cycles • Carrier certification of updates • User awareness / education • User experience for security patches • Carrier / user desire for security patches
Mobile Security – Future
Mobile Security – Future • The security arms race is starting.. • BlackBerry, Samsung, SEAndroid (Generic), Apple and Windows • Platform features • TrustZone • Virtualisation / HyperVisors • Software security • Improving rapidly..
Mobile 2FA – Concerns • Satisfying ‘Something you have’ • SMS latency • The ‘NYE’ problem • The ‘malware’ issue • For seeded / on-line • Jail breaking • For seeded / on-line • Connectivity • For on-line
Mobile 2FA – Drivers for mobile 2FA
Mobile 2FA – What we’re seeing
Mobile 2FA – Satisfying the concerns • Today • Jail break detection • Device unique IDs • Device lockdown • Dual persona devices • Tomorrow • TrustZone and friends
Mobile 2FA – Result (one solution seen) Circuit Switch and Voice for Last Chance Fall-back
Mobile 2FA – Tomorrow?

Recomendados

mobile application security
mobile application securitymobile application security
mobile application security-jyothish kumar sirigidi
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySantosh Satam
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommTien Hoang
 
loaiCV2014
loaiCV2014loaiCV2014
loaiCV2014Loai Taan
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobilityDATA SECURITY SOLUTIONS
 
Web App Sec Tisc
Web App Sec TiscWeb App Sec Tisc
Web App Sec TiscAung Khant
 

Recomendados

mobile application security
mobile application securitymobile application security
mobile application security-jyothish kumar sirigidi
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySantosh Satam
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommTien Hoang
 
loaiCV2014
loaiCV2014loaiCV2014
loaiCV2014Loai Taan
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobilityDATA SECURITY SOLUTIONS
 
Web App Sec Tisc
Web App Sec TiscWeb App Sec Tisc
Web App Sec TiscAung Khant
 
Essential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityEssential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityPrecisely
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteMobiloitte
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyFIDO Alliance
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionEnclaveSecurity
 
Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installationOm Kumar
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecuritySalvatore D'Agostino
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration Chris Cavallo
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" mycroftinc
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile AppsDenim Group
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
Mbs w21
Mbs w21Mbs w21
Mbs w21SelectedPresentations
 
Reducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentReducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentCompTIA
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
INTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCEINTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCELayer3 Security Services
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologiesDavid Strom
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...Byres Security Inc.
 
Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)msobiegraj
 
2FA and OTP
2FA and OTP2FA and OTP
2FA and OTPTristan Gomez
 

Mais conteúdo relacionado

Mais procurados

Essential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityEssential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityPrecisely
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteMobiloitte
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyFIDO Alliance
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionEnclaveSecurity
 
Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installationOm Kumar
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers GuideLumension
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationLumension
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...team-WIBU
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration Chris Cavallo
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" mycroftinc
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile AppsDenim Group
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
Reducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentReducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentCompTIA
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary ResultsLumension
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Ulf Mattsson
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologiesDavid Strom
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...Byres Security Inc.
 

Mais procurados (20)

Essential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network SecurityEssential Layers of IBM i Security Series – Network Security
Essential Layers of IBM i Security Series – Network Security
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - Mobiloitte
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
 
Experience and perspective_of_security_installation
Experience and perspective_of_security_installationExperience and perspective_of_security_installation
Experience and perspective_of_security_installation
 
2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate InformationTop 10 Things to Secure on iOS and Android to Protect Corporate Information
Top 10 Things to Secure on iOS and Android to Protect Corporate Information
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
 
Mbs w21
Mbs w21Mbs w21
Mbs w21
 
Reducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills DevelopmentReducing IT Security Breaches Through Skills Development
Reducing IT Security Breaches Through Skills Development
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
INTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCEINTERNET PROTOCOL VIDEO SURVEILLANCE
INTERNET PROTOCOL VIDEO SURVEILLANCE
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
 

Destaque

Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)msobiegraj
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactSalesforce Admins
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Simple Two Factor Authentication
Simple Two Factor AuthenticationSimple Two Factor Authentication
Simple Two Factor AuthenticationJohn Congdon
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcitmmubashirkhan
 

Destaque (6)

Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)Strong Authentication (Michal Sobiegraj)
Strong Authentication (Michal Sobiegraj)
 
2FA and OTP
2FA and OTP2FA and OTP
2FA and OTP
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major Impact
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
Simple Two Factor Authentication
Simple Two Factor AuthenticationSimple Two Factor Authentication
Simple Two Factor Authentication
 
Two factor authentication presentation mcit
Two factor authentication presentation mcitTwo factor authentication presentation mcit
Two factor authentication presentation mcit
 

Semelhante a The Future of Secure, Mobile Authentication

IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT securityIoT613
 
Enterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile worldEnterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile worldSamsung Business USA
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT securityPriyab Satoshi
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsDesign World
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or looseBjørn Sloth
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
The Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business EnablerThe Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business EnablerSamsung Business USA
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessInfopulse
 
Fundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentFundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentMark Szewczul, CISSP
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile AuthenticationFIDO Alliance
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 

Semelhante a The Future of Secure, Mobile Authentication (20)

IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Principals of IoT security
Principals of IoT securityPrincipals of IoT security
Principals of IoT security
 
Enterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile worldEnterprise innovation in an ever-expanding mobile world
Enterprise innovation in an ever-expanding mobile world
 
[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success[Webinar] Why Security Certification is Crucial for IoT Success
[Webinar] Why Security Certification is Crucial for IoT Success
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
Outside the Office: Mobile Security
Outside the Office: Mobile SecurityOutside the Office: Mobile Security
Outside the Office: Mobile Security
 
Introduction to IOT security
Introduction to IOT securityIntroduction to IOT security
Introduction to IOT security
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or loose
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
The Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business EnablerThe Mobile Aware CISO: Security as a Business Enabler
The Mobile Aware CISO: Security as a Business Enabler
 
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers SafeSecurity For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
Advanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your BusinessAdvanced IT and Cyber Security for Your Business
Advanced IT and Cyber Security for Your Business
 
Fundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product DevelopmentFundamental Best Practices in Secure IoT Product Development
Fundamental Best Practices in Secure IoT Product Development
 
Market Study on Mobile Authentication
Market Study on Mobile AuthenticationMarket Study on Mobile Authentication
Market Study on Mobile Authentication
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 

Mais de derektop

Operationalizing Voice Biometrics
Operationalizing Voice BiometricsOperationalizing Voice Biometrics
Operationalizing Voice Biometricsderektop
 
Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0derektop
 
e-Government Applications for Voice Authentication
e-Government Applications for Voice Authenticatione-Government Applications for Voice Authentication
e-Government Applications for Voice Authenticationderektop
 
Mobile Voice Authentication
Mobile Voice AuthenticationMobile Voice Authentication
Mobile Voice Authenticationderektop
 
Future of Mobile Authentication
Future of Mobile AuthenticationFuture of Mobile Authentication
Future of Mobile Authenticationderektop
 
The Case for Voice + Face Recognition
The Case for Voice + Face RecognitionThe Case for Voice + Face Recognition
The Case for Voice + Face Recognitionderektop
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White Listderektop
 
Case Study: Passive Authentication at Barclays
Case Study: Passive Authentication at BarclaysCase Study: Passive Authentication at Barclays
Case Study: Passive Authentication at Barclaysderektop
 
Powering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel WorldPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel Worldderektop
 
Natural Interaction in the Connected Home
Natural Interaction in the Connected HomeNatural Interaction in the Connected Home
Natural Interaction in the Connected Homederektop
 
Case Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator AveaCase Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator Aveaderektop
 
Voice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets BiggerVoice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets Biggerderektop
 

Mais de derektop (12)

Operationalizing Voice Biometrics
Operationalizing Voice BiometricsOperationalizing Voice Biometrics
Operationalizing Voice Biometrics
 
Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0Introduction to Truly Handsfree 3.0
Introduction to Truly Handsfree 3.0
 
e-Government Applications for Voice Authentication
e-Government Applications for Voice Authenticatione-Government Applications for Voice Authentication
e-Government Applications for Voice Authentication
 
Mobile Voice Authentication
Mobile Voice AuthenticationMobile Voice Authentication
Mobile Voice Authentication
 
Future of Mobile Authentication
Future of Mobile AuthenticationFuture of Mobile Authentication
Future of Mobile Authentication
 
The Case for Voice + Face Recognition
The Case for Voice + Face RecognitionThe Case for Voice + Face Recognition
The Case for Voice + Face Recognition
 
The Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White ListThe Power of a Black List, the Promise of a White List
The Power of a Black List, the Promise of a White List
 
Case Study: Passive Authentication at Barclays
Case Study: Passive Authentication at BarclaysCase Study: Passive Authentication at Barclays
Case Study: Passive Authentication at Barclays
 
Powering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel WorldPowering Security and Easy Authentication in a Multi-Channel World
Powering Security and Easy Authentication in a Multi-Channel World
 
Natural Interaction in the Connected Home
Natural Interaction in the Connected HomeNatural Interaction in the Connected Home
Natural Interaction in the Connected Home
 
Case Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator AveaCase Study: Voice Verification by Mobile Operator Avea
Case Study: Voice Verification by Mobile Operator Avea
 
Voice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets BiggerVoice Biometrics: The Big Picture Gets Bigger
Voice Biometrics: The Big Picture Gets Bigger
 

Último

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Último (20)

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

The Future of Secure, Mobile Authentication

  • 1. Mobile Security and 2FA The reality from the trenches… Ollie Whitehouse, Associate Director, NCC Group
  • 2. Before we begin… • NCC = iSEC Partners in the USA • FTSE listed ~99 million GBP revenue • Independent security experts • Working in hardware, software and higher level business functions • Trusted advisor to many • ~ 250 technical security consultants • ~ 80 business security consultants
  • 3. Agenda for the 15 minute positioning.. • Mobile Security • Reality and Elephants • Future Enablers • Authentication and mobile • 2FA – what it looks like today • Voice biometrics and its Role
  • 4. Mobile Security – Security threats • Hardware • Platform • Android, iOS, Windows etc. • Vendor Customisation • Undermining platform security • Apps • Poorly designed / implemented • User activity •  Hygiene with regards to apps / jail breaking
  • 5. Mobile Security – Challenges • Mobile vendor fragmentation • Vendor spend on security • 18 to 24 month device life cycles • Carrier certification of updates • User awareness / education • User experience for security patches • Carrier / user desire for security patches
  • 7. Mobile Security – Future • The security arms race is starting.. • BlackBerry, Samsung, SEAndroid (Generic), Apple and Windows • Platform features • TrustZone • Virtualisation / HyperVisors • Software security • Improving rapidly..
  • 8. Mobile 2FA – Concerns • Satisfying ‘Something you have’ • SMS latency • The ‘NYE’ problem • The ‘malware’ issue • For seeded / on-line • Jail breaking • For seeded / on-line • Connectivity • For on-line
  • 9. Mobile 2FA – Drivers for mobile 2FA
  • 10. Mobile 2FA – What we’re seeing
  • 11. Mobile 2FA – Satisfying the concerns • Today • Jail break detection • Device unique IDs • Device lockdown • Dual persona devices • Tomorrow • TrustZone and friends
  • 12. Mobile 2FA – Result (one solution seen) Circuit Switch and Voice for Last Chance Fall-back
  • 13. Mobile 2FA – Tomorrow?