O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Gemalto Award Write Up

155 visualizações

Publicada em

Gemalto 2018 Global Digital Banking Solutions Company of the Year Award

Publicada em: Economia e finanças
  • Seja o primeiro a comentar

Gemalto Award Write Up

  1. 1. 2018 Global Digital Banking Solutions Company of the Year Award 2018
  2. 2. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 2 “We Accelerate Growth” Contents Background and Company Performance ........................................................................3 Industry Challenges..............................................................................................3 Visionary Innovation & Performance and Customer Impact........................................6 Conclusion...........................................................................................................9 Significance of Company of the Year...........................................................................10 Understanding Company of the Year...........................................................................10 Key Benchmarking Criteria ..................................................................................11 Visionary Innovation & Performance .....................................................................11 Customer Impact ...............................................................................................11 Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices .................................................................................................................12 The Intersection between 360-Degree Research and Best Practices Awards.....................13 Research Methodology ........................................................................................13 About Frost & Sullivan ..............................................................................................13
  3. 3. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 3 “We Accelerate Growth” Background and Company Performance Industry Challenges The digital revolution has had a significant impact on the financials services sector and will radically transform the way banks operate in the future. Frost & Sullivan research on the US financial services market indicates that nearly 70 percent of smartphone users use mobile banking services, while over half of tablet users regularly access their bank accounts from their devices. For the sector to keep pace with this growing global trend, the transformation from traditional branch banking to ‘mobile-first’ banking services is essential. Banks unable to deliver ‘mobile-first’ services will find themselves at a competitive disadvantage and will struggle to enhance customer relationships and business efficiency. Banks must now implement a major paradigm shift in their traditional service models to allow customers to digitize their financial lives fully. Those that remain tied to traditional models risk losing customers to competitors with more advanced, technology-driven capabilities that can deliver a digital-optimized customer experience. Aware of these evolving trends, Banks are making enormous investments in their online and mobile channels to meet the demands of customers. However, providing a universal and simplistic way of securing those channels remains a critical market challenge. Financial institutions across the globe, to differing degrees, find themselves caught between the tension of innovating to remain relevant and respond to customer needs, against the urge to control internal processes and cling to legacy infrastructure. Security risks from malware, intrusion, stolen credentials, account takeovers ATM attacks, and data breaches are more worrisome and costly each day. Across much of the world, payments and transactions are occurring in near real-time, which makes fraud identification and retrieval much more difficult. Banks are, understandably, concerned about losing credibility and trust in the public sphere resulting from a hacking event or malicious actors gaining access to their systems and exposing vulnerabilities.1 In this environment, smartphone ubiquity and biometric advancements are driving new methods of secure authentication, with banks and governments in Asia and Europe leading the adoption of innovative solutions.2 Mobile biometric authentication, in particular, is improving the customer experience and reducing operational expenditures by lowering information technology costs associated with personal identification numbers (PINs) and passwords, and enabling more efficient customer login. 1 David Birch, “Forget Banks, in 2018 You’ll Pay through Amazon and Facebook,” Wired Magazine UK, January 2018.; and Matt Egan, “Are Apple, Amazon and Facebook the Future of Banking?” CNN Money, May 15, 2018. 2 APAC Mobile Biometric Identification and Authentication Market, Forecast to 2021: Assessment of Key Market Participants in Asia-Pacific for Investment and Partnership Opportunities to Change the Future for the Better, (Frost & Sullivan, February 2018).
  4. 4. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 4 “We Accelerate Growth” The majority of banking activity in the US, and much of the world, now occurs via mobile devices. Both online banks and traditional tier-one institutions recognize the importance of meeting customer expectations and fear the threat of large technology companies moving into their territory. While banks are increasingly adopting data and analytics-informed tools and cloud computing capabilities to deliver personalized services, they still often rely on traditional security measures. Large banks typically prefer to operate their own infrastructure, and small banks depend largely on payment processors for secure transmission, but the evolutionary speed of cybersecurity, authentication, and secure communications is pushing these processes further away from their core functions. Alternatively, multi-vendor security, application, and server solutions introduce more complexity and risk. At the same time, banks are laden with legacy systems and highly complex infrastructure that make data management and workloads difficult and costly. As eager as consumers and some institutions are to adopt mobile-first strategies, data privacy and security breaches occur with worrying frequency on mobile devices. The device, the network band, and the back end servers are all at risk constantly, and each new endpoint introduces a potential new vulnerability. Furthermore, security protocols and biometric authentication mechanisms are not standardized across the board, and the more secure iris and facial recognition technologies can be relatively expensive to deploy and maintain. Basic security layers vary significantly, and industry standard protocols are only now beginning to coalesce. Nevertheless, biometrics and multi-factor authentication transmissions are still not entirely foolproof, and institutions must implement architectures that are flexible, upgradable, and minimize potential points of risk. At the same time, banks must ensure that additional layers of security will not come at the price of added friction for the end user. To achieve this, the best approach is to combine frictionless Fraud and Risk Prevention with low friction, strong authentication measures that are applied only when the security policy deems it necessary. Vendors must prioritize fraud and risk prevention from end to end, and advance multifaceted security tools (biometric, behavior, and other “smart” authentication techniques) that will defend against emerging attacks. Compliance regulations will catch up to technology, at differing speeds by country, but vendors will face implementation issues. As consumer and banks’ preferences for digital solutions evolve, industry research and security solutions will grow. However, in the expanding vendor landscape, portfolios able to integrate horizontally across consumer touch points and vertically through bank systems will appeal to buyers seeking to streamline complexity.3 3 Emerging Security Applications for Banking and Financial Services Sector, (Frost & Sullivan, March 2017).
  5. 5. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 5 “We Accelerate Growth” Tightening economic conditions, coupled with the proliferation of mobility, make it essential for banks to deploy secure, mobile-first solutions that can generate significant efficiencies in their business and enhance the customer experience. Banks that adopt well- structured solutions can successfully meet customer expectations for mobilizing their financial lives. First movers have already seen the value in deploying mobile-first banking solutions; it is now time for those on the sidelines to embrace the advances of secure, omnichannel digital banking. Visionary Innovation & Performance and Customer Impact Gemalto is a globally recognized leader in providing secure endpoints and authentication techniques. Serving clients from over 180 countries from over 112 offices, 19 production facilities, and 50 research and development, personalization and data centers, Gemalto develops technologies focused on authentication and data protection to reduce digital risk and build value. Enabling a Seamless, Secure, and Streamlined Customer Journey With a full portfolio of capabilities, Gemalto’s Digital Banking Mobile Security Suite provides protection across the user’s digital journey, delivering identity verification, user authentication, transaction verification, and fraud prevention to create a seamless experience through any device. The comprehensive portfolio integrates capabilities that leverage mobile communications and authentication techniques for remote ‘know your customer’ (KYC) requirements, multi-factor authentication, transaction signatures, out-of- band secure channel, fraud prevention, and mobile application (app) security. Supporting the transition to mobile-first banking interactions, Gemalto’s software suite equips mobile banking apps with a platform to ensure a highly secure yet convenient customer journey, from onboarding to transaction management. The security suite combines cryptography to enable multifactor (including biometric) authentication with channel encryption to secure data in transit; device intelligence and behavioral analytics for fraud prevention; and app security against malware attacks and tampering. Users have the option to choose their preferred and most convenient biometric sign-in method, unaware of the multiple layers of client and back-end validation behind. Thus, banks can now handle and encourage greater user engagement without the concern of compromised mobile security. Innovating Capabilities to Balance Usability and Security With three core components, deployable in combination with one another or with existing bank systems, Gemalto’s security suite enables banks to not only keep pace with a changing market but also to move confidently into the digital future.
  6. 6. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 6 “We Accelerate Growth” The Gemalto Mobile Security Toolkit (GMST) enables quick and seamless mobile app security against active threats and malware. Without any kind of back-end integration, the GMST requires, on average, only three days to integrate the mobile banking app and protects all consumer-facing interfaces. The GMST shields the bank’s mobile app from data manipulation and tampering, for both iOS and Android. In addition to providing developers with essential tools, GMST implements with Runtime Application Self-protection (RASP) technology to identify potentially vulnerable environments, real-time threats, and white box crypto multilayer encryption techniques for data security. Further, GMST uses secure techniques Gemalto developed in-house for code obfuscation and secure keypad interface. Gemalto’s Mobile Protector is a flexibly-integrated SDK that enables apps with a multifactor authentication layer and malware prevention. With a customizable, white-label, user interface, Mobile Protector layers multiple authentication factors including user device binding, a secure PIN pad, and biometric authentication (fingerprint, facial recognition, and soon voice and iris). Mobile Protector generates a one-time password and uses it for user authentication or to sign a transaction. It then connects through the bank’s back end to Gemalto’s Authentication Server to validate it. Once enrolled, users can choose a preferred biometric authentication factor to trigger OTP generation or transaction signature generation. Mobile protector can also be used in combination with Mobile Secure Messenger to enable out of band protection for ebanking, epayment, and ecommerce. Gemalto Mobile Protector Authentication Source: Gemalto
  7. 7. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 7 “We Accelerate Growth” The Mobile Secure Messenger is an out-of-band messaging service and mobile SDK that enables banks to exchange sensitive data securely with their customers through the banking app. All communications transmit as encrypted and signed, so banks can send and receive messages, authentication requests, and transaction verifications securely and with a smooth user experience in the app. Driving users to the app with push notification, the Secure Messenger SDK secures the app on the device side, and the secure messaging server on the bank side (on-premise or cloud) links with a secure channel. The Secure Messenger can use the mobile device app as a second-factor authentication when users sign into a desktop computer or generate a one-time use code for two-factor authentication at ATMs. Rather than relying on leaky text messaging, Secure Messenger allows banks to strike a better balance between security and user convenience. Secure From End to End Each module of the digital banking suite builds upon a foundation of embedded security, in each component from endpoint to server. While in some markets, such as the US, regulations and guidelines have not kept pace with technological capability, Gemalto has taken the lead in building open industry standards—with Initiative for Open Authentication (Oath) reference architecture and Fast Identity Online (FIDO) Alliance universal authentication framework standards. Gemalto Secure Messenger Communications Channel Source: Gemalto
  8. 8. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 8 “We Accelerate Growth” Both the server and client components of Mobile Protector are available in 2 flavors: OATH and FIDO. The OATH and FIDO servers are both built based on cloud technologies (for low latency, automated configuration, and added security) and they are available both as a deployable on-premise solution and as a cloud based, Gemalto operated service. The Gemalto cloud Service, IdCloud, is hosted in public clouds, but in a private sandbox with virtual private network access dedicated to each customer. Deployments of the mobile banking suite can begin from scratch as a complete package or by module and integrate with a bank’s existing information technology investments. The Gemalto Assurance Hub underlies the suite, analyzing millions of signals and thousands of attributes, which allows a Financial Institution to remain at the forefront of fraud management. All data that makes a user profile (such as user and device identity, behavioral biometrics and user banking profile) is analyzed and compared against bank policy for fraud mitigation to allow for adequate authentication and reduce friction in the consumer experience. Moreover, Gemalto collaborates with original equipment manufacturers to ensure operating system support for devices. For banks making new technology investments and online-only banks, Gemalto’s secure communications and KYC services provide a layer of trust when banks are remote enrolling new customers. Global Solutions Adapted to Local Markets With a global reach, Gemalto brings to bear the scale and capabilities to adapt to regulatory and market requirements around the world. Gemalto built the security suite with features to adhere to a bank or national compliance directives for data security, authentication, and appreciate and understand local laws. Whether address checks policies, digital signing rules, or biometric identification guidelines, Gemalto’s security suite supports the needs of stakeholders. Further, the Compliance Expert Team ensures that the in-house built suite adheres to the most stringent liability and product history questions that a bank might ask and require support to resolve. With customers in North America, South America, Europe, Africa, the Middle East and APAC, already deploying the digital banking suite, Gemalto possesses the full capabilities to meet the specific needs of national security regulations for data and personal information—and deliver solutions that allow banks to be reactive and go to market quickly without compromising on security. In-house Development from a Core Expertise in Security From the company’s background expertise in hardware, authentication, and out-of-band security, Gemalto’s digital banking software suite is the culmination of technology developments built to secure critical applications and services. As a part of the banking and payments division, Gemalto’s digital banking suite layers user-friendly experience with risk management underneath, which is held up by Gemalto’s other pillars of service: identify verification, device and hardware with embedded security, enterprise access security. Where competing service providers are often insurance companies and payment
  9. 9. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 9 “We Accelerate Growth” processors integrating 3rd party technology vendors, Gemalto develops its protection software and techniques in-house. Gemalto’s depth in end-to-end security (from smart cards to endpoints, and edge devices) enables visibility and oversight into all the components of the end to end solutions, optimizing insight into a future-oriented technology roadmap. The company’s reputation for delivering reliable and tightly integrated solutions sets emerges from a philosophy that focuses on secure development processes. Gemalto established this reputation by prioritizing far-reaching threat modeling, risk assessment, and the dedication to exhaustive architecture testing, as well as source code audits performed by independent security labs. These best practices ensure that Gemalto’s mobile banking suite will remain abreast of future advances in security. Conclusion Banks are caught between countervailing forces: to satisfy and grow the consumer base with convenient digital interfaces or to erect barriers to ensure the security, regulatory, and interoperability issues on the back end systems. Increasingly, banks are adopting data and analytics tools and cloud computing to deliver personalized services, but too often rely on traditional mobile security measures that can expose vulnerabilities and frustrate customers. Gemalto, a global leader in digital security, addresses this dilemma with its Digital Banking Security Suite—a solution set that enables banks to offer an innovative multichannel solution that provides true end-to-end security while enhancing the customer experience. With three component offerings that work with banks’ mobile applications, the digital banking suite streamlines biometric authentication, secures data transmit to bank servers, and ensures encrypted communication with customers. The Gemalto Mobile Security Toolkit, Mobile Protector, and Mobile Secure Messenger represent a leap forward in empowering a seamless user experience while ensuring input, storage, and transmission remain secure. Complimented by the Gemalto Assurance Hub for Risk Prevention and a KYC security offering to protect user enrollment, the Digital Banking Suite supports banks in digital transformations with the global expertise, local compliance, and breadth of service capabilities Gemalto has built a reputation delivering. With its innovative authentication technology, modern mobile design, and advanced security, Gemalto earns Frost & Sullivan’s 2018 Global Company of the Year Award in Digital Banking Solutions.
  10. 10. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 10 “We Accelerate Growth” Significance of Company of the Year To receive the Company of the Year Award (i.e., to be recognized as a leader not only in your industry, but among your non-industry peers as well) requires a company to demonstrate excellence in growth, innovation, and leadership. This kind of excellence typically translates into superior performance in three key areas: demand generation, brand development, and competitive positioning. These areas serve as the foundation of a company’s future success and prepare it to deliver on the two criteria that define the Company of the Year Award (Visionary Innovation & Performance and Customer Impact). Understanding Company of the Year As discussed above, driving demand, brand strength, and competitive differentiation all play a critical role in delivering unique value to customers. This three-fold focus, however, must ideally be complemented by an equally rigorous focus on Visionary Innovation & Performance to enhance Customer Impact.
  11. 11. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 11 “We Accelerate Growth” Key Benchmarking Criteria For the Company of the Year Award, Frost & Sullivan analysts independently evaluated two key factors—Visionary Innovation & Performance and Customer Impact—according to the criteria identified below. Visionary Innovation & Performance Criterion 1: Addressing Unmet Needs Requirement: Implementing a robust process to continuously unearth customers’ unmet or under-served needs, and creating the products or solutions to address them effectively Criterion 2: Visionary Scenarios through Mega Trends Requirement: Incorporating long-range, macro-level scenarios into the innovation strategy, thereby enabling “first-to-market” growth opportunity solutions Criterion 3: Implementation of Best Practices Requirement: Best-in-class strategy implementation characterized by processes, tools, or activities that generate a consistent and repeatable level of success. Criterion 4: Blue Ocean Strategy Requirement: Strategic focus on creating a leadership position in a potentially “uncontested” market space, manifested by stiff barriers to entry for competitors Criterion 5: Financial Performance Requirement: Strong overall business performance in terms of revenues, revenue growth, operating margin, and other key financial metrics Customer Impact Criterion 1: Price/Performance Value Requirement: Products or services offer the best value for the price, compared to similar offerings in the market. Criterion 2: Customer Purchase Experience Requirement: Customers feel they are buying the most optimal solution that addresses both their unique needs and their unique constraints. Criterion 3: Customer Ownership Experience Requirement: Customers are proud to own the company’s product or service and have a positive experience throughout the life of the product or service. Criterion 4: Customer Service Experience Requirement: Customer service is accessible, fast, stress-free, and of high quality. Criterion 5: Brand Equity Requirement: Customers have a positive view of the brand and exhibit high brand loyalty.
  12. 12. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 12 “We Accelerate Growth” Best Practices Recognition: 10 Steps to Researching, Identifying, and Recognizing Best Practices Frost & Sullivan analysts follow a 10-step process to evaluate Award candidates and assess their fit with select best practice criteria. The reputation and integrity of the Awards are based on close adherence to this process. STEP OBJECTIVE KEY ACTIVITIES OUTPUT 1 Monitor, target, and screen Identify Award recipient candidates from around the globe  Conduct in-depth industry research  Identify emerging sectors  Scan multiple geographies Pipeline of candidates who potentially meet all best- practice criteria 2 Perform 360-degree research Perform comprehensive, 360-degree research on all candidates in the pipeline  Interview thought leaders and industry practitioners  Assess candidates’ fit with best-practice criteria  Rank all candidates Matrix positioning of all candidates’ performance relative to one another 3 Invite thought leadership in best practices Perform in-depth examination of all candidates  Confirm best-practice criteria  Examine eligibility of all candidates  Identify any information gaps Detailed profiles of all ranked candidates 4 Initiate research director review Conduct an unbiased evaluation of all candidate profiles  Brainstorm ranking options  Invite multiple perspectives on candidates’ performance  Update candidate profiles Final prioritization of all eligible candidates and companion best-practice positioning paper 5 Assemble panel of industry experts Present findings to an expert panel of industry thought leaders  Share findings  Strengthen cases for candidate eligibility  Prioritize candidates Refined list of prioritized Award candidates 6 Conduct global industry review Build consensus on Award candidates’ eligibility  Hold global team meeting to review all candidates  Pressure-test fit with criteria  Confirm inclusion of all eligible candidates Final list of eligible Award candidates, representing success stories worldwide 7 Perform quality check Develop official Award consideration materials  Perform final performance benchmarking activities  Write nominations  Perform quality review High-quality, accurate, and creative presentation of nominees’ successes 8 Reconnect with panel of industry experts Finalize the selection of the best-practice Award recipient  Review analysis with panel  Build consensus  Select winner Decision on which company performs best against all best-practice criteria 9 Communicate recognition Inform Award recipient of Award recognition  Present Award to the CEO  Inspire the organization for continued success  Celebrate the recipient’s performance Announcement of Award and plan for how recipient can use the Award to enhance the brand 10 Take strategic action Upon licensing, company able to share Award news with stakeholders and customers  Coordinate media outreach  Design a marketing plan  Assess Award’s role in future strategic planning Widespread awareness of recipient’s Award status among investors, media personnel, and employees
  13. 13. BEST PRACTICES RESEARCH © Frost & Sullivan 2018 13 “We Accelerate Growth” The Intersection between 360-Degree Research and Best Practices Awards Research Methodology Frost & Sullivan’s 360-degree research methodology represents the analytical rigor of our research process. It offers a 360-degree view of industry challenges, trends, and issues by integrating all 7 of Frost & Sullivan's research methodologies. Too often companies make important growth decisions based on a narrow understanding of their environment, leading to errors of both omission and commission. Successful growth strategies are founded on a thorough understanding of market, technical, economic, financial, customer, best practices, and demographic analyses. The integration of these research disciplines into the 360-degree research methodology provides an evaluation platform for benchmarking industry participants and for identifying those performing at best-in-class levels. About Frost & Sullivan Frost & Sullivan, the Growth Partnership Company, enables clients to accelerate growth and achieve best-in-class positions in growth, innovation, and leadership. The company's Growth Partnership Service provides the CEO and the CEO's Growth Team with disciplined research and best practice models to drive the generation, evaluation, and implementation of powerful growth strategies. Frost & Sullivan leverages more than 50 years of experience in partnering with Global 1000 companies, emerging businesses, and the investment community from 45 offices on six continents. To join our Growth Partnership, please visit http://www.frost.com. 360-DEGREE RESEARCH: SEEING ORDER IN THE CHAOS