![Page 1: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/1.jpg)
IAM EXCELLENCE
![Page 2: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/2.jpg)
Authentication on Mobile
Devices for Business Application
Fabian Zoller & Martina Müller
![Page 3: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/3.jpg)
Reason Why
Image source: [http://goo.gl/VYMFN5]
![Page 4: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/4.jpg)
Bring Your Own Device
Image source: [M.Müller]
![Page 5: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/5.jpg)
Bring Your Own Device
Image source: [M.Müller]
![Page 6: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/6.jpg)
AuthenticationMethods
1. Biometric
Image source: [http://goo.gl/zyjhAl]
![Page 7: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/7.jpg)
AuthenticationMethods
1. Biometric
2. Location
www.blog.mobileroudie.comImage source: [http://goo.gl/yPRdEO]
![Page 8: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/8.jpg)
AuthenticationMethods
1. Biometric
2. Location
3. Knowledge
www.thebayentrepreneu.comImage source: [http://goo.gl/Pzd5Pn]
![Page 9: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/9.jpg)
AuthenticationMethods
1. Biometric
2. Location
3. Knowledge
4. Possession
www.flickr.com/photos/code_material
Image source: [http://goo.gl/6QE7fw]
![Page 10: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/10.jpg)
Requirements
Usability & Funtionality
AccessTime
Acceptability
Security
Distinctiveness
Resistance to Attacks
Accuracy
False Accept Rate
False Rejection Rate
Expenditure
Purchase
Administration
Implementation Effort
Software
Hardware
![Page 11: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/11.jpg)
Rating Matrix - Results
Credentials Graphical Password
Software Token WLAN NFC Certificates
![Page 12: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/12.jpg)
Prototypes
![Page 13: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/13.jpg)
Showrooms
1.
2.
3.
4.
Image sources: [F. Zoller] [http://goo.gl/VqFSQ] [http://goqr.me] [http://goo.gl/bVT8l] [http://goo.gl/Vv2E] [http://goo.gl/wj8Hw]
![Page 14: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/14.jpg)
System Components
Client Device
Untrusted Site
RequestResource
ResponseResource / Deny
Trusted Site (Company)
Web- / App Server &
Agent
Yes / No / Data(Response Decision [Data])
Authentic?(Request Decision [Data])
DirectoryServer
Make Decision / Prepare Data
Image sources: [http://goo.gl/gXoeT] [http://goo.gl/Vv2E]
![Page 15: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/15.jpg)
MobileDesk Authentication Flow
Select Certificate
Validate Certificate
Enter Graphical Password
Validate Graphical Password
Store Token in Directory
Start Web Application with Token
Image sources: [F. Zoller]
![Page 16: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/16.jpg)
MobileKey Authentication Flow
Touch Device with Identity Chip
Validate Identity Chip
Enter Credentials
Validate Credentials
Store Token in Directory
Start Web Application with Token
Image sources: [F. Zoller]
![Page 17: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/17.jpg)
TwoChannel Authentication Flow
Enter Username
Generate QR-Code
Scan QR-Code
Enter Password
Validate Credentials
Start Web Application
On
Mob
ile D
evic
e
Image sources: [F. Zoller]
![Page 18: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/18.jpg)
LocationBased Authentication Flow
Active WLAN
Validate Access Point
Enter PIN
Generate OTP
Enter OTP and PIN
Validate OTP and PIN
Start Web Application
On
Mob
ile D
evic
e
Image sources: [F. Zoller]
![Page 19: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/19.jpg)
Usability Testing - Interrogations
Is there a significant difference between the arithmetic average authentication time?
1. iPhone + QR-Code (30 sec)
2. Android + Mobile Key (37 sec)
3. Android/iPhone + Location Based (39 sec)
![Page 20: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/20.jpg)
Usability Testing - Interrogations
Is there a significant difference between the authentication time within the showrooms?
1. Mobile Key (37 sec)
2. Location Based (39 sec)
3. QR-Code (40 sec)
![Page 21: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/21.jpg)
Usability Testing - Interrogations
Is there a significant difference between the different operating systems focussing on the success quotient?
92%
8%
iPhone
successful authenticationfailed authentication
86%
14%
Android
successful authenticationfailes authentication
![Page 22: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/22.jpg)
Advisable Results
Mobile Desk
QR-Code
Mobile Key
Credentials Graphical Password
Software Token WLAN NFC Certificates
![Page 23: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/23.jpg)
Questions?
![Page 24: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/24.jpg)
Thank you for your attention!
![Page 25: IAM EXCELLENCE. Authentication on Mobile Devices for Business Application Fabian Zoller & Martina Müller](https://reader035.vdocuments.us/reader035/viewer/2022062717/56649e615503460f94b5c950/html5/thumbnails/25.jpg)
IAM EXCELLENCE
www.ic-consult.comiC Consult GmbH | Keltenring 14 | 82041 Oberhaching | T +49 89 6604970 | [email protected]