mobile: purely a powerful platform; or panacea?€¦ · connected systems spousal spying cloud...
TRANSCRIPT
Evan O’Regan, Director of Product Management Authentication & Fraud SolutionsEntrust Datacard
Mobile: Purely a Powerful Platform;Or Panacea?
EBT: The Next Generation 2017
POWERFUL PLATFORM OR PANACEA
• The Winds At Our Backs
• A Mobile World
• Mobile As An ID
• Government To Citizen Mobile ID
• Coliding Ecosystems: Navigating Identity Paradoxes
• On A Natural Path Of Evolution
• Devices As Part Of Trusted ID Ecosystem
• Future Thoughts & The Sovereign Me
• What Do We Know
WHAT’S UNDERPINNING DIGITAL TRANSACTIONS?
EXPANSION CREATES NEW CHALLENGES• Traditional security risks remain — legacy issues still require vigilance
• Growing concerns in privacy & safety, especially with IoT expansion • Security a new issue for teams and individuals expected to prevent and resolve issues
• Trusted Identity an even a bigger issue
HACKING CONNECTED
SYSTEMS
SPOUSALSPYING
CLOUDCREDENTIALS
INDUSTRIALCOMPROMISE
CONNECTEDCARS
INSULINPUMP
A MOBILE WORLD
MOBILE: BRINGS SO MUCH POTENTIAL TO CITIZEN IDENTITY• User Experience
Integrated, seamless & personal
• Versatile multifactor authentication tool Flexibility ‐ Have, Know, Are, Do Variety of biometric sensory capabilities Bringing greater context
• Connectivity 24/7 Operation – Always On lifestyle An array of connectivity options, e.g. Wifi, Bluetooth, NFC, Optical
• Powerful processing & significant storage capacity Application reach A transaction platform as well as an ID
6
Pulled by it’s potential, Mobile is being developed as an enhanced electronic ID platform, promising:
Citizens• Choice in credential form factor (physical or mobile)• Real ease‐of‐use & convenience • Real‐time responsiveness to government interactions in their always
connected world
Identity & Credential Authorities• A path to increasing dematerialization • A platform on which to anchor service delivery in citizen centricity • The means to meaningfully engage citizens and other stake‐holders
Relying Parties (e.g. Law Enforcement, Retailers, et al)• The means to establish greater assurance in citizen identity and associated
privileges/authorizations • Provide for richer and more current identity and attribute data
GOVERNMENT TO CITIZEN MOBILE ID
1: PARADOX OF LEGACY THINKING SUBVERTING TRUSTED ID
2: THE IDENTITY PARADOX
3: PARADOX OF ECONOMICS OF MOBILE IDENTITY
4: NOTIONS OF MOBILE IDENTITIES ARE EVOLVING
Provable Authenticity• Issued by the
appropriate authority• Security features match
authentic sample• Digital signature chained to
the CA
Provable Integrity• Not tampered with physically
or digitally • Data hash matches secured
original hash
Provable Rightful Holder • Provably representing the
document holder• Bound biometrically
Privacy• Sensitive data only available
to authorized inspection• Authenticated access &
encrypted data streams
REQUIREMENTS OF A STRONG IDENTITY CREDENTIAL
TRUSTED ID PLATFORMS MUST EVOLVE
13
REDUCE FRICTION empower users
HIGH ASSURANCE across all use cases
EASYto deploy, manage, adapt
MOBILE ID IS EVOLVING
• Mobile ID is on a natural path of evolution:
Card –> SmartCard –> Mobile ‐> Biometric/Cloud/Virtual
• Each step is a closer binding of credential to holder:
– Card – matured physical security elements and best practice in enrolment and issuance architectures
– SmartCard – evolved data structures, integrity and authenticity techniques (SOD), and tamper resistance
– Mobile – evolving data/application separation architectures and use of biometric sensors in support identity and transactions, and greater user control
– Mobile/Cloud – allowing data minimization on mobile and bringing richer application integration
14
CITIZEN PREFERREDCREDENTIAL PLATFORM
Access Control
Banking Passport Identity/Driving Licence
Evolution
PIV
DEVICES AS PART OF THE TRUSTED ID ECOSYSTEM
Multi‐layered approach includes transparent assessment of device risk based on a variety of insights and behavioral intelligence
Insightful risk information about the device
Prevent devices flagged as fraudulent from accessing your network and enterprise applications
Stops fraud / abuse in real‐time, prior to login
Reduces user friction when risk is low
16
FUTURE THOUGHTS AND THE “SOVEREIGN ME"
SOVERIGN MEPhoto, Voice, Iris, Behavioural, Face, Kinetiic, etc. etc.
© Entrust Datacard Corporation. All rights reserved.
Leveraging Principals ofTransparency & Privacy by Design
MOBILE ID FOR TRUSTED CITIZEN IDENTITY TRANSACTIONS
Improve service levels, control costs and enhance both private and security with digital ecosystems
based on trusted identity.
CITIZEN ID MANAGEMENT
CITIZEN REGISTRYTRUSTED GOVERNMENT ONLINE
CITIZEN ENROLLLMENT
SECURE ISSUANCE
SIMPLIFIEDENROLLLMENT
Easy to deploy for governments and easy to adopt for citizens. Secure
process captures all required identity
elements.
DIGITAL & PHYSICALCREDENTIALS
One central core identityused to issue all
credentials, including digital mobile identity and physical driver’s license
and passports.
Greatly enhancedexperiences & privacy for
citizens — security & savings for governments.
CITIZENENGAGMENT
TRUSTED TRAVELER
TRUSTED CITIZEN
PRIVACY & CONSENSUAL RELEASECitizens empowered to share only the necessary identity information for various applications, such as age verification.
DESKTOP, CENTRAL ANDOVER-THE-AIR ISSUANCE
ENROLLMENT ESSENTIALS
Healthcare Benefits
Social Services
Education Services
TaxationVoting Services
Trust Services
Whole GovernmentWeb Portal
IN-PERSON ON-LINE
Digital Certificates
Password
Soft Token
Mobile Smart Credential
Biometrics
TransactionSigning
©2015 Entrust Datacard Corporation. All rights reserved.
THANK-YOU