Presentation is loading. Please wait.

Presentation is loading. Please wait.

Giovanni Carnovale – Regional Sales Manager Central & Eastern Europe

Published byせいごろう のえ Modified over 5 years ago

Similar presentations

Presentation on theme: "Giovanni Carnovale – Regional Sales Manager Central & Eastern Europe"— Presentation transcript:

1 Giovanni Carnovale – Regional Sales Manager Central & Eastern Europe
Defeating Fraud with Intelligent Adaptive Authentication and Risk Analytics Giovanni Carnovale – Regional Sales Manager Central & Eastern Europe

2 5 PROBLEMS for authentication in today’s digital banking
Pace of technology is overwhelming App Shielding, Biometrics, Behavioral Biometrics, Anti Malware, FIDO, IoT and connectivity … What to choose, how to benchmark, how to implement, how to score, how to fine tune Diversity of authentication devices & methods (Mobile) Device are different across different users and time User’s behavior / device usage IS a part of authentication (need for context) 5 PROBLEMS for authentication in today’s digital banking Difficulty to quickly adapt workflows Many workflows are hard coded and difficult to change More technology means more complexity One-size-fits-all doesn’t work anymore User journeys carry different levels of risk (events have different nature) All customers are different & UX requires personalization Advanced regulation, e.g. PSD2 Strong Customer Authentication – Fraud Monitoring & TRA - multi-purpose device protection - … Different Security Levels (No MFA & No TRM; No MFA, but TRM; SCA + TRM; No MFA, but TRA …)

3 Challenge 1 - Pace of technology is overwhelming
How can you easily test / integrate new technology? App Shielding, (Behavioral) Biometrics, Anti Malware, FIDO, IoT and connectivity … A single interface offering easy access to different solutions across all channels ? © 2018 OneSpan

4 ONESPAN PLATFORM ACCESS TO TECHNOLOGY
QR Code Cronto Notification PIN TouchID Local Face Reco. Local Iris Reco. Digipass FIDO Remote Face Reco. Remote Voice Reco Android fingerprint Mobile Device Scoring Behavioral Biometrics Open Platform to support multi-layered security approach for omnichannel strategy Access to OneSpan technology Access to third party technology Keep your existing technology Only use what you need

5 Challenge 2 - Diversity of authentication methods
(Mobile) Device are different across different users and time User’s behavior / device usage IS a part of authentication (need for context) Full monitoring of the mobile devices and their associated risk levels ? © 2018 OneSpan

6 Managing the differences in authentication devices
There is a big diversity of mobile devices and authentication methods. How can you manage the difference in security levels and use it to the advantage of your user? Device Risk Manager Debugger Custom Keyboard Rooted Different Devices Different Authentication Methods Different Context Different Behavior

7 Continuous Client-side Awareness & scoring with AI
Recognizing patterns … and spotting anomalies Learn from and make predictions on … data Unsupervised Machine Learning Supervised Machine Learning Expert Rules Contextual awareness & scoring Continuous monitoring of user events in a session, not only as single actions, but together as defining behaviors and patterns Low Medium High Very High Risk Levels Behavioural Analysis & Scoring Current Users behaviour compared to past behaviour Continuous Monitoring & Scoring Dynamically changing security status of user’s device, requires continuous monitoring in real time

8 Challenge 3 - Difficulty to quickly adapt workflows
Many workflows are hard coded and difficult to change More technology means more complexity Orchestration seamlessly managing all bank applications to drive client logic ? © 2018 OneSpan

9 ORCHESTRATION BETWEEN CLIENT AND SERVER
Shorten Integration Time - Configuration instead of integration Bank Driven Authentication Logic – server determines client logic Less hard coding – change logic without changing code Authentication Request on laptop Bank Orchestration 2. Send Push Notification to open app + pass orchestration message Orchestration Message: Request Fingerprint Mobile Orchestration

10 examples Example 1 Example 2
Situation: Bank has not integrated Face Authentiation yet Goal: Bank wants to start using Face Action: Update Orchestration in mobile app if needed + Select Face in dropdown box on server side Example 2 Situation: A security issue with Fingerprint has been published and the bank considers now Fingerprint as insecure Goal: Bank wants to stop using Fingerprint Action: Change the fingerprint action on server side to another authentication method (e.g. PIN that is normally enabled already as fallback)

11 User Journey with PIN Internet Banking Logon

12 Immediate Effect – now User Journey triggers face auth instead
Internet Banking Logon

13 Challenge 4 - One-size-fits-all doesn’t work anymore
User journeys carry different levels of risk (events have different nature) All customers are different & UX requires personalization Flexible and adaptive authentication options to deliver the best user experience ? © 2018 OneSpan

14 Adaptive Authentication & workflow
Maximum security not needed for every action Use intelligence to offer the most frictionless authentication option based on context New User New Device Enrolment Existing User New Device Enrolment User Login DIFFERENT TYPES OF DEVICES AUTHENTICATION METHODS FRICTION LEVELS SECURITY Low Risk Transaction Medium Risk Transaction High Risk Transaction Add Beneficiary Change Contact Information Online Store Payment ATM Cash Withdrawal Loan Application …. Select the User Journey you want to configure / change

15 Adaptive Authentication within workflows
Decision Engine Unsupervised Machine Learning Supervised Machine Learning Expert Rules Device Status = OK Use Decision Analytics and Machine Learning to produce a score and a response Contextual Score = 87 score Behavior Check (invisible) match = 98%

16 Adaptive Authentication within workflows
PIN + Behavior Fingerprint Contextual authentication Face recognition … ? Other Secure Notification PUSH Decide which action to trigger

17 Context authentication
User Journeys Mobile Banking logon Context authentication Analyzing RASP check Rooted device

18 user journeys Mobile Banking logon Analyzing PIN + Behavior RASP check
Rooted device

19 Challenge 5 - Advanced regulation, e.g. PSD2
Strong Customer Authentication – Fraud Monitoring & TRA - multi-purpose device protection - … Different Security Levels (No MFA & No TRM; No MFA, but TRM; SCA + TRM; No MFA, but TRA …) One solution allowing banks to be compliant with PSD2 SCA RTS ? © 2018 OneSpan

20 PSD2 Regulation

21 Leading worldwide security standards
M1 Improper Platform Usage M6 Insecure Authorization M2 Insecure Data Storage M7 Client Code Quality Vetting the Security of Mobile Applications M3 Insecure Communication M8 Code Tampering M4 Insecure Authentication M9 Reverse Engineering M5 Insufficient Cryptography M10 Extraneous Functionality Smartphone Secure Development Guidelines

22 Onespan Trusted Identity PLATFORM

23 Beyond authentication – EIDAS & onboarding & document signing
Face recognition New Account Workflow ID check Selfie E-signature

24 Thank you! Giovanni Carnovale Regional Sales Manager – Central & Eastern Europe M: 

Download ppt "Giovanni Carnovale – Regional Sales Manager Central & Eastern Europe"

Similar presentations

January 30, 2014 Copyright Jim Farley Beyond JDBC: Java Object- Relational Mappings Jim Farley e-Commerce Program Manager GE Research and Development

January 30, 2014 Copyright Jim Farley Beyond JDBC: Java Object- Relational Mappings Jim Farley e-Commerce Program Manager GE Research and Development
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
1 Parex bank experience with Digipass tokens Deniss Vorona Online Banking Project Manager.

1 Parex bank experience with Digipass tokens Deniss Vorona Online Banking Project Manager.
FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.

FI-WARE – Future Internet Core Platform FI-WARE Security July 2011 High-level Description.
장홍예 Telecommunication Engineer Lab 2001.9.19 1 E-COMMERCE: TECHNICAL AND MARKET APPROACH.

장홍예 Telecommunication Engineer Lab E-COMMERCE: TECHNICAL AND MARKET APPROACH.
Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite www.SecureMobileEmail.com www.AGATSolutions.com.

Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite
» Jun 9, 2003 Speaker Verification Secure AND Efficient, Deployments in Finance and Banking Jonathan Moav Director of Marketing

» Jun 9, 2003 Speaker Verification Secure AND Efficient, Deployments in Finance and Banking Jonathan Moav Director of Marketing
Biometrics Authentication Technology

Biometrics Authentication Technology
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Hardware-based secure services past and future Olivier POTONNIEE, Aurélien COUVERT, Virginie GALINDO April 2016.

Hardware-based secure services past and future Olivier POTONNIEE, Aurélien COUVERT, Virginie GALINDO April 2016.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
Biometric ATM Created by:. Introduction Biometrics refers to the automatic identification of a person based on his physiological/behavioral characteristics.

Biometric ATM Created by:. Introduction Biometrics refers to the automatic identification of a person based on his physiological/behavioral characteristics.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Www.appmobi.com The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.

The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
How Sage ERP X3 Systems Can Benefit Businesses.  Sage X3 is an affordable and flexible ERP solution designed to help mid-sized companies manage business.

How Sage ERP X3 Systems Can Benefit Businesses.  Sage X3 is an affordable and flexible ERP solution designed to help mid-sized companies manage business.

Similar presentations

Ads by Google