Las organizaciones necesitan evolucionar más allá del nombre de usuario y contraseña básico y asegurar las transacciones en línea con un abanico de opciones de autenticación segura.

1. What are the Challenges of Securing Identities online?

3. Online Service Uptake Critical US Banking Delivery Transactions by Channel (2006-10p) May 31, 2008

4. Online Service Uptake Critical Cost per Transaction (US $) May 31, 2008

5. We Provide Identity-Based Security for: Consumers Enterprises Citizens Web Sites Online banking users, e-commerce site customers Travelers, and those accessing government services, in person or online Web servers (external and internal), email servers and code being distributed online Business and government employees, contractors, first responders, and devices

6. Consumer Authentication

7. Consumer Auth Problems Ongoing attacks against FI’s Corporate accounts being targeted Malware growing fast, hard to detect with Anti-Virus End-users often resist strong auth Source: Anti-Phishing Working Group, July/09 Man in the Middle Attacker Man in the Browser Malware

8. Consumer Authentication: Entrust Solution Flexible range of authenticators Across spectrum of security / usability Zero-touch fraud detection to spot unusual activity and stop malware Man in the Middle Attacker Man in the Browser Malware Username & Password Mutual Authentication IP Geolocation Device Fingerprint Knowledge-Based Authentication Grid Card / eGrid One-Time Password Tokens Out of Band Auth via SMS or Email Digital Certificates Smart Cards

9. Enterprise Authentication

10. Enterprise Identities: Problems Protect access to intellectual property and customer data Work from anywhere Stay out of employees’ way Audit access to resources Reduce transaction costs by moving online Employees Partners Contractors Other Businesses Mobile Devices Other internal Servers & Devices # of IDs 2000 2010

11. Enterprise Identities: Entrust’s Solution Broad range of authentication credentials For users, servers, devices Enables encryption and digital signature with strong identity Employees Partners Contractors Other Businesses Mobile Devices Other internal Servers & Devices

12. Web Site Authentication

13. Web site authentication: Problems Phishing attacks and other fraud often involve counterfeit websites Users cannot easily detect fake sites Numerous servers for IT staff to keep track of, ensuring no certificate expiries Expense of certs for numerous servers Customers, Employees Mobile Users Web servers, Exchange, Applications

14. Web site authentication: Entrust Solution SSL certificates for web sites, MS Exchange, code signing, Adobe PDF Stringent verification to prevent brand theft Helps user verify they are at correct site Enables browser to provide some automated protection Powerful certificate management tools Customers Mobile Users Entrust Verification

16. Identity-Based Security: a Layered Approach People, Servers, Devices, Applications Credential issuance, audit, lifecycle management Credential use, step-up, ongoing transaction analysis, and forensics

21. Multiple Identities, one device Mix of Soft token only and Transaction Notification Independent activation and control Customizable branding per identity Mobile Authentication & Transaction Notification

22. OATH compliant Time-based soft token 30 second time window Brandable interface IDG Mobile – Soft Token

23. IDG Mobile - with Transaction Notification OATH Time-based Soft Token Transaction details confirmed out of band on mobile device No data entry OATH signature of transaction contents User confirms transaction or acts on suspect details

31. Policy & User Management Web based Administration

33. Integrating IdentityGuard Remote Access Applications Microsoft Windows Servers End User Web Authentication Applications Enterprise Applications & Data Repository

34. 2 nd Factor Authentication Authentication Platform Online Application   Initial Logon User Name? Password? 2 nd Factor Authentication 2 nd Factor Challenge

39. IdentityGuard 2 nd Factor Protection Remote Access Enterprise Servers Microsoft Desktops Extranet Access

40. Integrating IdentityGuard Remote Access Applications Microsoft Windows Servers End User Web Authentication Applications Enterprise Applications & Data Repository

41. Integrated with Leading Technology Partners Applications Application / Infrastructure Remote Access Platform

42. SSL VPN: Juniper

46. Remote Access Authentication Flow VPN Client or Web Browser Remote Access Gateway 1. User enters authentication credentials 2 . User credentials sent to IdentityGuard 4 . IdentityGuard challenge requested & presented 5. IdentityGuard response sent to IG server 6. IdentityGuard server returns accept/reject to VPN Client Repository 7. Success allows user entry 3 . User credentials validated against directory

48. Thank you!