SlideShare a Scribd company logo

Pay Forum Conference

H
hagero
1 of 32
Download to read offline
Best practices to achieve risk-appropriate authentication Per Hägerö CTO
#1 Security through Simplicity
2
Define Risk-Appropriate Authentication 3
What are your options? Something only you know (hopefully) Something you hold KBA: Lexical Token: OTP KBA: Graphical Token: PKI Something your are Token: OOB Biometrics: Biological Biometrics: Behavioral 4
Risk levels (NIST SP 800-63-1) High Medium Low Minimal 5
Risk levels (NIST SP 800-63-1) High PKI Medium OTP OOB Low Lexical Minimal 6
is it that easy? 7
NO! 8
9
There are a number of needs and constraints you need to consider   Who are you authenticating?   Where are they?   What will they use it for?   What end-points are they using?   Are there any regulations?   What is the available budget?   What is the risk?   Others? 10
all set? 11
not yet… 12
consider the aspect of identity proofing 13
≤ 100 % 14
IDENTITY PROOFING AUTHENTICATION 15
IDENTITY PROOFING AUTHENTICATION 16
IDENTITY PROOFING IDENTITY ASSURANCE AUTHENTICATION 17
18
our approach… 19
Assurance Adjacent needs Considerations Ease-of-use TCO 20
add additional protection with a layered security architecture and adaptive access control 21
The Nexus offering PortWise Authentication Service 22
Customer Case:   Verylarge bank (> 1 million )   Requirement for a versatile authentication platform   Other requirements: –  Web Service Management –  Integrated Virtual Directory •  24
eBanking Framework Management OATH Cards Platform OTP Software Policy Adaptive Access Authentication Token Enforcement Point Manager Manager Virtual Directory Web Token User User User DB DB DB 25
26
27
28
Risk-Appropriate Authentication is when an authentication method that best fits the use case is used, a method that is just right, not too little or too much, at the right TCO and that can use adaptive access controls to determine risk and confidence levels 29
Questions and Answers E-mail: per.hagero@nexussafe.com Twitter: @hagero Blog: perhagero.wordpress.com
ABBREVATIONS   KBA – Knowledge-based Authentication   OOB – Out of Band   OTP – One Time Password 31

Recommended

Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lectureynamoto
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? 101 Blockchains
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in BangladeshBangladesh Network Operators Group
 
Disadvantages of Blockchain
Disadvantages of BlockchainDisadvantages of Blockchain
Disadvantages of Blockchain101 Blockchains
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 

Recommended

Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lectureynamoto
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? How To Become A Certified Blockchain Security Professional?
How To Become A Certified Blockchain Security Professional? 101 Blockchains
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in BangladeshBangladesh Network Operators Group
 
Disadvantages of Blockchain
Disadvantages of BlockchainDisadvantages of Blockchain
Disadvantages of Blockchain101 Blockchains
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 
Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For EducationSanjeev Raman
 
3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor AuthenticationFortytwo
 
Internet banking applications' security
Internet banking applications' securityInternet banking applications' security
Internet banking applications' securitySecuRing
 
CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012Ulf Mattsson
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain PresentationZied GUESMI
 
Certification authority
Certification authorityCertification authority
Certification authorityproser tech
 
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NGWorteks
 
Why Two-Factor Authentication?
Why Two-Factor Authentication?Why Two-Factor Authentication?
Why Two-Factor Authentication?Fortytwo
 
Alpha Education
Alpha EducationAlpha Education
Alpha EducationAlpha20 Group
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now101 Blockchains
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Avoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not AloneAvoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not AlonePortalGuard
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureInformation Technology
 
Blockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesNarudom Roongsiriwong, CISSP
 
Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)Trevor Owens
 
Enhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains CertificationsEnhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains Certifications101 Blockchains
 
Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes csandit
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 
Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareSecureAuth
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureSecureAuth
 

More Related Content

What's hot

Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For EducationSanjeev Raman
 
3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor AuthenticationFortytwo
 
Internet banking applications' security
Internet banking applications' securityInternet banking applications' security
Internet banking applications' securitySecuRing
 
CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012Ulf Mattsson
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain PresentationZied GUESMI
 
Certification authority
Certification authorityCertification authority
Certification authorityproser tech
 
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NGWorteks
 
Why Two-Factor Authentication?
Why Two-Factor Authentication?Why Two-Factor Authentication?
Why Two-Factor Authentication?Fortytwo
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now101 Blockchains
 
Avoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not AloneAvoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not AlonePortalGuard
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureInformation Technology
 
Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)Trevor Owens
 
Enhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains CertificationsEnhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains Certifications101 Blockchains
 
Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes csandit
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 

What's hot (20)

Blockchain PoC For Education
Blockchain PoC For EducationBlockchain PoC For Education
Blockchain PoC For Education
 
3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication3 reasons your business can't ignore Two-Factor Authentication
3 reasons your business can't ignore Two-Factor Authentication
 
Internet banking applications' security
Internet banking applications' securityInternet banking applications' security
Internet banking applications' security
 
CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012CSO Security Standard Conference NYC 2012
CSO Security Standard Conference NYC 2012
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain Presentation
 
Certification authority
Certification authorityCertification authority
Certification authority
 
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
[POSS 2019] MicroServices authentication and authorization with LemonLDAP::NG
 
Why Two-Factor Authentication?
Why Two-Factor Authentication?Why Two-Factor Authentication?
Why Two-Factor Authentication?
 
Alpha Education
Alpha EducationAlpha Education
Alpha Education
 
6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now6 Key Blockchain Features You Need to Know Now
6 Key Blockchain Features You Need to Know Now
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Avoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not AloneAvoiding Two-factor Authentication? You're Not Alone
Avoiding Two-factor Authentication? You're Not Alone
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise Applications
 
Ch12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key InfrastructureCh12 Cryptographic Protocols and Public Key Infrastructure
Ch12 Cryptographic Protocols and Public Key Infrastructure
 
Blockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies
Blockchain and Cryptocurrency for Dummies
 
Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)Stacks 2.0 Introduction ($STX)
Stacks 2.0 Introduction ($STX)
 
Enhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains CertificationsEnhance Your Blockchain Career With 101 Blockchains Certifications
Enhance Your Blockchain Career With 101 Blockchains Certifications
 
Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes Security Analysis of Mobile Authentication Using QR-Codes
Security Analysis of Mobile Authentication Using QR-Codes
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password Requirements
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSS
 

Viewers also liked

Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareSecureAuth
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureSecureAuth
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...SecureAuth
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" mycroftinc
 
Authentication.Next
Authentication.NextAuthentication.Next
Authentication.NextMark Diodati
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlSecureAuth
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlSecureAuth
 

Viewers also liked (10)

Balancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in HealthcareBalancing User Experience with Secure Access Control in Healthcare
Balancing User Experience with Secure Access Control in Healthcare
 
Advanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and FutureAdvanced Authentication: Past, Present, and Future
Advanced Authentication: Past, Present, and Future
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
Authentication.Next
Authentication.NextAuthentication.Next
Authentication.Next
 
What to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access ControlWhat to Expect in 2016: Top 5 Predictions for Security and Access Control
What to Expect in 2016: Top 5 Predictions for Security and Access Control
 
Adaptive Trust Security
Adaptive Trust SecurityAdaptive Trust Security
Adaptive Trust Security
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access ControlStopping Breaches at the Perimeter: Strategies for Secure Access Control
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
 
Infographic: Stopping Attacks at the Identity Perimeter
Infographic: Stopping Attacks at the Identity PerimeterInfographic: Stopping Attacks at the Identity Perimeter
Infographic: Stopping Attacks at the Identity Perimeter
 

Similar to Pay Forum Conference

Risk Appropriate Authentication External
Risk Appropriate Authentication ExternalRisk Appropriate Authentication External
Risk Appropriate Authentication Externalhagero
 
Future of hardware wallets bip 001
Future of hardware wallets bip 001Future of hardware wallets bip 001
Future of hardware wallets bip 001Eric Larcheveque
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Keynectis
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for GovernmentCarahsoft
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudTjylen Veselyj
 
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...QAFest
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Anil saldhana cloudidentitybestpractices
Anil saldhana cloudidentitybestpracticesAnil saldhana cloudidentitybestpractices
Anil saldhana cloudidentitybestpracticesAnil Saldanha
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer
 
Authorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsAuthorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsLeanIX GmbH
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesHyTrust
 
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...APIsecure_ Official
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Hitachi, Ltd. OSS Solution Center.
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Chris Ryu
 

Similar to Pay Forum Conference (20)

Risk Appropriate Authentication External
Risk Appropriate Authentication ExternalRisk Appropriate Authentication External
Risk Appropriate Authentication External
 
Future of hardware wallets bip 001
Future of hardware wallets bip 001Future of hardware wallets bip 001
Future of hardware wallets bip 001
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for Government
 
Cloud Security vs Security in the Cloud
Cloud Security vs Security in the CloudCloud Security vs Security in the Cloud
Cloud Security vs Security in the Cloud
 
Straight Talk on Data Tokenization for PCI & Cloud
Straight Talk on Data Tokenization for PCI & CloudStraight Talk on Data Tokenization for PCI & Cloud
Straight Talk on Data Tokenization for PCI & Cloud
 
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
QA Fest 2019. Диана Пинчук. Тестирование аутентификации и авторизации (AuthN ...
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Anil saldhana cloudidentitybestpractices
Anil saldhana cloudidentitybestpracticesAnil saldhana cloudidentitybestpractices
Anil saldhana cloudidentitybestpractices
 
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
 
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
TrustBearer - Virginia Security Summit - Web Authentication Strategies - Apri...
 
Authorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice EnvironmentsAuthorization and Authentication in Microservice Environments
Authorization and Authentication in Microservice Environments
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Supplement V1.2
Supplement V1.2Supplement V1.2
Supplement V1.2
 
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best PracticesPCI-DSS Compliant Cloud - Design & Architecture Best Practices
PCI-DSS Compliant Cloud - Design & Architecture Best Practices
 
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
 
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
 
Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...Let's get started with passwordless authentication using windows hello in you...
Let's get started with passwordless authentication using windows hello in you...
 

More from hagero

Webinar EIDI
Webinar EIDIWebinar EIDI
Webinar EIDIhagero
 
Authentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOAuthentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOhagero
 
neXus Common Access Card Webinar
neXus Common Access Card WebinarneXus Common Access Card Webinar
neXus Common Access Card Webinarhagero
 
121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavithagero
 
Akvavit Meeting
Akvavit MeetingAkvavit Meeting
Akvavit Meetinghagero
 
Cloud Security Foundation
Cloud Security FoundationCloud Security Foundation
Cloud Security Foundationhagero
 
MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)hagero
 
Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)hagero
 

More from hagero (8)

Webinar EIDI
Webinar EIDIWebinar EIDI
Webinar EIDI
 
Authentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTOAuthentication in 2020 - Predictions by the neXus CTO
Authentication in 2020 - Predictions by the neXus CTO
 
neXus Common Access Card Webinar
neXus Common Access Card WebinarneXus Common Access Card Webinar
neXus Common Access Card Webinar
 
121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit121113 Pas Card Idc Akvavit
121113 Pas Card Idc Akvavit
 
Akvavit Meeting
Akvavit MeetingAkvavit Meeting
Akvavit Meeting
 
Cloud Security Foundation
Cloud Security FoundationCloud Security Foundation
Cloud Security Foundation
 
MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)MolnsäKerhet (Symposia 2009)
MolnsäKerhet (Symposia 2009)
 
Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)Framtid Och Trender (Symposia 2009)
Framtid Och Trender (Symposia 2009)
 

Pay Forum Conference