Quality Tokenless Authentication using SMS
22
QUALITY TOKENLESS AUTHENTICATION USING SMS A webinar by SecurEnvoy and CM Telecom May 7 th 2014
-
Upload
cm-telecom -
Category
Technology
-
view
215 -
download
0
description
This presentation was used during a joint CM Telecom and SecurEnvoy webinar on Tokenless Authentication held on May 7th 2014. Full webinar available via: https://www.youtube.com/watch?v=mrhbyDavZDQ Questions that will be answered are: * Why a single factor authentication is a threat to your company’s security. * The benefits of tokenless authentication for your company and why should you use it. * How to get the best quality? : SMS Routes, Delivery Time, Delivery Rate. * Why the cooperation of CM and SecurEnvoy can help you leverage security on another level. * How you can easily set up your own two-factor authentication environment. The presentation is divided into two sections. First, Phil Underwood ([email protected]) will discuss "The Added Value of Tokenless Authentication." We have so many different passwords these days that we cannot remember them all. This introduces all sorts of dangers; people write them on post-it notes or are socially influenced to share their password. Or even more extreme; their password is logged during entry either technically or socially, maybe bruteforce-hacked using Cain & Abel. Therefore we need to introduce another layer of security: So not only "something we know" but also "something we own", such as the ATM chip and pin. SecurEnvoy delivers this solution not using oldfashioned hardware tokens (RSA tokens) but directly on your mobile phone. Offering a seamless user experience. There are 6.9 billion GSM connections in the world, and we can leverage that using authentication code via SMS or voice calls. Even using the apps that can be used on modern smartphones. Secondly, Cas Schalkx ([email protected]) will discuss "Sending Quality SMS Messages". A quality SMS message is one that is delivered within 10 seconds. That can be difficult because no one company can deliver SMS messages around the global alone. So SMS Gateways use partners--but the processing time of these partners is all added up to you delivery time. CM Telecom monitors the delivery time and delivery rate of their traffic 24/7. If one partner does not perform on par the messages will be rerouted and delivered using a more reliable network. Try tokenless authentication now: * Go to www.securenvoy.com and select the 30 day free trial. During the trial you get free test messages via CM Telecom * Improve your SMS delivery. Go to securenvoy.cmtelecom.com and create an account to start sending using the Global Gateway Priority. * If you are Dutch; download the whitepaper: www.cm.nl/sectorexpertise/beveiliging If you speak English, contact [email protected] for a translation.
Transcript of Quality Tokenless Authentication using SMS
QUALITY TOKENLESS AUTHENTICATION USING
SMS A webinar by
SecurEnvoy and CM TelecomMay 7th 2014
THE ADDED VALUE OF TOKENLESS
AUTHENTICATIONby
Phil UnderwoodSecurEnvoy
© 2014 SecurEnvoy
Quality Tokenless® Authentication using SecurEnvoy and CM-SMS
© 2014 SecurEnvoy
How Many Passwords ?
© 2014 SecurEnvoy
• “Social engineering”• Finding written password
– Post-It Notes• Guessing password / pin
– Dog/Child’s name/ Birthday• Shoulder surfing
• Keystroke logging– Can be resolved with mouse based entry
• Screen scraping (with Keystroke logging)
• Brute force password crackers– L0phtcrack, Cain & Abel
Problems with passwords
© 2014 SecurEnvoy
Two Factor Authentication?
We use it every day
ATM - Chip and PIN
Two Factor is?
Something you own - ATM cardSomething you know
PIN, Secret, Password
© 2014 SecurEnvoy
Token Two Factor Types
• Hardware Tokens– Require distribution, synchronising
• Smart Cards– Require distribution, certificate management
• USB Sticks– Require distribution, certificate management
© 2014 SecurEnvoy
What the Analysts say
• User eXperience • Several vendors highlighted the increasing
emphasis on UX across all use cases, with such epigrams as "UX is key" and "UX is king.”
"Abusing your employees with poor IT usability is no longer acceptable in today's marketplace.”
– Source Gartner “Magic Quadrant for User Authentication” December 2013
© 2014 SecurEnvoy
Tokenless Two factor• Phone as the Authenticator
– 6.9 billion GSM connections(source https://gsmaintelligence.com)
• Tokenless®, via SMS – What about SMS delays– What if I'm in a building with no signal– I’m using my phone to connect to the internet
• Tokenless®, via Voice or eMail
• Tokenless®, via Software– Many different phone interfaces– Massive QA issues– Major support issues– Limited supported phone types– Software deployment problems
© 2014 SecurEnvoy
WEB/VPN
User Experience?
SENDING QUALITY SMS MESSAGES
byCas SchalkxCM Telecom
GOOD SERVICE DEPENDS ON GOOD SMS
What is a good SMS?– An SMS that is delivered at your phone
in less than 10 seconds.
Why is that difficult….?
YOUR MESSAGE TRAVELS THROUGH A CHAIN
YouSecurEnvoy
SMS GW
Operator
??
But no SMS Gateway is connected to all
operators around the world
AND THAT CHAIN MIGHT BE LONG…
YouSecurEnvoy
SMS GW
Operator
Partner
So they use partners to connect to operators.
… OR EVEN LONGER
YouSecurEnvoy
SMS GW
Operator
Partner
But that partner might use a partner as well.
Partner
TWO PARAMETERS TO MEASURE QUALITY
YouSecurEnvoy
SMS GW
Operator
Partner Partner
Delivery time (DT) in seconds
Delivery rate (DR) in percentage %
• Reasons for high Delivery Time• Long processing time in the chain• CM can process up to 2000 messages per
second
• Reasons for low Delivery Rate: • Bad phone numbers• Failure somewhere in the chain
CM IS 24/7 OPTIMIZING ROUTES
YouSecurEnvoy
CMOperator
Partner
Partner
Partner
CM’s Network Operation Center
Based upon DR and DT data we constantly find the best partners to deliver the message to the operator.
We can guarantee 90%> delivery within 10 seconds.
Free Retry service
WHY CM
We are building the worlds best platform for mobile messaging and payments. Daily proven by
2.7 million messages on 5 continents and in 180 countries.
Direct connections
Approval to work with governments
and banks
High capacity and fast delivery time
Private redundant data center
Around for 15 yearsCommercial SMS available 1993
Open 24/7
HONORABLE MENTION
Don’t just take our word for it…
START NOW!
• Try tokenless authentication– Go to www.securenvoy.com and select the 30 day
free trial– During the trial you get free test messages via CM
Telecom
• Improve your SMS delivery– Go to securenvoy.cmtelecom.com and create an
account to start sending using the Global Gateway Priority.
• If you are Dutch; download the whitepaper– www.cm.nl/sectorexpertise/beveiliging– If you speak English, contact me for a translation
THANK YOU
PHIL UNDERWOOD – [email protected]
Global Head of Pre Sales
CAS SCHALKX– [email protected]
Product Marketeer
@cmtelecom
cmtelecomtv
+CMTelecomBVBreda
cm-telecom
![Mutual Exclusion - Tokenless and Token Based Algorithmssrsarangi/col_819_2017/docs/mutex.pdf · Mutual Exclusion Tokenless and Token Based Algorithms ... (j;m), it sets seq i[j] =](https://static.fdocuments.in/doc/165x107/5b5fae9b7f8b9a8b4a8e571e/mutual-exclusion-tokenless-and-token-based-srsarangicol8192017docsmutexpdf.jpg)
