Identifying mobile users on the move
Best practice in security means that personally identifiable information should be protected with “out-of-band” authentication. This is easy to do when users are logging into a computer and then using their cell phone or a token to transmit the one time passcode. However, out-of-band authentication is much more challenging when your smartphone is both the computer and the token.
There are ways to minimize the risk of only having one device by tracking network or IP awareness, or by loading a soft token or PKI certificate onto the device. These methods have trade-offs between ease of use and increased risk of a security breach. Also, they identify the device, but can’t necessarily confirm that the user is still the same.
Looking at biometrics ensures that the person using the device is the authorized user. A multifactor authentication through voice registration is a highly secure way of doing this. Usage patterns for the registered device can help determine the risk-level of the transaction, and so the need for additional security.
For more insight into how best to authenticate your mobile users, stop by to see us at booth #222 at RSA Security in San Francisco February 27 through March 2 or register to view our webinar, Secure your mobile channel without affecting usability.
Recommended For You
Mobile Usage is Changing Member Experience Did you know 88% of U.S. online adults now use a smartphone?[i] Living in an […]
A Two-step Authentication Approach Consumers are always on the go, using digital devices to make purchases, check account balances and […]
Meet Credit Union Members Where They Want to Do Business. It takes more than a “smile and a handshake” to […]
From movies like the “Big Short” to today’s history lessons, the Great Recession is well documented. I’ve worked in the […]