Make it Mobile
How to successfully implement a
secure mobile strategy
www.vasco.com
Make it Mobile
T
he mobile revolution is unstoppable. Mobile devices are proliferating in today’s personal
and professional environment, and there are now more mobile devices than people
on the planet. In order to adapt to the fast-paced trend of mobilization, organizations
worldwide are making their applications, data and corporate information accessible to
customers, suppliers and employees from virtually any portable device.
Do benefits
concerns?
outweigh
Mobile applications are changing the way
business is done, offering instant access to
services for your users. And the conveniences
of mobile applications can yield many benefits:
mobile apps can save time, reduce cost, and
accelerate business, boosting everything from
workforce productivity to customer loyalty.
Unfortunately, hackers are taking advantage of
the many complexities created by the mobile
ecosystem to exploit vulnerabilities, resulting
in sophisticated fraud schemes and theft of
sensitive data. With relentless threats to data
integrity, new requirements for data protection,
and complex regulations around the privacy
of sensitive data, both financial and business
organizations face significant challenges as
they embrace the mobile trend.
Potential threats to mobile applications
including m-banking, m-commerce, or even
remote access to the corporate network are
similar to those of traditional applications; only
the platform and technology have changed.
And with the increasing trend of BYOD (Bring
Your Own Device) in the workforce, security
continues to grow in importance.
1
The benefits of mobile are clear, but as the
business world continues to evolve with
the influence of ongoing technological
developments, security practices must
change along with it.
Mobile Facts
2.1 billion
there will be
mobile phones worldwide by 2017
84.4 %
11.7 %
2.9 %
0.5 %
0.6 %
Android
Apple
Windows
BlackBerry
Other
Source: IDC, 2014 Q3
Make it Mobile
Becoming as strong as the weakest link
Vulnerabilities or weaknesses in any area of a mobile application can open an organization up to risk and may
result in serious consequences, including data loss, fraud, loss of revenue, and even damage to brand reputation.
Source: Gartner (August 2013)
50 %
by 2017,
of
employees will use their own
device for work
50%
51%
35%
60%
do not password
protect their
device
have financial
apps on their
phones
have shopping
apps
desire secure
mobile
authentication
VASCO
helps you to successfully
implement a
secure
mobile strategy
As the mobile environment continues to evolve,
protecting access and integrity of mobile
applications is a must. However, any security
system is only as effective as its weakest link,
which can often be the users themselves.
When it comes to user adoption of a mobile
application, user experience can often be a
determining factor in its success or failure.
Unfortunately, mobile users don’t want to be
burdened with a laborious process to access
accounts or complete and sign transactions.
Two-factor authentication can offer an answer
to this challenge.
VASCO’s renowned DIGIPASS authentication
technology delivers a higher level of security
than traditional passwords, and ensures that
only authorized users gain access to sensitive
information. What’s more, our innovative
authentication and signing options – from QR
Codes to transparent one-time passwords
(OTP) to Bluetooth-enabled options - can make
the process seamless and even enjoyable for
your mobile users.
VASCO can help you to balance the need
for stronger mobile application security with
demands for user convenience with userfriendly two-factor authentication and e-signing
options that take security “friction” out of the
equation. By delivering comprehensive mobile
application security as well as a painless
authentication and e-signing experience for
your mobile users, we can bring the right
combination of security and convenience to
your mobile security strategy.
2
Secure your mobile assets
•
Enhanced application security
•
Improved business flexibility
When it comes to your mobile applications,
VASCO can help you ensure the right
levels of security, without creating
additional challenges for your mobile
users. Our mobile security portfolio
includes:
•
Excellent user convenience
•
• DIGIPASS for Apps
•
Easier to deploy and manage
•
• DIGIPASS for Mobile
•
Future-proof and easy to scale
•
• MYDIGIPASS.COM
•
Increased customer trust and loyalty
•
• Virtual DIGIPASS
•
Improved competitive advantage
•
• DIGIPASS Nano
•
Lower TCO
•
• DIGIPASS powered by Intel ITP
•
• Visual Transaction Signing
•
• Bluetooth Solutions
Key benefits of mobile
authentication
3
VASCO’s Mobile Solutions
Portfolio
Comprehensive SDK for
Developers
DIGIPASS for Apps
DIGIPASS for Apps is a comprehensive developer’s toolkit
(SDK) that natively integrates complete mobile security, twofactor authentication and electronic signing into your mobile
applications. Through a robust library of APIs, you can extend
and strengthen security for your applications and deliver
unprecedented convenience to your users, while streamlining the
application deployment and lifecycle management process.
DIGIPASS
for APPS
Software Authentication
DIGIPASS for Mobile
DIGIPASS for Mobile balances the need for stronger mobile
security with user demands for convenience by delivering
a frictionless, “hands-free” two-factor authentication and
e-signing experience along with built-in application security
to ensure that any application running on a mobile platform
is self-protected in all the aspects of application runtime. And
when combined with DIGIPASS for Apps, DIGIPASS for Mobile
offers a comprehensive and integrated security framework for
your mobile applications.
4
VA S C O ’ s
m o b i l e
authentication
solutions
Cloud Service for Application
Providers
MYDIGIPASS
MYDIGIPASS™ is VASCO’s cloud-based, two-factor
authentication service that enables application providers to
deliver a single and secure login experience for their users,
across multiple web and mobile applications. MYDIGIPASS
has been designed with the needs of the service provider
in mind, delivering the unique and powerful combination of
industry-leading security, intuitive end user experience, and a costeffective and scalable deployment model.
SMS Authentication
Virtual DIGIPASS
Virtual DIGIPASS offers a user-friendly and cost-efficient
solution for strong user authentication and e-signatures.
Virtual DIGIPASS allows dynamic passwords to be sent to
a user’s mobile phone via SMS. The solution can be used
as a primary authentication method or as back-up in case
an authentication device is lost or has been forgotten. This
guarantees a continuity of service without requiring helpdesk
support. Based on two-factor authentication - something you
know and something you “already” have - Virtual DIGIPASS adds
another layer of security to log-in functions where static passwords are
still in use.
5
VA S C O ’ s
m o b i l e
authentication
solutions
Bluetooth-enabled Authentication
DIGIPASS Bluetooth
VASCO’s Bluetooth authentication solutions simplify
authentication without compromising on security. Our
solutions allow you to create a seamless and secure
connection between the authenticator and the mobile device
through Bluetooth pairing. No need to manually enter a
password or plug in a USB cable. Through an end-to-end
encrypted channel, VASCO introduces an unprecedented level
of security for mobile users and online applications, enabling
your organization to instantly and securely exchange information
with your users and reinforce security without additional configuration
demands. Our Bluetooth solutions offer both authentication and e-signature
functionality and are ideally suited to secure your high-value environments such as
online transactions, (mobile) applications, PKI environments and corporate network
access.
Visual Transaction Signing
CrontoSign™
CrontoSign™ is an innovative patented visual transaction
signing solution providing a user friendly and effective way to
withstand even very sophisticated attacks by Trojan malware,
targeting online banking services.
The Cronto mobile application delivers the most optimal
combination of usability, security and cost of ownership
by allowing users to verify and sign transactions anytime,
anywhere. Account holders simply scan a CrontoSign image on
the bank’s website with their mobile phone. Transaction details are
immediately displayed on the screen of the user’s mobile device. Users
verify these transaction details and sign the transaction with the generated
electronic signature displayed on their screen.
6
Why choose VASCO for Mobile
Security?
Today, VASCO enables millions of users to conduct even the most sensitive transactions securely
on mobile devices. Some of the leading financial and consumer organizations around the world trust
VASCO to secure their mobile applications. Our current customers include HSBC, Santander, Citibank,
Rabobank, KBC, Bank of America, BNP Paribas Fortis, ING, ABN AMRO, Deutsche Bank, Sumitomo
Mitsui Bank,... Our customers choose us to help them gain:
Comprehensive Mobile App Protection
VASCO helps to bring new, inter-connected levels of security to your application to reduce threats and
combat fraud. With VASCO’s solutions, all core components of a mobile application can now be secured at
every level, and protection is easily integrated, without performance disruptions or end user visibility.
A “Hands Free” Mobile User Experience
With broad, flexible, fully integrated two-factor authentication and electronic signing options, you can
deliver on the simplicity and convenience demands unique to your mobile users, even for the most
sensitive transactions.
Streamlined Development & Deployment
VASCO’s solutions have been designed to be flexible and friendly for application developers, so they
can focus on application features that drive new business opportunity. VASCO also offers full-service
implementation support for any component of your project, from design to publishing.
7
VASCO
BUSINESS
CASE
Croatian Telecom
uses VASCO’s strong
authentication to
secure its Virtual
Desktop
Objective
Croatian Telecom intended to offer a Virtual Desktop
to its customers with a completely integrated
security solution. They had to design a solution that
would provide high security at a competitive price
per month per user.
Challenge
The main challenge was to implement a secure
but cost-effective solution that is user-friendly and
would fit into the existing infrastructure.
Solution
Virtual DIGIPASS in combination with IDENTIKEY
Authentication Server provided the perfect
answer to the demands of Croatian Telecom. The
solution offers an easy-to-integrate, highly secure
environment and fits into the pricing policy of the
company.
About
Croatian Telecom is a member of the
T-HT Group and a leading provider of
telecommunications services in Croatia.
The basic activities comprise provision of
telecommunications services, design and
construction of telecommunications networks
in the territory of the Republic of Croatia. In
addition to the provision of fixed telephony
services, the group also provides Internet
services, including IPTV, data transmission
services and GSM and UMTS mobile
telephone networks.
“
VASCO’s solution is highly portable
as the mobile phone acts as an
authentication device. End users no
longer have to worry or think about
carrying around an extra device for
authentication, and we don’t have to
worry about the distribution process of
hardware authenticators.”
Goran Car, Director of Professional
Services Division from Combis.
8
VASCO
BUSINESS
CASE
Qatargas secures
corporate network
access by
implementing DIGIPASS
and IDENTIKEY into its
Citrix metaframe
Objective
About
The company deployed IDENTIKEY Authentication
Server Gold Edition together with DIGIPASS GO 6,
Virtual DIGIPASS and DIGIPASS for Mobile. This
combination allows the group to secure access to its
business applications for its different target groups.
IDENTIKEY works seamlessly with the various
DIGIPASS solutions and requires no additional
hardware investment. Moreover, the number of
users over time is easy to extend thanks to the
flexible licensing system.
Qatargas pioneered the liquefied natural
gas industry in Qatar. Today the company is
realizing its vision to deliver LNG to customers
around the globe from its facilities in Qatar.
With remote offices and on- and offshore
plants in different locations, Qatargas was
looking for a secure remote access solution
allowing its employees and contractors
worldwide to access its corporate network and
business applications.
Challenge
Implement a Citrix compliant solution that secures
the company’s network and applications enabling
remote access for executive management, remote
offices and contractors.
Solution
DIGIPASS has leveraged the security level
of Qatargas’ remote network and business
applications through the use of dynamic onetime passwords. DIGIPASS in combination with
IDENTIKEY Authentication Server is fully compliant
with Citrix’ solutions hence providing secure remote
access to the Citrix metaframe.
“
We
prefer
to
use
software
authentication
devices
whenever
applicable to avoid the logistic
challenges of delivering hardware
devices to our overseas offices and
plants. The fact that VASCO’s solutions
are reliable and simple to manage, was
a decisive factor in the decision making
process.”
Mohammed Abu-Nejim
Head of Data Networks at
Qatargas
9
VASCO
BUSINESS
CASE
Randstad Germany
uses VASCO to secure
remote access
Objective
About
Replace the existing authentication solution for
secure remote access to the corporate network for
approximately 1,000 mobile employees.
To protect its sensitive data from unauthorized
access, the employment agency Randstad
Germany has been relying for years on a strong
two-factor authentication solution to secure its
remote access. When after the spring of 2011 a
security issue was detected in the solution of
the manufacturer at the time, Randstad decided
to switch to VASCO’s DIGIPASS authentication
solution and IDENTIKEY Authentication Server.
Challenge
The migration had to be made quickly and on the
fly, without compromising the security of the remote
access solution.
Solution
Randstad opted for the combination of VASCO’s
IDENTIKEY Authentication server and DIGIPASS
authenticators. As a back-up for the hardware
DIGIPASS, Randstad also deployed Virtual
DIGIPASS and DIGIPASS for Mobile.
“
“Availability and safety were our
main priorities for our remote access
solution. The concerns we had about
the security of our previous solution
provider prompted us to look around for
alternatives… We were really impressed
by the possibilities and found it to be
more suitable than our former solution.”
Stefan Gräf, Team Manager Network &
Storage at Randstad Germany.
10
VASCO
BUSINESS
CASE
HSBC Bank Brazil
provides full integration
between its electronic
channels with m-banking
and VASCO’s DIGIPASS
for Mobile
Objective
About
Enhance HSBC Bank Brazil’s multi-channel
approach by offering secure m-banking services to
its retail customer base.
HSBC Bank Brazil is the first bank in
Brazil
to
offer
integrated
m-banking
services based on VASCO’s DIGIPASS
for Mobile. HSBC retail customers can
withdraw cash from ATMs, make transactions,
money transfers and online payments using their
mobile phone as an authentication device.
Challenge
To secure HSBC m-banking services, the application
must be small and generic, fit for any mobile
device. Furthermore, the application needs to be
chip, device and telecom provider independent.
Solution
DIGIPASS for Mobile conveniently provides secure
m-banking services anywhere, anytime. From now
on, HSBC Brazil retail customers are identified
through their mobile phone and social security
number instead of their account number. This
new method whereby the mobile phone is used
as an authentication device enables customers to
use their mobile phone to access HSBC services
through all channels (ATM, Internet banking, phone
banking) without needing to remember their account
and branch number in addition to user name and
password combinations.
“
“We chose VASCO because the
company is worldwide recognized as a
reliable global authentication services
provider. Furthermore, DIGIPASS for
Mobile is a highly scalable solution
with a very cost-effective maintenance
and
roll-out.
VASCO’s
mobile
authentication solution allows HSBC
Brazil to offer its customers a highly
secure yet convenient and simplified
online user experience.”
Marcello Veronese
Head of One HSBC distribution
11
VASCO
BUSINESS
CASE
All round security
for Odeabank’s
application thanks to
VASCO’s DIGIPASS for
Apps
Objective
Odeabank had to comply with the rules issued by
the Banking Regulation and Supervision Agency of
Turkey while issuing a better customer experience,
stating that two-factor authentication is mandatory
for performing financial transactions via online
banking.
Challenge
The bank wanted to integrate the solution into the
mobile banking application worked on iOS, Andorid
& Windows8, because they wanted a fast and
convenient solution, with no friction for the end user.
Solution
Solution
DIGIPASS for Apps can be integrated and modified
easily according to the bank’s needs and guarantees
a quick, safe and simple login process.
About
Having entered the Turkish banking industry
in 2012, Odeabank maintained steady growth
and continued to solidify its achievements.
After two and a half years of its foundation,
Odeabank moved up to 10th place among
private deposit banks. Today, the bank has
53 branches and 1477 employees. Odeabank
proved a distinctive service quality in the
banking sector thanks to a service model
built on well-thought processes, technological
infrastructure, and qualified and experienced
human resources.
“
VASCO’s solution met our needs better
than other competitors’ solution, rather
than having a single OTP application in
the stores as most of our competitors
preferred, we embodied the OTP
feature into our single mobile banking
Odeabank app.”
Mr. Tayfun Küçük, Chief Technology
Officer at Odeabank
13
MOBILE CUSTOMER QUOTES
“
We are thrilled to partner with VASCO,” says Jean-Louis Van Houwe, CEO of Monizze. “We offer our customers
elaborate payment solutions without compromising security. VASCO has built a worldwide reputation as a
specialist in securing banking applications. By integrating VASCO’s innovative and renowned technology
into our web applications, we give our users the fundamental trust to use our online services in a secure
manner without being oblivious about user-friendliness.”
“
We believe VASCO offers a product and service that is unrivalled by its competitors,” said Chris White, Chief
Information Officer at Clyde & Co. “Moreover, the ability of our support team to resolve any token issues with
VASCO directly, rather than having to work through a supplier, means we can ensure our lawyers are online
quickly and easily, and ultimately deliver a stronger service to our clients.”
“
Marcello Veronese, Director of Digital Channels at HSBC, says; “The enhancement of this broader DIGIPASS
for Mobile deployment is the result of more than five years of research and development. We wanted to
ensure that our customers would profit from an innovative and easy-to-use authentication solution, not only
in Brazil, but also worldwide. Thanks to the partnership with VASCO, we created a state-of-the-art solution.
It’s a significant advantage for the Brazilian market where cards with static passwords are still widely in use”
14
“
VASCO’s solution met our needs better than other competitors’ solution,” says Mr. Tayfun Küçük. “Rather
than having a single OTP application in the stores as most of our competitors preferred, we embodied the
OTP feature into our single mobile banking Odeabank app.”
“
We wanted to enhance our network security while still keeping the convenience of our corporate users near
the top of our requirements,” said William Worthington, CISO of Caesars Entertainment. “Having a mobile
solution makes it simple for employees to comply with a much higher standard of security.”
“
At KBC Bank Ireland, we are committed to giving customers a digital banking experience that is convenient,
intuitive and above all, secure,” stated Evert Vandenbussche, Chief Operations Officer, KBC Bank Ireland.
“We are always looking for new ways to innovate and build on this experience for consumers as they move
away from traditional banking methods to embrace new technologies. With the addition of DIGIPASS for
Apps to KBC’s mobile offering, our customers can now enjoy swift, secure mobile banking at their fingertips,
making account access and paying for goods and services even easier than before.”
15
Request more information:
[email protected]
www.vasco.com/contactus
Copyright © 2015 VASCO Data Security, Inc, VASCO Data Security International GmbH. All rights reserved. VASCO®, CertiID™, VACMAN®, IDENTIKEY®,
aXsGUARD®, DIGIPASS®, the ® logo and the ™ logo are registered or unregistered trademarks of VASCO Data Security, Inc. and/or VASCO Data Security
International GmbH in the U.S. and other countries. VASCO Data Security, Inc. and/or VASCO Data Security International GmbH own or are licensed under all title,
rights and interest in VASCO Products, updates and upgrades thereof, including copyrights, patent rights, trade secret rights, mask work rights, database rights
and all other intellectual and industrial property rights in the U.S. and other countries. Other names may be trademarks of their respective owners. BR201502 - v4
/digipassbyvasco
/VASCODataNews
/user/vascodatasecurity10
blog.vasco.com