Mobile Security
Facebook X LinkedIn

Mobile Security

Combined Session
Wednesday, May 10, 2023 15:30—16:30
Location: B 09

Panel: The MFA Dilemma and Moving Beyond Mobile

This panel will explore the current state of multifactor authentication (MFA) and its limitations, as well as potential solutions for improving the security and user experience of MFA. We will discuss topics such as the challenges of implementing MFA, the limitations of mobile-based MFA, and alternative methods for MFA, such as biometrics and behavioral analysis. The panel will also address the future of MFA, discussing the potential for new technologies to improve security and user experience, and the role of industry and government in shaping the future of MFA. Overall, the panel aims to provide valuable insights and perspectives on the multifactor authentication dilemma and the steps needed to move beyond mobile-based solutions.

Anders Askasen
Anders Askasen
Okta
As Director of Technical Solutions for the EMEA region, Anders is responsible for building Okta’s strategy in all things identity management in the region, with a focus on customer...
Alexander Koch
Alexander Koch
Yubico GmbH
Alexander is VP of sales in EMEA overseeing the DACH and CEE regions for Yubico. He is a technology industry veteran with over 20 years experience in enterprise technology, IT security, and strong...
Hed Kovetz
Hed Kovetz
Silverfort
Hed Kovetz is the CEO and Co-Founder of Silverfort, the provider of the Unified Identity Protection platform. Prior to founding Silverfort, Hed served in product management positions at Verint,...
Fady Semaan
Fady Semaan
Capital One
Fady Semaan, Managing Vice President, Software Engineering, oversees Consumer Identity which is the foundation for every digital experience and interaction that customers have with Capital One. His...

Validating the Security of Mobile Authentication Apps

You are shifting through RFIs for a new mobile app based multi-factor authentication solution for your company. The vendors claim that their products are 100% secure and we all know that there's no such thing as a 100% secure solution, but it's marketing and you know how marketing sometimes goes overboard. How do you determine if the solution is actually fit for your appetite for risk? Can you be sure development time dev credentials have been cleaned up? Is the rooting detection any good? Does the app store plaintext credentials? Is it vulnerable or can someone build a scalable attack against the product you are about to acquire to protect your crown jewels? Let's take a look at different options out there and talk a little bit about what you can request from the vendors.

Validating the Security of Mobile Authentication Apps
Event Recording
Validating the Security of Mobile Authentication Apps
Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.
Validating the Security of Mobile Authentication Apps
Presentation deck
Validating the Security of Mobile Authentication Apps
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Petteri Ihalainen
Petteri Ihalainen
National Cyber Security Centre, Finland
Mr. Ihalainen has extensive information security background having worked for organizations like SSH Communication Security, Ubisecure, EU Commission, Gemalto, and GlobalSign. During his career, he...

Going Native... with Mobile App Authentication

Today, industry best practice requires that the user experience for authentication and authorization require the user to use some form of browser to interact with the Authorization Server. From a product perspective, this creates a disjointed user experience and while there are good reasons for requiring the use of a browser component this is a very common discussion between product and security when designing a mobile app. This talk will propose an industry standard way to allow for native user experiences while covering the pros, cons and implications of doing so.

Going Native... with Mobile App Authentication
Event Recording
Going Native... with Mobile App Authentication
Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.
Going Native... with Mobile App Authentication
Presentation deck
Going Native... with Mobile App Authentication
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
George Fletcher
George Fletcher
Capital One
George Fletcher currently serves as the Identity Standards Architect for Capital One supporting the partner and consumer sides of the business. He is a seasoned software architect with 25+ years of...
Subscribe for updates
Please provide your email address