Strong credentials – Open, Scalable and Extensible

Evolution of digital Infrastructure for global economy

2

CommerceCommerce

CollaborationCollaboration ContentContent

CommunicationCommunication

WebWebIdentityIdentity

EmailEmail WiredWiredCallsCalls WirelessWireless

CallsCalls

Extranets &Extranets &IntranetsIntranets

SMSSMS

EE--commercecommerce

ConsumersConsumers EnterpriseEnterprise

ServiceServiceProvidersProviders

GovernmentGovernment

Telecommunications &Internet Infrastructure

3

The infrastructure is under attack

4

Consumer Fraud Complaints for 2003

+ Foreign money offers 4%

+ Business opportunities, work-at-home plans 3%

+ Magazines, buyers clubs 2%

+ Telephone services 2%

+ Healthcare 2%

+ Identity theft 43%

+ Internet auctions 13%

+ Internet services, computer complaints 6%

+ Shop-at-home, catalog offers 5%

+ Advance fee loans, credit protection 5%

+ Prizes/sweepstakes/gifts 4%

Source: Federal Trade Commission, 2003

5

Market Drivers for Strong Digital Identities

+ Identity Theft ▪ 34% computer users would give their password

away for nothing (70% for chocolate) ▪ Crack once, spoof everywhere (my bank password

is also my Yahoo! Mail password

+ Hackers gone phishing▪ Rapidly growing threat▪ Effective: 5% to 10% success rate

+ The perimeter is melting▪ Need to expose internal systems to external

partners and customers▪ Weak authentication makes it too risky

+ The astonishing cost of “free” passwords▪ Average cost to reset a password: $68 ( Forrester

Research)▪ Liability and churn: priceless

6

Emerging solutions?

Consumers (Identity Data)

Infrastructure functionsReusable service (eg. Data presentation, Open/ edit/ delete account info)

Control and Policy management services such as Communication, Coordination, event management, access policy etc.

Scalable and extensible strong authentication solution

Services – Communication, Content, Commerce

7

Need to Strongly Authenticate Everyone, Everything, Everywhere

Increasing network interactions Increasing network interactions across all users typesacross all users types

+ Enterprise LAN

+ Extranet

+ Public Internet

All Networks

+ Employees

+ Business partners

+ Customers

All Users

+ Desktops

+ Mobile Devices

+ Servers

+ P2P

All DevicesStrongStrongAuthenticationAuthentication

Proliferation of IP Proliferation of IP Devices & Web Devices & Web

Services

Federated IdentityFederated Identity

Services

8

How?

CommonCommonAuthenticationAuthentication

PlatformPlatformThat’s ScalableThat’s Scalable

USB token

All-in-one token (OTP & USB smart card)

Soft certificate and soft OTP

Future: Consumer Scratch card

05: Smart card for physical & network access

9

Scalable and extensible strong auth solution

APIs/ Web Services

Scalable and highly available platform for strong authentication

Credential provisioning

User Self-Service

Credential Management

and administration

Validation service

Services – Communication, Content, Commerce

Consumers (Identity Data)