March 27, 2017 -
The Secure Technology Alliance has released a new white paper that examines the new authentication mechanisms and use cases of mobile identification authentication.
Developed by the Secure Technology Alliance Mobile Council, “Mobile Identity Authentication” provides an overview of mobile ID authentication, highlights use cases that rely on secure user credentials stored on a mobile device, and offers various insights on how new technologies and standards are addressing the growing need for mobile ID authentication.
“Mobile ID authentication provides an answer to the security vs. usability conundrum that many organizations face with authentication, especially now that users expect to use their mobile devices to connect to services without manual entry of personal information that could be compromising their security,” said Randy Vanderhoof, executive director of the Secure Technology Alliance. “By reading this white paper, security-minded professionals across a wide range of industries will understand the benefits and challenges of mobile ID authentication, and get several recommendations on the best practices for implementation.”
The white paper discusses the market drivers for mobile ID authentication, as well as explores the many use cases that rely on secure user credentials stored on a mobile device, including for mobile device access, payments, access control, government issued citizen credentials, and online banking.
The paper includes best practices for authenticated ID credential protection on mobile devices, including using hardware secure elements (SEs), trusted execution environments (TEE) and NFC-based host card emulation (HCE)
In addition, the Secure Technology Alliance provides various perspectives on how emerging technologies and standards are addressing the need for mobile ID authentication, including FIDO authentication, W3C web crypto API, 3D secure protocol and client TLS certificates
Several companies contributed to the development of the white paper including Capgemini; CH2M; CPI Card Group; Discover Financial Services; First Data; FIS; HID Global; ID Technology Partners; Intercede; IQ Devices; JPMorgan Chase; Oberthur Technologies; Paygility Advisors; SHAZAM; TSYS; Vantiv; Verifone; and Wells Fargo.
Earlier this month, the Smart Card Alliance changed its name to the Secure Technology Alliance and expanded its charter to include a broader range of security and privacy-enhancing technologies.