Layered Security USING your Mobile Device
A natural extension to my last post, I find it interesting that most people intuitively see the need to secure mobile devices, applications and transactions, but they are likely unaware of the incredible power and convenience mobile devices present in terms of serving as a security device themselves.
Increasingly, mobile devices are used for more and more tasks — the first application was voice calls, then email, calendars and texting, work use, personal use, social use; the list seems endless. Newer use-cases highlight mobile devices as a payment method to buy our coffee, and Apple will soon introduce a new application called Passbook in their iOS 6 release, which will help manage all your loyalty cards, boarding passes, event tickets, gift cards and more. Now, imagine extending the power of your mobile phone to provide secure access — a virtual key, so to speak — to the things you want to protect in both the online and physical world.
Available and in use today, organizations are starting to roll out layered security USING the mobile device as a means to authenticate users and grant access. Not only do mobile devices present incredible convenience for end-users, their core design allows for controls that are not only more secure than traditional methods, but typically less expensive to deploy and manage as well. Here are a few quick examples:
- Using your mobile device to generate one-time passcodes to provide secure access above and beyond passwords to website applications such as online banking
- Using your mobile device to securely confirm online transactions BEFORE they are completed; this is a very effective approach to defeat nasty man-in-the-browser online fraud attacks that are popping up everywhere
- Using your mobile device to access your office building, your office, an access-controlled area
- Using your mobile phone to log on to a computer workstation or kiosk, eliminating the need for entering username and complex passwords
And, as they say, this is just the start. As innovative software vendors — with a mission to provide secure, convenient and cost-effective solutions — forge ahead, we will see mobile-based security solutions that will extend to many new facets of our lives. This evolution will replace not only passwords, but also physical security devices such as access cards, steel keys and dedicated key fobs (such as car smart keys).