Page 48 - GS170402
P. 48
NewProducts
applications interfere or tamper with a device's
download restrictions and operating system.
• Device identification leverages the unique at-
tributes of a mobile device to provide a persistent
identification, irrespective of mobile updates to de-
feat hackers' attempts to spoof the device.
Multifactor authentication
Company: VASCO Data Security International Inc.
Product: DIGIPASS for Apps solution Vergara noted a common pain point for business owners
and mobile app developers is balancing the need to drive
Website: www.vasco.com growth and engagement with the need to provide secure
Contact: info-usa@vasco.com authentication. "In the beginning we used hardware tokens,
but we went on to develop more frictionless solutions for
Secure, all-in-one authentication," he said. "For example, we use behavioral
authentication to understand how users behave with
devices and online, through the amount of pressure they
developer's toolkit use in their keystrokes, how they hold a phone, and dozens
of other data points. This real-time, artificial intelligence can
detect anomalous behaviors based on a user's behavioral
for mobile apps model."
Fingerprint identification, facial identification that
measures "selfies" against stored templates, and risk-based
ASCO Data Security International Inc., a global authentication that uses available data points to score the
technology company launched DIGIPASS for risk profile of a transaction are other examples of DP4A's
Apps (DP4A), a comprehensive software devel-
V opment kit (SDK) designed to optimize mobile dynamic multifactor authentication schemes.
app security and the customer experience. DP4A includes Risk platform intelligence
an application programming interface library to simplify
integration, the company stated. VASCO's risk platform, the third essential component of
DP4A's three-pronged security strategy, uses advanced
"As organizations move into the digital realm from brick- analytics to determine the risk level of an individual
and-mortar environments, cybercriminals and hackers mobile device. The company's IDENTIKEY Risk Manager
are targeting mobile applications, using multiple attack integrates with DP4A to holistically interpret data and the
vectors to peel off personally identifiable information (PII)," health and integrity of a user's mobile apps.
said David Vergara, Head of Global Product Marketing at
VASCO. "DP4A includes 16 specific capabilities designed The risk platform can leverage geolocation and
to help the mobile channel continuously monitor mobile communications technology to determine a device's
devices, authenticate users and mitigate risk." physical location, whether its communications channels
are open or secured, and if a user's mobile device has been
Vergara said that within DP4A's three-pronged security jailbroken or rooted. It will use this data to calculate a risk
strategy, monitoring and authentication are in the SDK score, based on the device's propensity for fraud.
library, enabling any developer to readily integrate the
features into their own mobile apps. Risk management Secure, enjoyable mobile experience
is accomplished by integrating DP4A with VASCO's Risk "Development teams are pressured in two ways: they're
Platform. tasked with creating the best possible experience to attract
Continuously monitor devices and retain customers, while providing added security,"
Vergara said. "Developers tend to spend much more time
DP4A continuously monitors mobile devices to detect on experience, either because they don't have the time or
anomalies and protect devices from numerous types of ability to address security, or because customer acquisition
malware. Following are some examples VASCO provided: is a top priority.
• Runtime application self-protection continuously When you think of the sheer volume and uniqueness of
runs in the background of a mobile device to detect malware created every day, it can be staggering, he added.
and block malicious attacks such as key logging "We take that tradeoff and balancing act away with DP4A
and overlay attacks. by removing friction and providing an incredible user
experience," he said. "We can also intelligently manage
• Jailbreak and root detection employs key applica- the level of security and ramp it up as needed without
tion security elements to alert users when rogue impacting the user experience in many cases."
48
