Security at Your Fingertips: CA and Samsung Discuss Biometric Authentication

by December 7, 2017

In our upcoming Virtual Summit, CA and Samsung SDS Nexsign will explore biometric authentication technologies and standards, and demo some leading-edge use cases for biometric authentication. Learn more about how your business can build a next generation mobile app that integrates biometric authentication solutions to deliver a more secure and intuitive user experience. Register today.

Consumers demand compelling app experiences; business success demands that security is built into mobile solutions. In the past, these two aims have seemed to be in conflict. Building robust security into applications has typically resulted in slower development times and impacts on user experience. While consumers are becoming more discerning about mobile security, they are rarely willing to sacrifice ease-of-use for peace-of-mind.

Can performance and protection ever exist in harmony for mobile applications?

At CA, we say yes – and these solutions couldn’t come soon enough. Just look to recent massive, high-profile data breaches from companies like Yahoo and Equifax to see the importance of security in web and mobile transactions. If these breaches taught us one thing, it’s that traditional knowledge-based authentication methods such as passwords and security questions are insufficient in today’s mobile-first world.

Passwords fail. What other options exist?

Passwords fail because they are easily forgotten, easily compromised, easily re-used, and easily shared. Solutions like Single Sign-On and behavioral-based authentication have emerged to address some of these shortcomings while providing a more seamless user interaction. But consumers and businesses are demanding ‘passwordless’ experiences that can be easily standardized across platforms. The FIDO Alliance was created to empower secure authentication among devices and online services while maintaining ease of use, privacy and security, and standardization.

FIDO certification involves multi-factor authentication protocols such as Universal Second Factor (U2F) and Universal Authentication Framework (UAF) that prompt online services to seek a password plus an additional authentication mechanism from devices, such as a one-time password or a biometric. ‘What you know’ authentication is quickly being replaced by ‘what you have’ and even ‘who you are’ with the incorporation of biometrics such as fingerprint and iris scans, and voice and facial recognition. In my upcoming Virtual Summit session with Samsung SDSA, I’ll explore the technology and industry standards behind biometrics, and how pioneering businesses are taking advantage of biometric authentication in a number of compelling real-world examples.

How do APIs power next-gen authentication?

FIDO standards were built on the principles of APIs, or application programming interfaces, that reduce the workload for developers to build mobile apps that securely expose enterprise data and resources outside their organizations. APIs enable broader product and partner ecosystems, but the integration, management, and security of these APIs must be prioritized to extract the most value from mobile development investments.

As our Mobile API Gateway customers invest more in mobile as a key business driver, they are increasingly seeking the ability to integrate secure logins into their apps and provide advanced authentication beyond traditional passwords. Through our partnership with Samsung SDS Nexsign, CA Mobile API Gateway customers can integrate Nexsign’s enterprise-grade biometric solution into their mobile apps, and support FIDO-based authentication using biological information such as fingerprint, facial recognition, iris scan, or voice identification.

Exploring the value of biometric authentication in our Virtual Summit

“Samsung SDSA is excited to participate in CA’s Virtual Summit to discuss biometrics in the mobile enterprise,” said Richard Lobovsky, VP Enterprise Solutions at Samsung SDS America. “Our Nexsign biometric authentication solution is enterprise-grade and FIDO-certified, and helps safeguard financial institutions by providing a secure and frictionless user experience. This risk-based authentication approach, in combination with our partner BioCatch’s continuous behavioral monitoring, provides a powerful solution to protect against fraud and social engineering attacks.”

Register for our upcoming Virtual Summit today to learn more about the technology and industry standards behind FIDO and biometric authentication, explore solution use cases across document authentication, fraud avoidance, ATM banking, and mobile- and voice-based transactions, and develop best practices for secure and seamless mobile experiences.