Entrust Datacard – Trusted Identities and Mobile Authentication
At Citrix Synergy, I had the opportunity to talk to Patrick Tabourin, Director Strategic Alliances, at Entrust Datacard to learn more about trusted identities, secure authentication and authentication on mobile devices.
Entrust Datacard specialises in trusted identities to be able to secure all transactions. They cover three main markets: consumers, citizens and enterprise
This market concerns secure transactions with credit cards and on mobile phones.
They deliver the printers to print passports and are also responsible for secure authentication to online portals like the tax report access.
For enterprises, they deliver secure access to physical and logical resources.
They deliver different levels of authentication. For example, if a transaction is done in Germany by me via a mobile app and it is about 50€ then there is nothing suspicious about it and I can authenticate with just my username and password.
However, if then I want to do a transaction from China with over 10000€ then this looks more suspicious and several levels of authentication are required. There could be a notification sent to my phone, for example. If it’s me then I have my phone with me and can confirm. If I am not in China, I can deny and then this transaction is automatically redirected to fraud. The consecutive authentication levels are called adaptive authentication.
Entrust Datacard integrate with several apps, like banking apps, and therefore they deliver an API or an SDK so that the integration is seamless. Their authentication system runs on-premises and can be managed by them. They are also building a new Authentication as a Service offer that will be made of completely new components that fulfil the requirement of a service offering the best.
Mobile devices can also be used as a way of authentication on desktop or laptop. It works with proximity. So, the user just needs to come close and the laptop gets unlocked automatically. This reminds me of the unlock feature that Apple announced recently at WWDC 2016. They support iOS, Android, Win10 and BB. It works with a secure bluetooth connection, or also NFC. This use case replaces a lot of smart cards that were used for authentication before. A practical use case are doctors who go from room to room and PC to PC and instead of needing to carry their smart card around they can authenticate with their phone. In the future, I hope that doctors will carry tablets around, though. This makes the administrative work and the communication in a hospital even easier.
Patrick also talked about an integration with XenMobile. Here, the XenMobile enrolment process also enrols the credentials delivered by Entrust Datacard. Therefore, the credentials for authentication are already securely stored on the work phone and can be used for secure authentication at a PC. Also, the WorxApps apps can work with these credentials and the user is automatically authenticated (works hand in hand with XenMobile’s Single Sign-on).
I asked Patrick what differentiated them from other security vendors. He said that it is their well-developed ecosystem. They deliver a platform that can integrate with a various number of solutions. So, they integrate with EMM, smart card or VPN vendors. They also run projects with niche use cases. As they are so flexible and an integration is easy, they can adopt to nearly any use case. They can even run different authentication methods within one organisation.
They are also valued as trusted advisor for security by the biggest governments in the world.
I was curious about future plans of Entrust Datacard. First, they are working on the service model. Second, Patrick gave me a little insight into the security concerns of the Internet of Things (IoT). Here, we see a huge data flow that needs to be secured. They have expertise in this, too. It is different from securing data on the phone as it is a network with a lot of communication devices who sent data back and forth.
Summarising, we can say that Entrust Datacard are working on building the trusted identity for the future. We will also see a shift from security to safety. When we ride totally connected cars or planes, we need to make sure they are not hacked to assure personal safety.
It was a very interesting conversation that I had with Patrick and we even continued talking after our podcast. I’m excited to see what they can do for the Internet of Things!
Please listen to the whole interview below.
Have a great day!