Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAP checks if USER ID & Password combination is valid. No identification. User requests Log-on, enters USER ID & Password, (not necessarily their own)!

Published byEdwina Sparks Modified over 9 years ago

Similar presentations

Presentation on theme: "SAP checks if USER ID & Password combination is valid. No identification. User requests Log-on, enters USER ID & Password, (not necessarily their own)!"— Presentation transcript:

1 SAP checks if USER ID & Password combination is valid. No identification. User requests Log-on, enters USER ID & Password, (not necessarily their own)! Log-on Denied Standard SAP® Log-on © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. No biometric authentication, identity management or accountability. Password Sharing not prevented, no fraud attempt alerts. Whatever system capabilities are associated with the User ID, even SAP_ALL, are now available, even if the password was stolen. SAP Security & Authorizations Log-on Allowed

2 User requests Log-on from SSO Software SSO prompts user for biometric scan Access Allowed Access Denied Typical Biometric “Single Sign-On” Systems (SSO) © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. Normal Logon with SAP USER ID and Password still possible, circumventing the biometric SSO! SAP USER ID and Password are retrieved by SSO, passed on to SAP. No biometric verification. No identification of user. Fingerprint template extracted, compared with reference template in SSO system - outside SAP Reference templates SAP Username & Passwords SSO Password Sharing is not prevented!

3 bioLock matches SAP USER ID and Password to user’s biometric credentials User requests SAP Log-on. User enters SAP USER ID and Password. bioLock prompts user for biometric scan Biometric template extracted, encrypted, compared with reference template in bioLock/SAP Log-on Allowed Log-on Denied SAP dedicated name space: /realtime How bioLock ™ Log-on works © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. Reference templates Activity logged Email alert Password Sharing is prevented, fraud attempts logged!

4 Summary © 2013 realtime North America Inc., Tampa, FL. All Rights Reserved. SAP and its logos are trademarks or registered trademarks of SAP AG in Germany and in other countries. All other trademarks mentioned herein are the property of their respective owners.

Download ppt "SAP checks if USER ID & Password combination is valid. No identification. User requests Log-on, enters USER ID & Password, (not necessarily their own)!"

Similar presentations

© 2012 YP Intellectual Property LLC. All rights reserved. YP, the YP logo and all other YP marks contained herein are trademarks of YP Intellectual Property.

© 2012 YP Intellectual Property LLC. All rights reserved. YP, the YP logo and all other YP marks contained herein are trademarks of YP Intellectual Property.
EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.

EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.
Policing the Power of Identity Controls Power Behavior Verify that controls are in place and functioning Monitor user behavior and verify that people.

Policing the Power of Identity Controls Power Behavior Verify that controls are in place and functioning Monitor user behavior and verify that people.
Managing Student Access. What will we cover Registration Options Student Uploads Login Options Alumni Access versus Student Access.

Managing Student Access. What will we cover Registration Options Student Uploads Login Options Alumni Access versus Student Access.
The Industry’s First Multi-Modal, Multi-Factor Biometric Patient Identification System. 1 ©2010 M2SYS Technology. All rights reserved. RightPatient™ Biometrics.

The Industry’s First Multi-Modal, Multi-Factor Biometric Patient Identification System. 1 ©2010 M2SYS Technology. All rights reserved. RightPatient™ Biometrics.
Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.
Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.

Security Security comes in three forms. 1.Encryption – making data and information transmitted by one person unintelligible to anyone other than the intended.
BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,

BIOMETRICS: Libraries have begun to see the value of biometrics. M.G. SELVI Technical Officer Center of Advanced Study in Crystallography and Biophysics,
Access Control Methodologies

Access Control Methodologies
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
The only SAP ® -certified fingerprint authentication, identity and risk management for SAP ® systems Bulletproof SAP ® security at your fingertips! Marketing.

The only SAP ® -certified fingerprint authentication, identity and risk management for SAP ® systems Bulletproof SAP ® security at your fingertips! Marketing.
GR3 - Emergency Access Management

GR3 - Emergency Access Management
An Authorization Service using.NET Passport ™ as underlying Authentication Scheme Bar-Hen Ron Hochberger Daniel Winter 2002 Technion – Israel Institute.

An Authorization Service using.NET Passport ™ as underlying Authentication Scheme Bar-Hen Ron Hochberger Daniel Winter 2002 Technion – Israel Institute.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Students: How to Register for the NREMT Cognitive Exam Rae Oliveira Licensure & Certification – MIEMSS Revised 2/2015.

Students: How to Register for the NREMT Cognitive Exam Rae Oliveira Licensure & Certification – MIEMSS Revised 2/2015.
Create New Account. Use of the Winland EnviroAlert EA800-ip requires an account for remote access to: –View real-time sensor data –Modify setting configurations.

Create New Account. Use of the Winland EnviroAlert EA800-ip requires an account for remote access to: –View real-time sensor data –Modify setting configurations.
Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.

Dr. John P. Abraham Professor UTPA.  Particularly attacks university computers  Primarily originating from Korea, China, India, Japan, Iran and Taiwan.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.

Similar presentations

Ads by Google