Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015.

Published byReynold Chandler Modified over 9 years ago

Similar presentations

Presentation on theme: "Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015."— Presentation transcript:

1 Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015

2 Emails are a Priority for Enterprises 2 Forrester, December 2011 Mobile Enterprise, December 2014

3 Main Requirements Addressed 3 BYOD Same mobile device for professional and private usages Mobility Access to emails anywhere, anytime Security Mobile devices are more exposed than PCs Standard Compatibility with existing email servers and Outlook

4 Mobile OS Market Share Evolution in Q3 2014Q3 2014 4

5 Adoption of the OS by the Enterprises Footer, 20xx-xx-xx 5 Mobile Enterprise, December 2014

6 6 Secure Elements Now and Future MicroSD UICC TEE eSE Badge via contact reader As of today: 10 Million Gemalto smartcard active users 20 Million 3 rd party smartcard active users Next 2 years: Prototypes in progress Badge via NFC Semi- detached credentials Embedded credentials Smart card on a stick Badge via Bluetooth reader Detached credentials In 2 - 5 years: Next generation of handsets BYOD/ mobile desktop will increase needs for Secure Elements Secure Element adoption over the time

7 IDGo 800 Middleware and SDK 7 NFC driver USB OTG (*) driver PKI Crypto Layer API Test tools OTP API 3 rd party client applications Middleware SDK IDPrime Secure Elements TEE (*) PC-SC like API (*) OTG: On-The-Go = USB Master TEE: Trusted Execution Environment BlueTooth driver Other Secure Elements Other APIs

8 Supported Readers and Tokens on Android 8 USB On-The-Go port (= USB Master ) or BlueTooth USB Female – Micro USB adaptor or cable BHXT and Feitian readers USB tokens & IDBridge K3000 PC-Link readers Micro USB cable

9 IDGo Secure Email Native Email applications: Native Email clients are not designed with security in mind:  Emails and attached documents are in clear text  Encrypted or signed emails cannot be read  User credentials can be easily discovered IDGo Secure Email features:  Encryption of emails and User credentials  Digital signature  Strong authentication of the user 12

10 Value Proposition For enterprises and governments who want to secure their emails, IDGo Secure Email is a state-of-the-art application for Android that signs, encrypts and decrypts the professional emails based on Extended ActiveSync (EAS) and S/MIME protocols. Thanks to the IDGo 800 middleware, it addresses all the Gemalto hardware Secure Elements and benefits from their unequaled security level. 10 For BYOD environments, IDGo Secure Email also manages the private emails following the standard public POP3, SMTP and IMAP4 protocols.

11 ISE Security Features S/MIME email signature and encryption Encryption algorithms: 3DES, AES256, RSA Signature algorithms: MD5, SHA1, SHA256, SHA512, RSA 11 Gemalto middleware and Secure Elements IDGo 800 for Android and associated readers: USB, NFC, BLE, µSD IDPrime MD,.NET and PIV PKI applets SSL / TLS communication with the server

12 More Features and Benefits Microsoft Exchange ActiveSync (EAS) protocol Synchronization of Contacts and Calendar Push or periodical email synchronization, SSL / TLS communication Compliant with Outlook, Thunderbird and other standard email apps S/MIME email signature and encryption Crypto algorithms: 3DES, AES256, RSA, MD5, SHA1, SHA256, SHA512 PKI certificates management Local validation with the CA, revocation by CRL Certificates retrieved from validated emails, (multi) LDAP and EAS server POP3, IMAP4 and SMTP email protocols for BYOD usage Multi accounts, mailboxes and folders, combined mailbox HTML or plain text email format, Group and Search emails, Remote Wipe, Root detection 12

13 What is Exchange ActiveSync? EASEAS is a communication protocol that synchronizes emails, calendars, contacts and tasks between email servers and mobile client applications It also provides some Mobile Device Management (MDM) features and security policy controls It is based on XML and HTTP(S) protocols More details… EAS is licensed by Microsoft is the main provider of EAS compliant email servers EAS is supported by Windows Phone, Android, iOS, BB, Gmail, Google Apps, Office 365, Lotus Notes 13

14 What is S/MIME? Secure / Multipurpose Internet Mail Extensions Standard protocol based on X509 PKI certificates Described by several specifications: RFC 3851, 5751, 5652 Present version is S/MIME v3.2 Insures compatibility between the various email applications and servers Main applications Outlook, Mozilla Thunderbird, MacOS Mail, Gmail, OWA Main email server: Microsoft Exchange Active Sync (EAS) 14 S/MIME specifies the email Digital Signature and encryption / decryption

15 S/MIME Signature more details more details 15 Note: The signed emails can be sent in clear or opaque (base64 encoded) format. Opaque format prevents the risk of wrong signature verification due to some automatic conversion of the text, but requires a S/MIME compliant email app.

16 S/MIME Encryption and Decryption more details more details 16

17 Basic Operations 17 Email edition Input mailbox

18 Wide Settings Capabilities 18

19 More details on our webpagewebpage 19

20 Thank you!

Download ppt "Identity and Access IDGo Secure Email (ISE) for Android Didier Bonnet April 2015."

Similar presentations

Mobile Devices in the DoD

Mobile Devices in the DoD
Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.

Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
310km Lab4 Presentation. Comparison between mobile OS Palm OS Blackberry Os Windows Mobile Symbian i OS Android.

310km Lab4 Presentation. Comparison between mobile OS Palm OS Blackberry Os Windows Mobile Symbian i OS Android.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Mozilla Thunderbird. What is Thunderbird? E-mail client E-mail client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.

Mozilla Thunderbird. What is Thunderbird? client client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.
Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.

Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.
eToken PKI Client Overview

eToken PKI Client Overview
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Business Data Communications, Fourth Edition Chapter 10: Network Security.

Business Data Communications, Fourth Edition Chapter 10: Network Security.
Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September 2014 1 Oberthur Technologies – Identity.

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.

Similar presentations

Ads by Google