Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAP Authentication 365 Run Simpler with SAP Digital Interconnect

Published byMalcolm May Modified over 6 years ago

Similar presentations

Presentation on theme: "SAP Authentication 365 Run Simpler with SAP Digital Interconnect"— Presentation transcript:

1 SAP Authentication 365 Run Simpler with SAP Digital Interconnect

2 Online Security is Everyone’s Concern & 2FA is the answer
SAP conducted a survey of attendees (with an average respondent group size of 172) during Mobile World Congress 2016 in Barcelona. Respondents were asked to answer questions about mobile transaction security, device preferences, mobile activities, and lifestyle digitization.

3 Another layer of security required while making businesses run simple
Make the experience frictionless and easier for the consumer Use channels that consumers prefer and those which are ubiquitous, simple While ensuring cost effective options for the business Only 40% of users were able to successfully use “secret questions” as a second layer of security for activities like account recovery while 80% of users had success using pins sent over SMS Source: Secrets, Lies, and Account Recovery: Lessons from the Use of Personal Knowledge Questions at Google, Google Research SMS, In App Notifications are desirable delivery channels Majority of businesses prefer cloud based 2FA solution SMS has a 98% open rate within a few minutes of receipt. This is a perfect channel to send 2FA codes to devices and virtually all devices. Source: Parc, InternetSociety Source: Survey conducted by SafeNet The common denominator: A cloud based two factor (2FA) offering that can be combined with consumer’s choice of delivery channels

4 SAP Authentication 365: Service Overview
Cloud-based service that generates and authenticates secure tokens based on industry standard security algorithms Easy to consume via RESTful APIs Easy to embed in customer sites and mobile platforms (iOS, Android) Simple Cloud Based Offering Service can be configured as per customer requirements Comes with an easy to use administrative user interface to establish default token configurations (type, length, timeout, message), delivery channels (SMS, , URL via SMS) Predefined analytics to monitor requests and authentications Options for parent-child accounts (called sub-accounts) Configurable and Easy to Deploy SAP Authentication 365 is our end-to-end 2FA solution. The solution provides both PIN generation and authentication via simple APIs to enable our customers to add an extensive, comprehensive layer of security to their digital presence. The solution is highly configurable and provides an administrative User Interface to help set defaults, test the solution, and view simple analytics. Integrated with SAP Digital Interconnect’s global messaging solution through SAP SMS 365 or SAP Intelligent Notifications, we have the world covered. Integrated with Delivery Channels Integration with SAP SMS 365 and SAP Intelligent Notifications 365 (for ) provides a complete end-to-end solution options Extensive global reach over operator approved routes, scalability, local expertise for SMS delivery of tokens

5 URL Validation – an Alternative Authentication Method
With URL validation, SAP Authentication 365 sends an SMS with a unique URL to the end user. SMS still complies as an Out-Of-Band (OOB) delivery channel. Optionally the URL can be sent to address as well. The end-user selects the URL on their mobile device and are instantly validated. End user does not have to remember or copy down code to validate. Much easier and quicker for end-user. API supports custom text for “authentication successful” screen. Pre-iOS 10 SMS My Logo iOS 10 SMS Browser formatting is an example. Actual visuals and graphics could be changed. Safari (Browser) Message success

6 SAP Authentication 365 is based on industry security standards and also adds it own additional security SAP Authentication 365’s token generation is implemented using both industry standard RFC 6238 (TOTP) and RFC 4226 (HOTP). Implementation of TOTP algorithms exceed the default by using a SHA- 256 cryptographic hash method instead of SHA-1 (default) Invalid responses are limited and locked out after repeated failures from an end-user for any code. SAP Authentication 365 is implemented across geographically redundant servers, requiring a secure connection between SAP and the customer. The authentication methods are based on the oAuth 2.0 and SAML 2.0 Assertion as well as HTTPS to ensure that data transferred between the Client and Cloud is encrypted There are no specific “industry standards” for 2FA implementation; however, many view RFC 6238 (TOTP) as the “gold standard” for the generation of 2FA tokens. SAP Digital Interconnect exceeds all minimums in RFC 6238 and also uses elements of RFC 4226 as well when generating tokens. Additionally, SAP Authentication 365 goes beyond most implementations by requiring secure connectivity to the customers and offers more than minimum options when choosing how to generate 2FA tokens.

7 SAP Authentication 365 end to end workflow Illustrative example, other workflows also possible where 2FA capabilities can be embedded End User Customer Website/App SAP Authentication 365 SAP SMS 365, enterprise service Initiates a transaction that requires the user to be verified 1 2 OR SAP Intelligent Notification 365 4 Generate 2FA Verification Token Calls SAP 2FA Generate API Notification (SMS, other channels) End User’s Mobile Device 3 5 Notification (SMS, other channels) 6 User enters received code into website and selects “Authenticate” Delivery defaults to SAP SMS 365, enterprise service; however, delivery could be directed to SAP Intelligent Notification 365 or another channel. 8 7 Authenticate entered token Calls SAP 2FA Authenticate API Success Success! Transaction will continue 9 Authentication Failed Failed

8 SAP Authentication 365: Additional Service Details
Simple web based access Easy to navigate dashboard View Sub-Accounts New customers will be set-up with a User ID / Password for SAP Authentication 365. Account Management End-to-End Validation Prebuilt Analytics & Traffic Stats

9 Simple API Methods Service Methods Available
Sample code to generate a token... Service API Route, POST Authentication /authorization/getAccessTokenClientCredentials Generate PIN /tokens/generate Validate PIN /tokens/validate Number Lookup /tokens/lookup URL Authorization /token/urlAuthorization Number of Generated PINs /analysis/tokenGenerated Number of Validated PINs /analysis/tokenValidated API Developer’s Guide will provide detailed information on implementing the SAP Authentication 365 API

10 Deployment of end-to-end solution with multiple options based on your business needs
Select your channel of choice SAP SMS 365 (delivered token or URL validation) Channels provided by SAP Digital Interconnect with reliable, quality routing through feature rich connections, with reach of over 1000 operators worldwide in over 230 countries SAP Authentication 365 OR + SAP Intelligent Notifications 365 (providing delivery) SAP Authentication 365 is the ONLY 2FA solution that can use not only our own channels to devices, but also that of ANY customer-provided channel (including a competitor’s SMS service). By default, this uses our A2P SMS solution, but it can easily be configured to leverage Intelligent Notifications. OR Customer channel provider

11 Key use cases enabled with SAP Authentication 365
User Information Management and Security New user, device, or IP-address authentication Password reset or recovery Real-time Process Transaction Validation Order confirmation or high value transaction validation Business workflow execution confirmation e.g. HR or finance transactions These are just a few of the possible use-cases. Customer Engagement Special promotions or coupon tied to a unique code New customer signup or event attendance

12 Value delivered by SAP Authentication 365
Add another layer of protection to systems and data Increased security of business-critical systems and data Increased ability to comply with regulatory requirements Reduced exposure to fraud Increased customer loyalty and engagement Increased user loyalty and trust Improved engagement mechanisms with confirmed user participation Our cloud based solution can provide capabilities that many on premise or in-house solutions cannot. For security, 2FA over SMS is one of the most effective and easiest security solution that you can provide. It is easily incorporated into an existing website or authorization workflow and easy to implement with SAP Authentication 365’s simple API calls. Ease of deployment Lower cost than hardware-based token solutions, cloud based deployment Minimal end-user education required Easily extended to other services

13

Download ppt "SAP Authentication 365 Run Simpler with SAP Digital Interconnect"

Similar presentations

XProtect ® Professional Efficient solutions for mid-sized installations.

XProtect ® Professional Efficient solutions for mid-sized installations.
XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.

XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.
OTP – SMS Two-Factor Authentication. TABLE OF CONTENTS Introduction3 OTP – SMS Two-Factor Authentication5 Technical Overview9 Features10 Benefits11 About.

OTP – SMS Two-Factor Authentication. TABLE OF CONTENTS Introduction3 OTP – SMS Two-Factor Authentication5 Technical Overview9 Features10 Benefits11 About.
Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.

Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.

Customer Sales Presentation Stoneware webNetwork Powered by ThinkServer.
Managing Client Access

Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
VeriSign® Identity Protection (VIP) Overview. 2 2 VeriSign Confidential Trust on the Internet is More Compelling Than Ever 1.5 billion Internet users.

VeriSign® Identity Protection (VIP) Overview. 2 2 VeriSign Confidential Trust on the Internet is More Compelling Than Ever 1.5 billion Internet users.
Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.
Plant-a-Tree Rewards Develop a positive relationship with your customers and employees by doing something great for the planet — together! Plant-A-Tree.

Plant-a-Tree Rewards Develop a positive relationship with your customers and employees by doing something great for the planet — together! Plant-A-Tree.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Computer Emergency Notification System (CENS)

Computer Emergency Notification System (CENS)
Google Apps (Education Edition) A step guide to a successful deployment January 10 th, 2008 California Technology Assistance Project www.ctap1.org.

Google Apps (Education Edition) A step guide to a successful deployment January 10 th, 2008 California Technology Assistance Project
A Guide to Getting Started. 2 Free social learning network for teachers, students, schools and districts Safe and easy way to connect Exchange ideas Share.

A Guide to Getting Started. 2 Free social learning network for teachers, students, schools and districts Safe and easy way to connect Exchange ideas Share.
IBM Bluemix Ecosystem Development Hands on Workshop Section 1 - Overview.

IBM Bluemix Ecosystem Development Hands on Workshop Section 1 - Overview.
Payment processing re-invented Mark Bradbury, CEO.

Payment processing re-invented Mark Bradbury, CEO.
Secure Mobile Development with NetIQ Access Manager

Secure Mobile Development with NetIQ Access Manager
© 2015 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. About this Presentation  How to use this deck:  This is the Global Channel.

© 2015 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential. About this Presentation  How to use this deck:  This is the Global Channel.

Similar presentations

Ads by Google