Let’s start with a statistic: nowadays 97% of all hacks involve exploiting people. From (spear)-phishing (email), baiting (infected USB), or impersonation (also known as Vishing, or Voice Solicitation). As we take more technical measures, fraudsters are moving towards social engineering. Please have a look at the following video:
Denis took the stage at Kuppingercole to explain why Onegini empowers digital insurers. How do you get customers online? How do you increase interactions? He explains business challenges like how to onboard your customers? How do you create a frictionless user experience? But at the same time there are some technical challenges insurers face like Single Sign-On, many silos and compliance and regulation like GDPR.
We'll be releasing Onegini Connect 3.1 Carrot on June 14th, 3:00 PM - 4:00 PM CEST, empowering the digital insurers. Onegini Connect 3.1 includes Onegini MSP 3.1 and Onegini CIM 3.1. We'll tell you all about the exciting new features of the release in detail on June 14th. The webinar will be interesting to both new and existing customers, so sign up now!
With MSP 3.1 (soon to be released), QR authentication has become part of the core product. This means that an end-user can login to your website by scanning a QR code with a mobile phone. It is easy, fast and secure. Anyone can do it. Take a look at the 4 second video below what that looks like...
Buy a pair of shoes. Get the extras on your car insurance. How many online transactions do you do in a week? Do you ever wonder what would happen if the other party would say: "You also bought this and this". Where is the proof you didn't? Companies have the same problem the other way around. How can they prove you did the transaction? What if you would just say: "it wasn't me"? It's a trust economy. Once the trust is broken, the transactions stop.
Start using your customer's mobile device for a signature. Fast, traceable and secure. Maybe you need a pincode on top. Or maybe a QR code scan or fingerprint? Enter transaction signing in the Onegini MSP 3.1. I'll explain the technical details, the options you can use to configure it, and how it works functionally. Tracable. No man in the middle. No hard thinking. At the heart of it all lies a user's private key and a lot of cryptography and legislation you don't have to worry about.
Your browser knows a trick to prevent hackers from accessing your api’s using your session: the same-origin policy. It makes sure your api's can't be accessed by malicious websites. Let's say you're logged in on facebook.com and open another tab in your browser and access myhackedsite.com. Your browser shares sessions between tabs, so without the same-origin policy, myhackedsite.com could access all the api's from your facebook account using your session. Thank you same-origin policy for not letting myhackedsite.com post all kinds of things on my facebook account.
The European Identity & Cloud Conference 2017, taking place May 9 – 12, 2017 at the Dolce Ballhaus Forum Unterschleissheim, Munich/Germany, is Europe’s leading event for Identity and Access Management (IAM), Governance, Risk Management and Compliance (GRC), as well as Cloud Security.