The "bring your own device" trend in banks and other businesses is spawning a mini industry in mobile device security.
Developers from companies such as Good Technology, IdentityX, and Centrify are all targeting institutions with new tools for user authentication and corporate identity management for employees via mobile and other personal devices.
Good Technology, for example, has what the company calls Good Vault, which incorporates identity access management (IAM) and encryption to guard data accessed remotely by mobile and other devices while using programs such as email. Good Vault combines with Good Technology's broader security platform to extend IAM to mobile devices in an effort to customize mobile application experience based on user identity.
"There's a need to protect access to email, calendars and other information that people need to see to do their jobs. The data or programs belong to the company, but people wish to access that information from their mobile device," says Nicko van Someren, chief technology officer at Good Technology.
Good Vault leverages a hardware-based secure element on a microSD card or smart card for authentication. A sleeve slides onto the iPhone, which doesn't have smart card slot, and stores the smart card or microSD card. The Good Vault smart card reader is provided by Precise Biometrics, and adds about 16 mm in length. The microSD reader is supplied by HID global.
The company says use cases could also include governing access and protecting the subsequent flow of data among systems, such as a business intelligence platform and social networking sites, for example. "You can access these systems directly [from the mobile device], and each system knows who you are…and you can share data between systems," van Someren says.
Other players in this space include IdentityX, which uses a smartphone or tablet and different combinations of security options to vet users based on transaction risk, device identification, token possession and passcodes, GPS analysis and biometric tools such as face and voice matching.
Another option is Centrify, which has developed a suite of single-sign-on options for mobile access, smart cards and centralized enterprise access control. Centrify also enables companies to achieve single sign on with the Windows Azure Active Directory, which provides identity management and access control for cloud applications — one identity can be used to access Windows Azure, Microsoft Office, Dynamics CRM Online and other third party services.
In a roundup of new security trends in the upcoming January issue of Bank Technology News, Michael Versace, senior research director, IDC Financial Insights, said personal devices will increasingly be used to help companies identify their workers and customers — a trend called "bring your own ID."
To leverage BYO ID, a device such as a smartphone identifies the user, and also governs access to servers or facilities based on that person's profile or behavioral trends. It also allows risk-based identification, or a rules-based system in which the number of steps a user takes to identify him or herself is based on factors such as location, transaction size, or how far a requested action is for that user's routine. In some cases, such as a locally accessed function that happens regularly, very little if any identification may be needed, as long as the user is deploying his or her regular mobile device.
Location is already used for sales and marketing, by tying location to deliver special or targeted offers. Google's (GOOG) Wallet includes a marketing program called "Offer Nearby" and PayPal, a unit of eBay, has purchased a location-based media company called Where to aid in location-based marketing for its mobile wallet.