SlideShare une entreprise Scribd logo
1  sur  21
Télécharger pour lire hors ligne
Mobile Payment Security With
CA Rapid App Security
Rob Wilson
DO1T37T
DEVOPS: APIS & MICROSERVICES
Advisor, Presales
CA Technologies
Services Architect
CA Technologies
Faiz Usmani
2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
© 2017 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
The content provided in this CA World 2017 presentation is intended for informational purposes only and does not form any type
of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.
For Informational Purposes Only
Terms of this Presentation
4 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
The Challenges to Software Development in the
Application Economy
How do I create:
 A native security experience that
is convenient, frictionless, and
makes it fast to add to new
security modalities to apps
 Secure enough to meet audits &
compliance requirements
 Provides “developer velocity”:
maximum value without high costs
to develop, operate, or support?
Velocity
Convenience
Security
5 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
What if You Could…
Initiate Step-up
Authentication
when Risk is
High
Transparently
Analyze Risk
based on
Contextual Data
From a Single Solution?
Securing the
Device to Server
Communications
Authenticate
Users via Wide
Array of
Credentials
Connecting from
Mobile Devices
& Mobile Apps
6 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Introducing CA Rapid App Security
A comprehensive authentication platform for the application
economy - mobile, web, IoT
 Fraud prevention in real-time
 Robust authentication methods inclusive of contextual authentication
 Faster & convenient means to secure Apps
 Strengthen consumer confidence and enhance brand value by creating a
simplified native security experience
Built on CA Mobile API Gateway and CA Advanced Authentication
7 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
CA Rapid App Security Component Capabilities
 CA Mobile API Gateway
– Provides support for OAuth, OpenID Connect, Mutual SSL, Touch ID,
Cross-device sign-on
 Strong Auth & Risk Auth Server (CA Advanced Authentication)
– Provides management and validation of CA AuthID credential, and conducts risk
analysis with step-up authentication initiation when needed
 Universal SDK
– Provides streamlined developer experience across MAG and Advance
Authentication solution; single, unified SDK to simplify app security
for the developer
8 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
User Store
Devices
Applications
Identity
Processes
Data
Store
CA Rapid App Security Solution
DNA
OTP
PKI
Install Device
Certificate
Risk
Analysis
Social
Login
Mobile SSO &
Proximity Login
Auth & Risk
Server
 Risk Engine
 Rules & Policies
 Strong Authentication
Universal Mobile SDK
Authentication
Gateway
Application
Services
9 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
User Store
Devices
Applications
Identity
Processes
Data
Store
Additionally… Authentication and API Security
Auth & Risk
Server
Universal Mobile
SDK
Authentication
& API Gateway
Application
Services
10 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Devices
Applications
Data
Store
Rapid App Security With CA Security Solutions
Auth & Risk
Server
Universal Mobile
SDK
Authentication
Gateway
Application
Services
User Store
CA Directory
CA Identity ManagerPolicy ServerAccess Gateway
Secure Proxy
CA Single Sign-On
 Risk Engine
 Rules & Policies
 Strong Authentication
11 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
“Three-way Trust” Enables Greater Security
USER
APP DEVICE
Uses App
Runs on
Uses
device, has
session
CA Rapid App Security:
 Identifies user, app, and device
 Learns and tracks relationship
between the three entities
 Three-way trust relationship is
registered & authenticated to
enterprise gateway
 Elevates authentication or
prevents access when pattern
deviates from norm
12 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Universal SDK Simplifies the Developer Interaction
loginWithAuthID()
(User Id, AuthID Pin)
13 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Universal SDK Provides Flexibility!
Protected APISecurity
Policy
App
Credentials
Risk
Evaluation
Mutual
TLS
User
Authentication
Social
Login
Single Sign
On
One Time
Password
Multi
User
Biometric
Authentication
Certificate
Pinning
Proximity
Login
?
PKCE /
RFC 7636
Let use case determine
the security controls!
Device
Registration
Software Development Kit
Dynamic Device
Configuration
14 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
 Dynamic application client credentials
 Mutual SSL with unique device certificates – PKI x509
 Certificate pinning – PKV
 Cryptographic camouflage – AuthID
 Tokenized credentials and access tokens – OAuth 2.0
and OpenID Connect (certified)
 Delegated authentication – Social Media, OAuth/OIDC
OP, SAML, etc.
 Multi-factor Step-up Authentication –
Q&A, OTP/HOTP, OATH
 Identity Brokering – Bearer/JWT ->
SMSession/Kerberos, SMSession/Kerberos ->
Bearer/JWT, etc.
 Biometric Authentication – TouchID/Fingerprint and FIDO
 Proximity Authentication – BLE NFC QRC
 Risk based analysis and profiles
Universal SDK Features
15 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
 Mobile SSO – Native App to App, App to
browser, hybrid
 Geolocation and Carrier
 Push Notifications – APN, GCM
 User and Group Management (SCIM 2.0)
 Pub Sub messaging (MQTT 3.1)
 Secure Storage – local and private cloud
Universal SDK Features – Continued
16 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Security That Elevates the Experience
Customer/Employee
Better experience
Security based on the level
activity being performed
Improved trust without impact
to user experience
Developer
Security that is faster
to implement
Security that is cheaper
to implement
Security that is easier to
implement (especially for
non-security experts)
Organization
Reduced risk, with stronger
security and superior
authentication options
Improved and less costly
security enables higher value
services via mobile
Manage security with security
experts, rather than in each app
17 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Rapid App Security Use Case
Healthcare
Customer
experience
Security &
Privacy
Integration
Finance/
Insurance
Contextual
Authentication
Risk Mitigation
Open Banking
Retail
Customer
experience
Risk Mitigation
Payment
security
Manufacturing
Internet of
Things(IoT)
Geo Fencing
Customer
experience
Automotive
Customer
experience
Internet of
Things(IoT)
Payment
Security
Better End User Experience With Higher Security
18 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Questions?
19 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Recommended Sessions
SESSION # TITLE DATE/TIME
DO1T17S
M&T Bank: Solving Real-World Banking Challenges
with CA API Management
11/16/2017 at 1:45 pm
DO1T27S
Panel: Multi-faceted Security Options for a Mobile
World
11/16/2017 at 2:30 pm
DO1T56T
API Academy: Microservices - How to Safely Speed
Up Your Digital Innovation
11/16/2017 at 3:30 pm
20 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Must See Demos
Aggregate,
Secure &
Manage
Microservices
101
Create an
End-to-End
Modern App
Architecture
109
Eurosport: A
Showcase for
IoT & App
Experiences
101
Modernize
Architectures
With Low-code
Microservices
106
Protect Apps
& APIs with
Omnichannel
Security
104
21 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
Stay connected at communities.ca.com
Thank you.
22 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS
DevOps:
APIs and Microservices
For more information, please visit:
http://cainc.to/CAW17-APIM

Contenu connexe

Tendances

apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accenture
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accentureapidays LIVE New York 2021 - API Security & AI by Deb Roy, Accenture
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accentureapidays
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays
 
Cisco Connect 2018 Indonesia - Cisco HyperFlex
Cisco Connect 2018 Indonesia - Cisco HyperFlexCisco Connect 2018 Indonesia - Cisco HyperFlex
Cisco Connect 2018 Indonesia - Cisco HyperFlexNetworkCollaborators
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyDevOps Indonesia
 
Cisco Connect 2018 Indonesia - Cisco cmx
Cisco Connect 2018 Indonesia - Cisco cmx Cisco Connect 2018 Indonesia - Cisco cmx
Cisco Connect 2018 Indonesia - Cisco cmx NetworkCollaborators
 
API Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation ExperienceAPI Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation ExperienceCapgemini
 
2020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v032020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v03Diego Gabriel Cardoso
 
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...Codemotion
 
DevSecOps: Colocando segurança na esteira
DevSecOps: Colocando segurança na esteiraDevSecOps: Colocando segurança na esteira
DevSecOps: Colocando segurança na esteiraDiego Gabriel Cardoso
 
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...apidays
 
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...apidays
 
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Dana Gardner
 
Cisco Connect 2018 Singapore - delivering intent for data center networking
Cisco Connect 2018 Singapore -   delivering intent for data center networkingCisco Connect 2018 Singapore -   delivering intent for data center networking
Cisco Connect 2018 Singapore - delivering intent for data center networkingNetworkCollaborators
 
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...apidays
 
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.devopsdaysaustin
 
AWS Managed Services - For Regulated Companies
AWS Managed Services - For Regulated CompaniesAWS Managed Services - For Regulated Companies
AWS Managed Services - For Regulated CompaniesJohn Levonick
 

Tendances (20)

apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accenture
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accentureapidays LIVE New York 2021 - API Security & AI by Deb Roy, Accenture
apidays LIVE New York 2021 - API Security & AI by Deb Roy, Accenture
 
Latest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should knowLatest dev ops trends in 2021 you should know
Latest dev ops trends in 2021 you should know
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
 
Cisco Connect 2018 Indonesia - Cisco HyperFlex
Cisco Connect 2018 Indonesia - Cisco HyperFlexCisco Connect 2018 Indonesia - Cisco HyperFlex
Cisco Connect 2018 Indonesia - Cisco HyperFlex
 
Microevent
MicroeventMicroevent
Microevent
 
Modern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API FriendlyModern App Architecture - Microservices, API Friendly
Modern App Architecture - Microservices, API Friendly
 
Cisco Connect 2018 Indonesia - Cisco cmx
Cisco Connect 2018 Indonesia - Cisco cmx Cisco Connect 2018 Indonesia - Cisco cmx
Cisco Connect 2018 Indonesia - Cisco cmx
 
API Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation ExperienceAPI Management - Practical Enterprise Implementation Experience
API Management - Practical Enterprise Implementation Experience
 
2020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v032020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v03
 
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...
Roger Dickinson - Making Enterprise Virtual Reality a Practical Reality - Cod...
 
Role of dev ops in it consulting
Role of dev ops in it consultingRole of dev ops in it consulting
Role of dev ops in it consulting
 
DevSecOps: Colocando segurança na esteira
DevSecOps: Colocando segurança na esteiraDevSecOps: Colocando segurança na esteira
DevSecOps: Colocando segurança na esteira
 
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...
apidays LIVE New York 2021 - APIOps: automating API operations for speed and ...
 
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...
apidays LIVE Australia 2021 - Building an agile foundation for your Enterpris...
 
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
Making APIs Secure Demands Tracing and Machine Learning to Rapidly Limit Dama...
 
Extreme DevOps in Fintech
Extreme DevOps in FintechExtreme DevOps in Fintech
Extreme DevOps in Fintech
 
Cisco Connect 2018 Singapore - delivering intent for data center networking
Cisco Connect 2018 Singapore -   delivering intent for data center networkingCisco Connect 2018 Singapore -   delivering intent for data center networking
Cisco Connect 2018 Singapore - delivering intent for data center networking
 
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...
apidays LIVE Paris 2021 - Getting started with Event-Driven APis by Hugo Guer...
 
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.2016 - DevOps Meets APIs - Model once. Benefit everywhere.
2016 - DevOps Meets APIs - Model once. Benefit everywhere.
 
AWS Managed Services - For Regulated Companies
AWS Managed Services - For Regulated CompaniesAWS Managed Services - For Regulated Companies
AWS Managed Services - For Regulated Companies
 

Similaire à Mobile Payment Security with CA Rapid App Security

Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device UniverseCA API Management
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...CA API Management
 
CIS 2017 - So you want to use standards to secure your APIs?
CIS 2017 - So you want to use standards to secure your APIs?CIS 2017 - So you want to use standards to secure your APIs?
CIS 2017 - So you want to use standards to secure your APIs?Bertrand Carlier
 
Enable and Secure Business Growth in the New Application Economy
 Enable and Secure Business Growth in the New Application Economy Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application EconomyCA Technologies
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsCA API Management
 
SSO Agility Made Possible - November 2014
SSO Agility Made Possible  -  November 2014SSO Agility Made Possible  -  November 2014
SSO Agility Made Possible - November 2014Andrew Ames
 
Security in the App Economy: How to Ride the Wave Without Wiping Out!
Security in the App Economy: How to Ride the Wave Without Wiping Out!Security in the App Economy: How to Ride the Wave Without Wiping Out!
Security in the App Economy: How to Ride the Wave Without Wiping Out!CA Technologies
 
CA API Management: A DevOps Enabler
CA API Management: A DevOps EnablerCA API Management: A DevOps Enabler
CA API Management: A DevOps EnablerRajat Vijayvargiya
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...CA API Management
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...NowSecure
 
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...CA Technologies
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsForgeRock
 
Creating the Borderless Workplace
Creating the Borderless WorkplaceCreating the Borderless Workplace
Creating the Borderless WorkplaceCA Technologies
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application SecuritySecureAuth
 
Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCSA Argentina
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...CA Technologies
 
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...CA Technologies
 
Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinForgeRock
 

Similaire à Mobile Payment Security with CA Rapid App Security (20)

Enabling the Multi-Device Universe
Enabling the Multi-Device UniverseEnabling the Multi-Device Universe
Enabling the Multi-Device Universe
 
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
Balancing Security & Developer Enablement in Enterprise Mobility - Jaime Ryan...
 
CIS 2017 - So you want to use standards to secure your APIs?
CIS 2017 - So you want to use standards to secure your APIs?CIS 2017 - So you want to use standards to secure your APIs?
CIS 2017 - So you want to use standards to secure your APIs?
 
Enable and Secure Business Growth in the New Application Economy
 Enable and Secure Business Growth in the New Application Economy Enable and Secure Business Growth in the New Application Economy
Enable and Secure Business Growth in the New Application Economy
 
Mobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing PasswordsMobile SSO: Give App Users a Break from Typing Passwords
Mobile SSO: Give App Users a Break from Typing Passwords
 
SSO Agility Made Possible - November 2014
SSO Agility Made Possible  -  November 2014SSO Agility Made Possible  -  November 2014
SSO Agility Made Possible - November 2014
 
Security in the App Economy: How to Ride the Wave Without Wiping Out!
Security in the App Economy: How to Ride the Wave Without Wiping Out!Security in the App Economy: How to Ride the Wave Without Wiping Out!
Security in the App Economy: How to Ride the Wave Without Wiping Out!
 
CA API Management: A DevOps Enabler
CA API Management: A DevOps EnablerCA API Management: A DevOps Enabler
CA API Management: A DevOps Enabler
 
Financial services rely on APIs
Financial services rely on APIsFinancial services rely on APIs
Financial services rely on APIs
 
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguis...
 
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
Cutting out the middleman: Man-in-the-middle attacks and prevention for mobil...
 
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...
 
Identity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer RelationshipsIdentity Live Paris 2017 | Monetising Digital Customer Relationships
Identity Live Paris 2017 | Monetising Digital Customer Relationships
 
Creating the Borderless Workplace
Creating the Borderless WorkplaceCreating the Borderless Workplace
Creating the Borderless Workplace
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application Security
 
Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nube
 
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...
 
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
How CA Technologies Enables Its Own Employees and Secures Access to Applicati...
 
DIGIPASS for Apps
DIGIPASS for AppsDIGIPASS for Apps
DIGIPASS for Apps
 
Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
 

Plus de CA Technologies

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Technologies
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceCA Technologies
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...CA Technologies
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCA Technologies
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...CA Technologies
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCA Technologies
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramCA Technologies
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageCA Technologies
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementCA Technologies
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...CA Technologies
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...CA Technologies
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...CA Technologies
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseCA Technologies
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and RiskCA Technologies
 
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...CA Technologies
 

Plus de CA Technologies (20)

CA Mainframe Resource Intelligence
CA Mainframe Resource IntelligenceCA Mainframe Resource Intelligence
CA Mainframe Resource Intelligence
 
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceMainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform Excellence
 
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...
 
Case Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software DevelopmentCase Study: How The Home Depot Built Quality Into Software Development
Case Study: How The Home Depot Built Quality Into Software Development
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
 
Case Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on TimeCase Study: Privileged Access in a World on Time
Case Study: Privileged Access in a World on Time
 
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...
 
Case Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital GovernmentCase Study: Putting Citizens at The Center of Digital Government
Case Study: Putting Citizens at The Center of Digital Government
 
Making Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security ProgramMaking Security Work—Implementing a Transformational Security Program
Making Security Work—Implementing a Transformational Security Program
 
Keynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive AdvantageKeynote: Making Security a Competitive Advantage
Keynote: Making Security a Competitive Advantage
 
Emerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access ManagementEmerging Managed Services Opportunities in Identity and Access Management
Emerging Managed Services Opportunities in Identity and Access Management
 
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...
 
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...Application Experience Analytics Services: The Strategic Digital Transformati...
Application Experience Analytics Services: The Strategic Digital Transformati...
 
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...
 
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...
 
Establish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital EnterpriseEstablish Digital Trust as the Currency of Digital Enterprise
Establish Digital Trust as the Currency of Digital Enterprise
 
How Components Increase Speed and Risk
How Components Increase Speed and RiskHow Components Increase Speed and Risk
How Components Increase Speed and Risk
 
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...
 

Dernier

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 

Dernier (20)

Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 

Mobile Payment Security with CA Rapid App Security

  • 1. Mobile Payment Security With CA Rapid App Security Rob Wilson DO1T37T DEVOPS: APIS & MICROSERVICES Advisor, Presales CA Technologies Services Architect CA Technologies Faiz Usmani
  • 2. 2 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS © 2017 CA. All rights reserved. All trademarks referenced herein belong to their respective companies. The content provided in this CA World 2017 presentation is intended for informational purposes only and does not form any type of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA. For Informational Purposes Only Terms of this Presentation
  • 3. 4 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS The Challenges to Software Development in the Application Economy How do I create:  A native security experience that is convenient, frictionless, and makes it fast to add to new security modalities to apps  Secure enough to meet audits & compliance requirements  Provides “developer velocity”: maximum value without high costs to develop, operate, or support? Velocity Convenience Security
  • 4. 5 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS What if You Could… Initiate Step-up Authentication when Risk is High Transparently Analyze Risk based on Contextual Data From a Single Solution? Securing the Device to Server Communications Authenticate Users via Wide Array of Credentials Connecting from Mobile Devices & Mobile Apps
  • 5. 6 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Introducing CA Rapid App Security A comprehensive authentication platform for the application economy - mobile, web, IoT  Fraud prevention in real-time  Robust authentication methods inclusive of contextual authentication  Faster & convenient means to secure Apps  Strengthen consumer confidence and enhance brand value by creating a simplified native security experience Built on CA Mobile API Gateway and CA Advanced Authentication
  • 6. 7 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS CA Rapid App Security Component Capabilities  CA Mobile API Gateway – Provides support for OAuth, OpenID Connect, Mutual SSL, Touch ID, Cross-device sign-on  Strong Auth & Risk Auth Server (CA Advanced Authentication) – Provides management and validation of CA AuthID credential, and conducts risk analysis with step-up authentication initiation when needed  Universal SDK – Provides streamlined developer experience across MAG and Advance Authentication solution; single, unified SDK to simplify app security for the developer
  • 7. 8 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS User Store Devices Applications Identity Processes Data Store CA Rapid App Security Solution DNA OTP PKI Install Device Certificate Risk Analysis Social Login Mobile SSO & Proximity Login Auth & Risk Server  Risk Engine  Rules & Policies  Strong Authentication Universal Mobile SDK Authentication Gateway Application Services
  • 8. 9 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS User Store Devices Applications Identity Processes Data Store Additionally… Authentication and API Security Auth & Risk Server Universal Mobile SDK Authentication & API Gateway Application Services
  • 9. 10 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Devices Applications Data Store Rapid App Security With CA Security Solutions Auth & Risk Server Universal Mobile SDK Authentication Gateway Application Services User Store CA Directory CA Identity ManagerPolicy ServerAccess Gateway Secure Proxy CA Single Sign-On  Risk Engine  Rules & Policies  Strong Authentication
  • 10. 11 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS “Three-way Trust” Enables Greater Security USER APP DEVICE Uses App Runs on Uses device, has session CA Rapid App Security:  Identifies user, app, and device  Learns and tracks relationship between the three entities  Three-way trust relationship is registered & authenticated to enterprise gateway  Elevates authentication or prevents access when pattern deviates from norm
  • 11. 12 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Universal SDK Simplifies the Developer Interaction loginWithAuthID() (User Id, AuthID Pin)
  • 12. 13 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Universal SDK Provides Flexibility! Protected APISecurity Policy App Credentials Risk Evaluation Mutual TLS User Authentication Social Login Single Sign On One Time Password Multi User Biometric Authentication Certificate Pinning Proximity Login ? PKCE / RFC 7636 Let use case determine the security controls! Device Registration Software Development Kit Dynamic Device Configuration
  • 13. 14 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS  Dynamic application client credentials  Mutual SSL with unique device certificates – PKI x509  Certificate pinning – PKV  Cryptographic camouflage – AuthID  Tokenized credentials and access tokens – OAuth 2.0 and OpenID Connect (certified)  Delegated authentication – Social Media, OAuth/OIDC OP, SAML, etc.  Multi-factor Step-up Authentication – Q&A, OTP/HOTP, OATH  Identity Brokering – Bearer/JWT -> SMSession/Kerberos, SMSession/Kerberos -> Bearer/JWT, etc.  Biometric Authentication – TouchID/Fingerprint and FIDO  Proximity Authentication – BLE NFC QRC  Risk based analysis and profiles Universal SDK Features
  • 14. 15 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS  Mobile SSO – Native App to App, App to browser, hybrid  Geolocation and Carrier  Push Notifications – APN, GCM  User and Group Management (SCIM 2.0)  Pub Sub messaging (MQTT 3.1)  Secure Storage – local and private cloud Universal SDK Features – Continued
  • 15. 16 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Security That Elevates the Experience Customer/Employee Better experience Security based on the level activity being performed Improved trust without impact to user experience Developer Security that is faster to implement Security that is cheaper to implement Security that is easier to implement (especially for non-security experts) Organization Reduced risk, with stronger security and superior authentication options Improved and less costly security enables higher value services via mobile Manage security with security experts, rather than in each app
  • 16. 17 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Rapid App Security Use Case Healthcare Customer experience Security & Privacy Integration Finance/ Insurance Contextual Authentication Risk Mitigation Open Banking Retail Customer experience Risk Mitigation Payment security Manufacturing Internet of Things(IoT) Geo Fencing Customer experience Automotive Customer experience Internet of Things(IoT) Payment Security Better End User Experience With Higher Security
  • 17. 18 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Questions?
  • 18. 19 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Recommended Sessions SESSION # TITLE DATE/TIME DO1T17S M&T Bank: Solving Real-World Banking Challenges with CA API Management 11/16/2017 at 1:45 pm DO1T27S Panel: Multi-faceted Security Options for a Mobile World 11/16/2017 at 2:30 pm DO1T56T API Academy: Microservices - How to Safely Speed Up Your Digital Innovation 11/16/2017 at 3:30 pm
  • 19. 20 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Must See Demos Aggregate, Secure & Manage Microservices 101 Create an End-to-End Modern App Architecture 109 Eurosport: A Showcase for IoT & App Experiences 101 Modernize Architectures With Low-code Microservices 106 Protect Apps & APIs with Omnichannel Security 104
  • 20. 21 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS Stay connected at communities.ca.com Thank you.
  • 21. 22 COPYRIGHT © 2017 CA. ALL RIGHTS RESERVED#CAWORLD #NOBARRIERS DevOps: APIs and Microservices For more information, please visit: http://cainc.to/CAW17-APIM