id-cloud message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [id-cloud] Mobile ID
- From: chris.kappler@pwc.be
- To: "Nguyen, Dominique V" <dominique.v.nguyen@bankofamerica.com>
- Date: Tue, 14 May 2013 13:28:09 +0200
Hi Dominique,
The device authentication is done by
using the hash combination which establishes the secure connection.
Once the connection is secured, user
authentication is done.
Regards,
Chris Kappler
PwC | Manager
Direct: +32 2 7104176 | Mobile: +32 477 520606 | Fax: +32 2 7104299
Email: chris.kappler@pwc.be
Ascure nv
Firm legal information, click here
From:
"Nguyen, Dominique
V" <dominique.v.nguyen@bankofamerica.com>
To:
"'chris.kappler@pwc.be'"
<chris.kappler@pwc.be>, "'id-cloud@lists.oasis-open.org'"
<id-cloud@lists.oasis-open.org>
Date:
14/05/2013 12:07
Subject:
Re: [id-cloud]
Mobile ID
Per your description if I
read it correctly, the sequence of authentication is as follows:
1. Device authentication occurs first
2. When device authentication validated, user authentication follows.
Is this correct?
Regards,
Dominique
From: chris.kappler@pwc.be [mailto:chris.kappler@pwc.be]
Sent: Monday, May 13, 2013 01:47 PM Central Standard Time
To: id-cloud@lists.oasis-open.org <id-cloud@lists.oasis-open.org>
Subject: [id-cloud] Mobile ID
All,
As requested a short description of the mobile authentication we use.
The goal is to identify a user using a secure channel.
The channel itself is set up by sending a hash consisting of the combination
of the phoneID and the simcard serial number.
The reason we picked those attributes is because they are common to all
manufacturers and all carriers. They can also be obtained in the same manner
independent to a manufacturer and carrier.
The hashing is done so none of the info is send into clear text over a
carrier.
There's 2 ways of provisioning:
* Either the device is company owned and then the hash result is directly
inserted in the system
* Either the device is not company owned and then the hash is sent out
at first installation by a secure channel.
Once a secure channel is established user authentication is done by means
of a certificate and pin.
Regards,
Chris Kappler
PwC | Manager
Direct: +32 2 7104176 | Mobile: +32 477 520606 | Fax: +32 2 7104299
Email: chris.kappler@pwc.be
Ascure nv
Firm legal information, click here
*Professional Mail*------------------------------------------------------------------------------------------
This e-mail is intended only for the person to whom it is addressed.
If an addressing or transmission error has misdirected this e-mail,
please notify the author by replying to this e-mail. If you are not
the intended recipient you must not use, disclose, copy, print or
rely on this e-mail.
PwC may monitor outgoing and incoming e-mails and
other telecommunications on its e-mail and telecommunications systems.
------------------------------------------------------------------------------------------
This message, and any attachments, is for the intended
recipient(s) only, may contain information that is privileged, confidential
and/or proprietary and subject to important terms and conditions available
at http://www.bankofamerica.com/emaildisclaimer.
If you are not the intended recipient, please delete this message.
*Professional Mail*
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]