Cyber security is often seen as the opposite of user experience. Good security means inferior user experience. In the digital world that we are part of, creating the best practical user experience is critical to businesses. According to a study “a well-designed user interface could...
When delivering online services to your customers, there are two terms that come up quite often that might require some explanation through comparison. Single Sign-On and Step-up authentication are technologies to help your customers navigate your applications. Visually, Single Sign-On vs Step-up authentication is lateral...
Clean sidewalks, safe roads, green parks, pure air. That is the dream of a city in which their inhabitants enjoy walking, jogging, commuting, sightseeing, meeting people at the boulevard. But, what happens when the cities grow at a such unstoppable speed that the dream turns...
As the name says, the European e-privacy regulation, replaces the 2002 (revised, 2009) e-privacy directive with a new instrument, turning a directive into a regulation. As a reminder, directive is a regulatory instrument that has to be implemented in each member state, whereas a regulation...
While browsing through LinkedIn, I came across this table in a post from Mark O’Neill, an analyst from Gartner. Looking at his very brief post promoting their $195 research note, I realised that at least one third of (their) view on required API security building blocks can...
Cryptography, and asymmetric aka public key cryptography in particular still radiates an aura of mystery and confusion. Public key cryptography is far from bleeding-edge though, as it was discovered in 1970 by James Ellis, a British cryptographer working for the GCHQ. In typical British fashion,...
We have quite a few articles that discuss different aspects of federation. We’ve provided you with the basic information, talked about the differences between an older protocol (SAML) and the new(er) kid on the block (OAuth), and introduced you to the world of Mobile Connect. The idea of federation,...
When it comes to IoT, it is paramount to distinguish between authentication and authorisation. Typically, there are long discussions centred around device identities – authentication – while managing their access rights waved by one sentence such as “the portal will take care of the access management”. In real...
James Bond, Ethan Hunt, Maxwell Smart, Johnny English have all been turned into relics. The Mission Impossible franchise is still up & running, but in the real world, the dark allies, wide brimmed hats and meetings on a park benches beside the Washington monument to...
The larger concept, digital transformation, that encompasses digital business, online services, mobile apps, multi- or omni-channel solutions, IoT, require strong customer authentication to succeed. If it is not already become obvious to you – you should avoid deploying weak identities, especially if you store confidential...