Mobile devices, like smart phones and PDAs, will play an increasingly important role in the digital environment. However, the pervasive use of mobile devices also brings new security and privacy risks. Persons who make extensive use of mobile devices continuously leave traces of their identities and transactions, sometimes even by just carrying the devices around in their pockets. Throughout this paper we will look at different use-cases for electronic authentication using mobile devices. We will identify the security risks which need to be overcome, give an opinion about their relevance, and present mechanisms that help mitigate these risks.
November 11, 2008
Ingo Naumann, ENISA, EU, Giles Hogben, ENISA, EU, Raúl Benito, Isdefe, Spain, Roger Dean, EEMA, Belgium, Lothar Fritsch, Norwegian Computing Center, Norway, Jonathon Gould, Asia-Pacific Connections Pte Ltd, Singapore, Jaap-Henk Hoepman, TNO and Radboud University Nijmegen, The Netherlands, Steve Lazar, Texas Instruments, USA, Herbert Leitold, Zentrum für sichere Informationstechnologie Austria (A-SIT), Austria, Greg Pote, Asia Pacific Smart Card Association (APSCA), China, Heiko Roßnagel, Fraunhofer Institute for Industrial Engineering (IAO), Germany, Arnim von Schwedler, Judge, 9 Senat Gericht, Berlin, Brandenburg, Germany, Daniele Vitali, Reply, Italy, Frank Zimmermann, Hewlett-Packard, Switzerland, André Årnes, Oracle Norway / NISlab, Gjøvik University College, Norway