mPower™ Blog Series

Combining SAP Single Sign On (SSO) and Touch ID for seamless mobile user experience

Septimius_02_610x436We are inundated with a myriad of mobile apps in our day to day life that are aimed to improve our overall quality of life and transform the way we can accomplish day to day activities with the click of a button. However, the paramount concern that most of us face today is the data security and protection and the challenge is how we can accomplish this in high end devices such on smartphones and tablets.

However, with latest technological innovations, even security and data protection has gone innovative with mobile device manufacturers resorting to unique methods to secure one’s device or data. One such feature that Innovapptive has incorporated into their entire mobile application portfolio is leveraging SAP single sign on (SSO) capabilities and Apple Touch ID technology, which is one step further in high end data security.

SSO authentication and why it is so important?

As applications and data migrate to the cloud, the average workforce is experiencing an increase of user accounts and their passwords. With this change, organizations are consistently challenged with the maintenance and security of users access. SSO technologies can come handy in such complex security scenarios, enabling users to authenticate at a single location and with a single account to access a wide range of services. SSO shares centralized authentication servers, which all other applications and systems access for authentication purposes and integrates this with techniques to ensure that users bypass the need to type their credentials more than once. The net result is a seamless user experience for the end-user with critical visibility and control for their organizations.

Some of the core benefits of SSO include:

  • Minimizes password chaos (remembering multiple passwords for accomplishing multiple tasks).
  • Minimizes time spent to retype the passwords for the same identity.
  • Reduces IT costs on account of minimized number of IT help desk calls pertaining to passwords.

A further enhancement to the traditional SSO authentication for mobile devices is setting up a passcode for the app that adds an extra layer of security. But why need a passcode in the first instance? There are ample chances of your password getting tampered and posing the vulnerability threat, since you need to retype the login credentials repeatedly, particularly when you are not using your app for a considerable amount of time (idle state). Also, there are chances that an unauthorized user could access your application if they were able to obtain physical access to the device (if were lost for example, but not password protected).

App Passcode picture

This concept of passcode has already been implemented for the entire Innovapptive’s mobile app portfolio to protect from unauthorized access to the enterprise users’ data.

Touch ID experience

Recently Apple introduced the Touch ID feature on iPhone 5S, which is the most eye-catching and an evolving security feature. Touch ID is a new security feature, wherein it provides iPhone two-factor authentication that combines passcode (SSO authentication) with fingerprint security.

What is Touch ID?

Touch ID is the fingerprint sensing system to ensure that secure access to the device is swifter and simpler. This technology reads fingerprint data from any position/angle and comprehends more about a user’s fingerprint over a period of time. And at the same time, the sensor continues to expand the fingerprint map, since additional overlapping nodes are identified with each use. With Touch ID, more complex passcode becomes far more practical, as users need not worry typing the password frequently. Apart from that, Touch ID also mitigates the inconvenience of a passcode-based lock – it’s not replacement, but by offering secure access to the device within the defined boundaries and time constraints.

In order to use TouchID, the basic pre-requisite is that users must set up their device in order to ensure that a passcode is necessary to unlock it. When Touch ID scans and identifies an enrolled fingerprint, the device unlocks without requesting for the device passcode. This means user can bypass the passcode to make it more user-friendly and convenient. But, from a security perspective, is it right to bypass a passcode?

Experts believe that passcode still needs to be consistently used instead of Touch ID under the following circumstances:

  • When you had just switched on the device or restarted.
  • When you haven’t locked the device for more than 48 hours.
  • When the device has received a remote lock command.
  • When there were five unsuccessful attempts to match a fingerprint.

touchid

When the Touch ID is enabled, the device gets locked immediately when the Sleep/Wake button is pressed. When there is a passcode-only security, many users set an unlocking grace period to avoid having to re-type the passcode each time the device is used. With Touch ID, the device gets locked every time it goes to sleep.

However, TouchID though sounds good and innovative, it still lags behind and is at odds with single-sign-on (SSO) solutions, which still are the traditional favorities for the enterprises, leading to enhanced efficiency, based on the assumption that the device is already trusted by that enterprise.

So, that way it becomes imperative to combine TouchID with SSO authentication to have a seamless user experience.

The concept of TouchID in the enterprise is still new and is yet to take off among other major device and app developers – though app passcode has considerably gained ground and has become an undisputed leader in data security. Innovapptive now offers Apple TouchID technology as a standard feature  on all its SAP certified apps – a step that may redefine the way the app data is accessed and distributed.

If you would like a demo of Innovapptive’s portfolio of Native or Web based mobile solutions, please click on the link. Alternatively, if you would like to discuss with an Innovapptive solution expert, you can reach out to us by emailing us at sales@innovapptive.com or you can reach a sales representative at (713) 275-1804.

Share this post

Leave a comment

Your email address will not be published.