Combining SAP Single Sign On (SSO) and Touch ID for seamless mobile user experience

Septimius_02_610x436We are inundated with a myriad of mobile apps in our day to day life that are aimed to improve our overall quality of life and transform the way we can accomplish day to day activities with the click of a button. However, the paramount concern that most of us face today is the data security and protection and the challenge is how we can accomplish this in high end devices such on smartphones and tablets.

However, with latest technological innovations, even security and data protection has gone innovative with mobile device manufacturers resorting to unique methods to secure one’s device or data. One such feature that Innovapptive has incorporated into their entire mobile application portfolio is leveraging SAP single sign on (SSO) capabilities and Apple Touch ID technology, which is one step further in high end data security.

SSO authentication and why it is so important?

As applications and data migrate to the cloud, the average workforce is experiencing an increase of user accounts and their passwords. With this change, organizations are consistently challenged with the maintenance and security of users access. SSO technologies can come handy in such complex security scenarios, enabling users to authenticate at a single location and with a single account to access a wide range of services. SSO shares centralized authentication servers, which all other applications and systems access for authentication purposes and integrates this with techniques to ensure that users bypass the need to type their credentials more than once. The net result is a seamless user experience for the end-user with critical visibility and control for their organizations.

Some of the core benefits of SSO include:

  • Minimizes password chaos (remembering multiple passwords for accomplishing multiple tasks).
  • Minimizes time spent to retype the passwords for the same identity.
  • Reduces IT costs on account of minimized number of IT help desk calls pertaining to passwords.

A further enhancement to the traditional SSO authentication for mobile devices is setting up a passcode for the app that adds an extra layer of security. But why need a passcode in the first instance? There are ample chances of your password getting tampered and posing the vulnerability threat, since you need to retype the login credentials repeatedly, particularly when you are not using your app for a considerable amount of time (idle state). Also, there are chances that an unauthorized user could access your application if they were able to obtain physical access to the device (if were lost for example, but not password protected).

App Passcode picture

This concept of passcode has already been implemented for the entire Innovapptive's mobile app portfolio to protect from unauthorized access to the enterprise users’ data.

Touch ID experience

Recently Apple introduced the Touch ID feature on iPhone 5S, which is the most eye-catching and an evolving security feature. Touch ID is a new security feature, wherein it provides iPhone two-factor authentication that combines passcode (SSO authentication) with fingerprint security.

What is Touch ID?

Touch ID is the fingerprint sensing system to ensure that secure access to the device is swifter and simpler. This technology reads fingerprint data from any position/angle and comprehends more about a user’s fingerprint over a period of time. And at the same time, the sensor continues to expand the fingerprint map, since additional overlapping nodes are identified with each use. With Touch ID, more complex passcode becomes far more practical, as users need not worry typing the password frequently. Apart from that, Touch ID also mitigates the inconvenience of a passcode-based lock – it’s not replacement, but by offering secure access to the device within the defined boundaries and time constraints.

In order to use TouchID, the basic pre-requisite is that users must set up their device in order to ensure that a passcode is necessary to unlock it. When Touch ID scans and identifies an enrolled fingerprint, the device unlocks without requesting for the device passcode. This means user can bypass the passcode to make it more user-friendly and convenient. But, from a security perspective, is it right to bypass a passcode?

Experts believe that passcode still needs to be consistently used instead of Touch ID under the following circumstances:

  • When you had just switched on the device or restarted.
  • When you haven’t locked the device for more than 48 hours.
  • When the device has received a remote lock command.
  • When there were five unsuccessful attempts to match a fingerprint.

touchid

When the Touch ID is enabled, the device gets locked immediately when the Sleep/Wake button is pressed. When there is a passcode-only security, many users set an unlocking grace period to avoid having to re-type the passcode each time the device is used. With Touch ID, the device gets locked every time it goes to sleep.

However, TouchID though sounds good and innovative, it still lags behind and is at odds with single-sign-on (SSO) solutions, which still are the traditional favorities for the enterprises, leading to enhanced efficiency, based on the assumption that the device is already trusted by that enterprise.

So, that way it becomes imperative to combine TouchID with SSO authentication to have a seamless user experience.

The concept of TouchID in the enterprise is still new and is yet to take off among other major device and app developers – though app passcode has considerably gained ground and has become an undisputed leader in data security. Innovapptive now offers Apple TouchID technology as a standard feature  on all its SAP certified apps – a step that may redefine the way the app data is accessed and distributed.

If you would like a demo of Innovapptive's portfolio of Native or Web based mobile solutions, please click on the link. Alternatively, if you would like to discuss with an Innovapptive solution expert, you can reach out to us by emailing us at sales@innovapptive.com or you can reach a sales representative at (713) 275-1804.

COVID-19 Response Plan: A “Mobile-First” Digital Inventory & Warehouse Management Platform to Reduce Oil & Gas Inventory Risks
The global COVID-19 pandemic is having a huge impact on the world’s oil and gas industry. With entire cities and even nations being locked down to...
Read More
A Message from Our CEO & Co-Founder
As we enter another week of social distancing, isolation and virtual work, I wanted to take the time to write a note to share an update from...
Read More
4 Reasons for Ex-Syclo and SAP Work Manager and SAP Inventory Manager Clients to Switch to Innovapptive
SAP acquired Syclo in 2012 and continued their push into enterprise mobility. The Syclo platform was built on Agentry, which was proprietary to...
Read More
3 Major Causes of Unplanned Shutdowns and How to Solve Them
Plant managers have a tough job with a lot of responsibilities. But few things cause them bigger headaches than the dreaded alert a production unit...
Read More
10 Reasons Why Midstream Pipelines Need a Digital, Highly Dynamic and Code-Free Regulatory Inspections Platform
Pipelines are a dangerous business. There are more than 2.5 million miles of product pipelines crisscrossing the United States, enough to circle the...
Read More
New Webinar Shows How to Overcome the Need for Barcodes From Vendors with “Mobile-First” OCR Technology
Barcodes and barcode scanning have been at the forefront of warehouse and inventory automation. Thanks to barcodes, goods move much faster through...
Read More
6 Ways a Mobile-First Warehouse Solution Can Cut Costs and Generate Revenue
An inventory and warehouse management system isn’t confined to storing vital data about raw materials, products, and shipments. It also needs to...
Read More
Four SAP Extended Warehouse Management (EWM) Myths Explored
Extended Warehouse Management (EWM) is SAP’s “newest” warehouse solution, although it has been on the market for 15 years. However, many companies...
Read More
Improve Technician Wrench Time, Reduce Maintenance Backlogs and Reduce Unplanned Downtime
Over the last four decades, enterprises have invested millions of dollars into enterprise resource planning programs (ERP) such as SAP in an effort...
Read More