Combining SAP Single Sign On (SSO) and Touch ID for seamless mobile user experience

Septimius_02_610x436We are inundated with a myriad of mobile apps in our day to day life that are aimed to improve our overall quality of life and transform the way we can accomplish day to day activities with the click of a button. However, the paramount concern that most of us face today is the data security and protection and the challenge is how we can accomplish this in high end devices such on smartphones and tablets.

However, with latest technological innovations, even security and data protection has gone innovative with mobile device manufacturers resorting to unique methods to secure one’s device or data. One such feature that Innovapptive has incorporated into their entire mobile application portfolio is leveraging SAP single sign on (SSO) capabilities and Apple Touch ID technology, which is one step further in high end data security.

SSO authentication and why it is so important?

As applications and data migrate to the cloud, the average workforce is experiencing an increase of user accounts and their passwords. With this change, organizations are consistently challenged with the maintenance and security of users access. SSO technologies can come handy in such complex security scenarios, enabling users to authenticate at a single location and with a single account to access a wide range of services. SSO shares centralized authentication servers, which all other applications and systems access for authentication purposes and integrates this with techniques to ensure that users bypass the need to type their credentials more than once. The net result is a seamless user experience for the end-user with critical visibility and control for their organizations.

Some of the core benefits of SSO include:

  • Minimizes password chaos (remembering multiple passwords for accomplishing multiple tasks).
  • Minimizes time spent to retype the passwords for the same identity.
  • Reduces IT costs on account of minimized number of IT help desk calls pertaining to passwords.

A further enhancement to the traditional SSO authentication for mobile devices is setting up a passcode for the app that adds an extra layer of security. But why need a passcode in the first instance? There are ample chances of your password getting tampered and posing the vulnerability threat, since you need to retype the login credentials repeatedly, particularly when you are not using your app for a considerable amount of time (idle state). Also, there are chances that an unauthorized user could access your application if they were able to obtain physical access to the device (if were lost for example, but not password protected).

App Passcode picture

This concept of passcode has already been implemented for the entire Innovapptive's mobile app portfolio to protect from unauthorized access to the enterprise users’ data.

Touch ID experience

Recently Apple introduced the Touch ID feature on iPhone 5S, which is the most eye-catching and an evolving security feature. Touch ID is a new security feature, wherein it provides iPhone two-factor authentication that combines passcode (SSO authentication) with fingerprint security.

What is Touch ID?

Touch ID is the fingerprint sensing system to ensure that secure access to the device is swifter and simpler. This technology reads fingerprint data from any position/angle and comprehends more about a user’s fingerprint over a period of time. And at the same time, the sensor continues to expand the fingerprint map, since additional overlapping nodes are identified with each use. With Touch ID, more complex passcode becomes far more practical, as users need not worry typing the password frequently. Apart from that, Touch ID also mitigates the inconvenience of a passcode-based lock – it’s not replacement, but by offering secure access to the device within the defined boundaries and time constraints.

In order to use TouchID, the basic pre-requisite is that users must set up their device in order to ensure that a passcode is necessary to unlock it. When Touch ID scans and identifies an enrolled fingerprint, the device unlocks without requesting for the device passcode. This means user can bypass the passcode to make it more user-friendly and convenient. But, from a security perspective, is it right to bypass a passcode?

Experts believe that passcode still needs to be consistently used instead of Touch ID under the following circumstances:

  • When you had just switched on the device or restarted.
  • When you haven’t locked the device for more than 48 hours.
  • When the device has received a remote lock command.
  • When there were five unsuccessful attempts to match a fingerprint.

touchid

When the Touch ID is enabled, the device gets locked immediately when the Sleep/Wake button is pressed. When there is a passcode-only security, many users set an unlocking grace period to avoid having to re-type the passcode each time the device is used. With Touch ID, the device gets locked every time it goes to sleep.

However, TouchID though sounds good and innovative, it still lags behind and is at odds with single-sign-on (SSO) solutions, which still are the traditional favorities for the enterprises, leading to enhanced efficiency, based on the assumption that the device is already trusted by that enterprise.

So, that way it becomes imperative to combine TouchID with SSO authentication to have a seamless user experience.

The concept of TouchID in the enterprise is still new and is yet to take off among other major device and app developers – though app passcode has considerably gained ground and has become an undisputed leader in data security. Innovapptive now offers Apple TouchID technology as a standard feature  on all its SAP certified apps – a step that may redefine the way the app data is accessed and distributed.

If you would like a demo of Innovapptive's portfolio of Native or Web based mobile solutions, please click on the link. Alternatively, if you would like to discuss with an Innovapptive solution expert, you can reach out to us by emailing us at sales@innovapptive.com or you can reach a sales representative at (713) 275-1804.

5 Strategies That Help Manufacturers Eliminate Work Order Backlogs
Schedule slippage and downtime speak to the high-cost and high-risk nature of the asset intensive industries. These key operational challenges in the
Mobile Work Order Management
Read More
Does My Warehouse Really Need A Connected Workforce?
The answer to the question? It depends! How many employees do you have? If you only have a handful, then you may not get a large return on your...
mobile supply chain
Read More
Role of Route Optimization in your Maintenance Process Optimization
Asset management isn’t just knowing where your assets are, it’s about knowing how they are performing. For maintenance of assets, sending the right...
mWorkOrder
Read More
Adopting the Right Solution to Make your Cycle Counting More Effective
Inventory accuracy is the most important metric for the supply chain. Without the significant level of accuracy, organizations will not be able to...
cycle counts
Read More
Realizing the Benefits of Connected Workforce Platform
As the world is getting more collaborative, integrated and connected, organizations across the world feel a bit of overload, often driven by FOMO...
Connected Workforce Platform Solution
Read More
Release Announcement: mWorkOrder 7.2
The Q3-2019 release for mWorkOrder is now available. This latest release of mWorkOrder includes some exciting new features and capabilities.     ...
mWorkOrder
Read More
Connected Workers: How Utilities Can Drive Operational Efficiency with Industry 5.0
Industry 5.0: the fifth industrial revolution is key to the change in the way organizations work across all the industries. Industry 5.0 will bring...
Connected Workforce Platform
Read More
Is Your Year-End Financial Statement Accurate?
Without a doubt, your answer should be “Yes”. However, the reality may be different. Things are not always what they seem to be at first glance. The...
Connected Workforce Platform
Read More
Improve Offline Capability and Reduce Data Sync Time
Use of mobile devices for plant or warehouse management has helped organizations digitize their data and improve efficiency.  As we rolled out our...
Increase Operators’ Productivity
Read More