Sagem OrgaStrong, Global, Innovative.

2

Sagem Orga – CTST – New Orleans, May 2009

CTST

François BlanchardGlobal Account Marketing Manager

3

Sagem Orga – CTST – New Orleans, May 2009

Market drivers

The game has changed

New risks and new opportunities

Mobile Network Operators are now WEB service providersConvergence of technology and servicesMultiple devices to access services requiring a SIM card

The SIM card

The secure token of mobile networks (3GPP)The secure element for mobile NFC servicesAccess control element for mobile TV

Security of Internet is weak (Hacking, phishing)Forecast for IT security market $ 12B in 2010More than 35 000 WEB sites Open ID compatibleTons of web services means tons of passwords

4

Sagem Orga – CTST – New Orleans, May 2009

PostulatesMake the SIM card a secure token for the WEBSingle Sign On solution re-enforced by the mean of a SIM card and add convenienceCompatible with standards and usual WEB technical environment (Open ID and HTTPS)Propose a solution to make the MNO a key player for the security of WEB services

PartnerEthertrust market software for smart cards and design innovative solutions that

strengthen the security of WEB applications while dramatically simplifying their use.

TLS Tandem: a way to secure Internet

5

Sagem Orga – CTST – New Orleans, May 2009

Driving use cases, secure Internet authentications

E-CommerceE-Commerce

E-paymentE-BankingE-paymentE-Banking

Single Sign OnSingle Sign On

MNO WEB portalBank internet siteAny OpenID internet site

MNO WEB portalBank internet siteAny OpenID internet site

E-GamingE-Gaming

PokerGambling games

Corporate servicesCorporate servicesIntranetE-mailCorporate phonebook

6

Sagem Orga – CTST – New Orleans, May 2009

USB companion, the device for convergence

SIM

MNO secure token

Internet Everywhere

MNO WEB portal

Open ID

Protected user data

7

Sagem Orga – CTST – New Orleans, May 2009

How does it works

Macarte d'identitéINTERNET

Plug the dongle to laptop

Plug the dongle to laptop

Insert SIM in USB dongleInsert SIM in USB dongle

Connect to internet.

Connect to internet.

1- Automatic authentication1- Automatic authentication

2- Secure connection set up2- Secure connection set up

3- Get access to WEB services3- Get access to WEB services

4- Use services4- Use services

Java OSJava OS

TLS Tandem javacard applet

TLS Tandem javacard applet

Windows / Mac / Linux OSWindows / Mac / Linux OS

TLS Tandem ProxyTLS Tandem Proxy

USB dongle with SIM card reader (PCSC) and HSDPA

modem

USB dongle with SIM card reader (PCSC) and HSDPA

modem

Memory for Internet Everywhere software Memory for Internet

Everywhere software

8

Sagem Orga – CTST – New Orleans, May 2009

Role of the SIM in our solution

Store certificates

- At registration step the SIM applet will receive and store the WEB service certificate

Authentication

-Exchange user credential With scurity provider to Operate the mutual authentication

Set up secure session

-An HTTPS or SSL sessionIs set up by the SIM card

Transfer session keys

-The session key and encryption keys are Transmitted to proxy

Service

-The SIM contains a payment application used for the e-transaction

9

Sagem Orga – CTST – New Orleans, May 2009

Solution architecture: case 1, TLS Tandem

Mobile Operator Internet

WEB Service4 – Set up secured connection

2 – Access request to WEB service

1 – Create a TLS Tandem account

3 – Check service access rights

10

Sagem Orga – CTST – New Orleans, May 2009

Solution architecture: case 2, Open ID

Mobile Operator

Security Provider

Internet

WEB Service

3 – Check service access rights

2 – Re-routing to security provider

Certificate check

4 – Set up secured connection

1 – Access request to WEB service

1 – Create Open ID account

11

Sagem Orga – CTST – New Orleans, May 2009

User experience

Secure SSL session

12

Sagem Orga – CTST – New Orleans, May 2009

2 Access to a partner web store

PartnerWEB

service

3 « One click »payment

Cash back

4

1Connect token and log to my MNO portal

Business model

13

Sagem Orga – CTST – New Orleans, May 2009

Benefits

The end user

The MNO

Simplify and protect its life on InternetNo more need for login & password Phishing killer solution

Technical

A unique and secure place to deploy the solution to ensure more security: every single byte flowing out of the SIM card is encryptedSpyware are blind, the computer is just a « plug » Authentication & Encryption algorythms are entirely computed in the SIM CardCompatible with existing infrastructure and standards

Become an Internet security provider – Open ID providerSecure usage of it WEB servicesTrace usage of WEB services for better billingIncrease usage of WEB services

14

Sagem Orga – CTST – New Orleans, May 2009

Our messageLet’s make the SIM card a secure token to provide more security to WEB

services

Our solution

TLS Tandem enables the SIM to play the role of secure token for WEB services.

2 main use cases for the mobile operator:1- Tls tandem: to secure access to its own set of WEB services reserved to MNO

subscribers

2- Open ID: to become an Open ID security provider for all the Internet re-inforcing security thanks to the SIM card

Conclusion

Sagem OrgaStrong, Global, Innovative.