Gabriele Lieser

CUSTOMER SUCCESS MANAGER

Summary

Since the beginning, RoamsysNext Insights offers new and exciting wisdom on extensive industry topics and current issues such as fraud prevention and detection in roaming. We have been elaborating on fraud incidents and have given advice on how to get a grip on the different cases. Our main interest is to help MNOs maintain a high level of security by validating and updating roaming configurations that change over time.
But apart from that, what contribution do we actually make to ensure that users have secure access to our tools? Well, since our last release we have made two-factor authentication (2FA) available to all customers. When enabled users will have to use an authenticator app in addition to their username and password. Our Head of Software Development, Norbert Becker, has his say and provides interesting insights into his area of responsibility.

Let’s start with some basics. Two-factor authentication (2FA) is sometimes also called two-step verification or dual-factor authentication. In this security process, users are asked to specify two different factors to verify themselves, which is a better way to protect their credentials and the resources they access.

RoamsysNext Insights

In RoamsysNext Insights our experts share their views on extensive industry topics and possible solutions we can offer.

As opposed to single-factor-authentication (SFA), where the user specifies only one factor – typically a password or passcode (= knowledge factor), 2FA methods require a password and a second factor, usually either a security token or a biometric factor, such as a fingerprint or a facial scan. This makes it much more difficult for attackers to gain access to accounts via a database of stolen passwords or phishing campaigns.

Independent credentials turn the tide

The second of two authentication factors include either a possession factor or an inherence factor. The possession factor is something owned by the user, such as a security token, a mobile phone or a smartphone app that is taken to approve authentication requests. The inherence factor is also known as biometric factor, which is something inherent in the user’s physical appearance, fingerprints, facial or voice recognition, keystroke dynamics, gait or speech patterns. Sometimes, systems need greater security by multifactor authentication (MFA) that rely on two or more independent credentials such as location factor (tracking the geographic location of an authentication attempt via IP address or GPS data) and/or time factor (restricted access via authentication during a specific time frame).

Norbert Becker, Head of Software Development

What is the security situation right now?

It is a great relief that two-factor authentication improves security because access is no longer limited to the strength of any kind of password. For the RoamsysNext solutions this means that once enabled, users keep their usual password, but they need to install a dedicated authentication app. Norbert Becker, Head of Development at RoamsysNext, explains how this works: “2FA has been requested by many customers for some time now, and as always we are happy to incorporate needs and wishes into our tools. Just a few steps are necessary to activate 2FA in our tools. The user only needs to install an authenticator app on a mobile device. Common authenticator apps are Google Authenticator or LastPass Authenticator. Then the settings of the Launchpad need to be opened, click “Settings > Account Security”, enable “App authentication” and enter the given code in the app. With the next login the user is asked to insert a code from the authenticator app, and that’s it.”

We incorporate customers’ needs and wishes into our tools

This is a big step towards a safe working environment. Even sophisticated single-factor authentication mechanisms can be cracked, and with the appropriate motivation, attackers can also break authentication factors in the physical world. For example, an illegal search of office premises could let to the combination of an employee’s ID and a password in the trash, or recklessly thrown out storage devices with password databases could be found. Additional authentication factors make life really difficult for attackers.

Future of authentication

“The essential part of security technologies is always to find a good balance between safety and usability”, explains Norbert Becker. “The user should not be bothered with complicated additional login efforts that could lead him to circumvent the extra layer of security. There are many other options that could be considered in the future, but today we are happy to offer our customers a trusted and easy-to-use option.”

If one imagines an ideal world of authentication mechanisms, the first step would be to remove the human factor such as memory, motivation or creativity when using passwords. Consequently, passwordless authentication technologies will be the next leap into the future. As the name suggests, passwordless authentication allows users to securely authenticate themselves in their applications without having to enter passwords. Thus, employees can access their work without entering passwords – and IT still retains complete control over every login. Biometrics and secure protocols are the keywords for passwordless authentication technologies. By using biometrics at the user, application and device levels, organizations can be confident that the people who log in to systems are the ones who they say they are. Protocols are standards that facilitate communication between an identity provider and a service provider. An employee who is authenticated with the identity provider is also authenticated with the assigned service providers without having to enter a password. The elimination of passwords ensures a better user experience and also offers benefits to companies. Valuable IT resources can be allocated to more important tasks than having to deal with account recovery, password reset requests and manual password rotation.

Let’s keep improving!

Good and solid network quality leads to better work results, less issues and more security for subscribers which again results in satisfied and loyal business relations. RoamsysNext tools already help more than 700 MNOs across the globe; our strength is the creation of effective data management tools which include correct information and a secure, well-designed system that simplifies the user’s working life significantly. We offer easy-to-use and yet customizable applications that increase efficiency, transparency, and enhance resource management, and we continuously optimize our applications to better serve our customers. Likewise, we are increasingly keeping an eye on upgrading security aspects, not stopping at 2FA. Stay tuned for more advanced developments from the house of RoamsysNext.

Gabriele Lieser joined RoamsysNext in 2020 as Customer Success Manager to strengthen the bonds with our increasing number of customers and to support the marketing team. Gabriele has a strong background in corporate sales. She studied at the Universities of Trier (Germany) and Manitoba (Canada) and is incorporated in the RoamsysNext Client Service team.

Two-Factor Authentication rules!

For some time now, we have introduced 2FA and have contributed our share to provide more secure access to our tools. Nobert Becker, Head of Software Development, picks up the thread and provides engaging insights into his area of responsibility.

  • RoamsysNext Insights - Wholesale Roaming Manager

Introducing: The RoamsysNext Wholesale Roaming Manager

The RoamsysNext Wholesale Roaming Manager provides powerful collaboration and reporting tools for all roaming partner relationships by converging everything from service openings to the user’s roaming footprint, test SIM cards and tariffs, document and contact management.

We’re in this together

In the second part of our interview with Alexandre De Oliveira, POST Luxembourg Cyberforce, he highlights major pain points in fraud detection and stresses the importance of global information sharing via the GSMA T-ISAC initiative.

Mastering today’s Fraud Landscape

Learn how Alexandre De Oliveira’s team at POST Luxembourg Cyberforce is mastering today’s fraud landscape with penetration tests, security assessments, the Telecom Intrusion Detection System (TIDS) and the Telecom Security Scanner (TSS).

How to avoid configuration errors

Hardening the network is a good way to get configuration errors under control. Introducing smart firewall rules and consistently updating these rules can be very time-consuming, but it’s a crucial measure to be taken.

  • RoamsysNext Insights 9: Interview with Hendrik Hoehndorf

Making a Stand against Fraud

In an insightful interview, our CTO, Hendrik Hoehndorf, speaks about further GSMA initiatives on fraud detection and prevention such as the MISP (Malware Information Sharing Platform) and T-ISAC (Telecommunication Information Sharing and Analysis Centre).

  • RoamsysNext Insights

Let’s talk about data quality

Most fraud and security issues are caused by misconfigured network nodes. This article shows, how RoamsysNext treats this problem on their quest for data quality.