Home > Pre-Program
last update: July 28, 2015
This preliminary version will be enriched continuously in the coming weeks. Keep posted and follow us on LinkedIn and Twitter!
DAY 1 –Tuesday Sept. 15
10.00am – 1.00pm: Opening Session Part 1 | 1.00pm -2.00pm: Lunch | 2.00pm– 6.30pm:  Opening Session Part 2
| 4.15pm – 4.55pm: Coffee & Refreshment Break – Networking – Smart Innovation Show
This cross-disciplinary day will outline the next five years changes and challenges for the connected consumers, citizens, employees, cities and smart devices. The Grand Opening is common to Smart Contactless World, M2M Innovation World, World e-ID & Cybersecurity and Connect Security World.
The Digital Identity in 5 years

First keynotes announced
Donna Dodson, Chief Cybersecurity Advisor and Executive Director CCoE, US NIST
Samia Melhem, Lead Policy Officer, Global ICT Group, World Bank
Dr. Angelika Steinacker, IAM Competency Leader Europe / Global Security Practice, IBM

The Connected Objects and Systems in 5 Years

First keynotes announced
Richard van Hooijdonk, SoftLayer, an IBM Company
Dirk Slama, Director of Business Development, Bosch Software Innovations Germany
Prof. Janusz Filipiak, Founder & CEO, Comarch
Jim Morrish, Founder & Chief Research Officer, Machina Research
Dr. Mohan Reddy, Founder & Chairman, Cyient

1.00pm -2.00pm: Lunch – 2.00pm: Exhibition Opening

The Connected Consumer in 5 Years

First keynotes announced
François-Xavier Godron, Director Contactless Services, Orange
Michel Léger, Senior VP Innovation, Ingenico
Mung Ki Woo, Executive VP, Digital Platforms, MasterCard Worldwide
Koichi Tagawa, Chairman, NFC Forum

The m-Wallet War Relaunched: Apple Vs. Google Vs. Samsung
How will Apple, Google, Samsung and Traditional Payment Players Boost Contactless Payments?
Animated by François Lecomte-Vagniez, Associate Partner, Lobary; Conference Program Committee Chair
Panellists will include execs from Edgar, Dunn & Company • Ingenico • Mastercard • Total …
After several years of slow growth, contactless payment has finally found its path to (relative) success with Apple Pay More
Its US launch in September 2014 has marked an important step: Apple Pay accounts for more than two thirds of American contactless payments. And it now takes a new dimension with its expansion to the UK in July, and more European countries soon (including Slovakia, the Czech Republic). In addition to its attractive, secure NFC solution for the consumers, Apple Pay has been receiving a large support from major card providers, hundreds banks, retailers, brands, merchants in the US and UK. The other contactless payment big players aren’t outdone and have made important announcement: a new Wallet War is on the way, around a phone-based payment system rather than digital wallet apps. The new Samsung Pay solution is announced to launch in Korea and the US in September 2015, with an extra feature (LoopPay) not requiring contactless PoS, a selling point in the US. Android Pay, successor to Google Wallet will add tokenization and fingerprint verification for any Android device with NFC. This open platform is to be launched by the end of the year (September again?!). If these competitors bet on similar technologies – NFC, cloud-based HCE, tokenization… – their business models differ. For example, Android Pay will not charge any transaction fee from credit card issuers unlike Apple Pay. Models are not settled yet!

• Apple Pay one year after its launch: results and lessons
• Impact of Apple Pay in Europe for retailers and merchants? For the banks and payment networks?
• Is the Apple Pay business model compatible with every regional market?
• Do the Internet players’ wallets threaten the traditional payment players?
• What about the latest updates of the m-payment solutions of other big Internet names such as Paypal, Facebook, etc. ?

First keynote announced
Helmut Scherzer, Senior Technology  Manager CTO Office, Giesecke & Devrient

EKSISTENZ "Identity Theft Community" Launch
The EU project EKSISTENZ will deliver a set of innovativeand interoperable tools, procedures, methods and processes to tackle identity theft in the EU. More

The entire life-cycle of identity will be taken into account and the privacy of citizens will always be considered paramount.

In order to demonstrate the achievement of its mission, EKSISTENZ will develop a proof of concept relating to banking/finance that will be proven as scalable and deployable at the national level.

Its members and “sister” projects will launch an “Identity Theft Community” to collectively address issues and to shape the development of a “European Observatory on Identity Theft”.

ID Theft Threats by Raul Sanchez-Reillo, Universidad Carlos III de Madrid
- Damages and their consequences in both cyber and physical worlds More
- Setting the scene for our collaboration.
– How we expect the Community to progress and what the Observatory will be expected to do
The EKSISTENZ Project by Stephane Caillebotte, Morpho
- Strengthening the existing electronic-based primary identity document More
- Deriving from the primary identity document secondary identities
– Aid future verification of primary and secondary identities and the bearers of such identities
Identity Theft and the concept of an Identity Theft register by Charles de Couessin, IDPartners
- Creating a common set of definitions More
- What is the purpose of having an Identity Theft Register?
Social expectations and ID Fraud by Marek Tiits, Institute for Baltic Studies
- Interesting results from extensive study carried out. More
- Embracing results from around the world as well as Europe.
– Interesting international comparisons on attitudes to different authentication mechanisms

Conclusions: the Strategy for taking the initiative forward

DAY 2 – Wednesday Sept. 16

9.00am – 1.00pm: Conference | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Smart Innovation Show
Securing IoT Devices, Infrastructure and Ecosystems
The world of connected “everything” offers an exciting future, but it presents unprecedented challenges in the way we secure and manage devices, the data they produce, and entire systems themselves. This session reviews the different options to integrate security in the IoT context at device, infrastructure, standards and ecosystems levels. Multiple focuses on specific use cases will show also the evolving needs.
Threat Modelling for the Internet of Things
Eric Vetillard, Product Manager, Java Card and IoT Security, Oracle, France
• Identifying the specific threats to Internet of Things More
• Mitigation of threats around an IoT Cloud Service
• Countermeasures applied on an IoT Gateway
• Determining the appropriate level of security for a deployment
Creating a ‘Fabric of Trust’ for IoT
Phil Attfield, CEO, Sequitur Labs, USA
• Scalable management framework with highly flexible deployment options: data center/cloud, gateways, mobile devices, Internet of Things, or other embedded devices More
• Distributed, end-to-end device and service management of IoT and mobile devices via trusted-execution-environment (TEE) and/or secure element, backed by hardware root of trust
• Programmable policy enabling real time, event driven, context aware security & management
• Use-case scenarios that position the management & control framework in terms of enterprise, industrial & consumer applications.
Rethinking Security for the Internet of Things
Mikael Dubreucq, IoT Marketing Director, Inside Secure, France
• The IoT ecosystem will require flexible levels of protection: optimized and adapted for the object to object environment More
• Which IoT security solution (chip, HW platform, software & applications) is best depends on the use case
• The right security architecture for IoT will secure the root of trust in the value chain
Developing the Right Architecture for Secure IoT Devices
Kerry Maletsky, Senior Director, Cryptographic Products, ATMEL, USA
• IoT designers cannot ignore the accelerating rate of publicized security problems More
• IoT Systems can be re-architected to include cost effective hardware security
• Most current systems can be easily attacked in multiple ways
• Every IoT device, no matter how small, needs to include hardware security
Privacy Issues in 6LoWPAN Wireless Sensor Networks
Florian Pebay-Peyroula, Head of connected objects/systems security Laboratory, CEA, France
• Description of 6LoWPAN standard and protocols More
• Analysis of privacy information contained in the headers when no security is used
• Study of private information still disclosed when security is enabled
• Synthesis of information intercepted in a 6LoWPAN network with a proper use of the security
Connected Health and Cybersecurity
Edmond Cisse, IS Risk Manager, URAEUS Consult, France
• IoT and BYOD concepts growing implantation in healthcare industry More
• Focus on new intentional cyber-threats against healthcare organizations
• The cybersecurity threats mitigation tools (regulations, risk management, controls… )
HINT’s Technologies for IC Authenticity & Integrity Checking
Thomas Hübner, Security Projects Manager, Morpho, Germany

1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show  | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

Cloud Services Security
The sessions address the latest issues in security and privacy ofcloud services/data, mainly seen from a client-side security perspective. Besides virtualization risks and HSMs, “end -to-end encryption vs client-side encryption for cloud” debate is on the agenda.
Cloud Centric Data Security
Michael Osborne, Manager Cloud Solutions and Security, IBM Research Division, Zurich Research Laboratory
· Extracting business insights from big data using cloud technologies More
• The uniqueness of data
• The challenges with protecting data, approaches to desensitising data
• Insight into the future data protection technologies
How One to One Sharing Enforces Secure Collaboration
Laurent Henocque, Founder and CEO, Keeex, France
• Cloud and sharing solutions abound, but do not make our life easier More
• Collaborating over heterogeneous clouds or systems is impossible in confidentiality
• Secure One2one sharing over legacy cloud/technical solutions solves the problem
End-to-End Encryption Vs Client-Side Encryption for Cloud
Speaker TBC

Data Protection for the Perimeterless Enterprise
Speaker TBC

Strong Authentication on the move
DIY ID – Self-Service Models for Secure Mobile Credentials
Chris Edwards, Chief Technology Officer, Intercede, UK
• How can ‘bring your own ID’ work? More
• How can we derive verifiable credentials from a range of breeder documents?
• How can we protect and trust derived credentials?
• When should we use self-asserted identities?
Why we need an Offline Personal Authentication Device
Audun Josang, Professor, University of Oslo, Norway
• The OffPAD (offline personal authentication device) concept More
• Portable multilateral authentication
• Id model and device compatibility
• Immunity against malware
A Password Is Not Enough
Ing. Boudewijn Kiljan, CTO, Wave Systems EMEA, Netherlands
• Multifactor authentication is required as password does not provide sufficient security anymore More
• A couple a challenges exist
• Many of those authentication challenges are covered by using Virtual Smartcards

Authentication "Vs." Biometrics?
Advances in Biometrics for an ID Government program
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• The real experience of biometrics in government applications – Performance testing results for Face, Fingerprint, Iris, Voice and the studies of multibiometric fusion More
• Disregarding the limitations of biometrics when implemented on resource constrained and ergonomically limited mobile and IoT devices, there are still constraints fundamental to each biometry
BIOPRIV: A Systematic Approach to Privacy by Design for Biometric Access Control
Julien Bernet, Senior Security Consultant, Trusted Labs, France
• Definition of a systematic method for privacy by design More
• Integration of privacy requirements in the design of a biometric system
• Evaluation of a solution with respect to privacy requirements
• Make privacy by design achievable at reasonable costs
Identity Protection and Privacy: Is There Hope for Wearable Security?
Jerome Schang, Cyber Security & Wearable Global Business Development Manager, NXP Semiconductors, USA
• Secure payment and access for wearable More
• Biometric challenges for wearable
• Leading the way towards FDA/HIPAA/FTC Telehealth standards`

DAY 3 – Thursday Sept. 17
9.00am – 1.00pm: Conference | 10.30 – 11.15am: Coffee & Refreshments Break – Networking – Smart Innovation Show

Mobile ID Part I:
Mobile ID for e-Payment
Electronic identity is more and more the bond of trust between citizens and online public services, and in some countries banking services. As m-payment industry is looking for stronger customer authentication, Mobile ID solutions can provide a strong level of identity assurance while keeping it simple for end users. Review of the latest mobile ID projects round the world, their convergence with m-payment and the technology requirements.
Mobile Identity – The Fusion of Financial Services, Mobility and Identity in a Hyper-Connected World
Rocky Scopelliti, Global Industry Executive – Banking, Finance & Insurance, Telstra, Australia
• In a world where the smartphone has become the link between our human identity and our digital one, how do consumers now prefer to be identified? More
• How can mobile technologies shift the trust paradigm from one of having to prove who we are, to one of being recognised for whom we are?
Where e-Payments and Mobile ID Meet
David Ruana, Product Manager, Safelayer Secure Communications, Spain
• Using National eIDs, in general, and MobileID, in particular, as a form of identification for e-payments More
• eIDAS contribution to the e-payment industry
• Compliance with SecuRe Pay and Payment Service Directive (PSD2) in the EU
Orange & GSMA Mobile ID experience (TBA)
Speaker from GSMA TBC

From Mobile KYC (Know Your Customer) to Strong Authentication, Biometrics is Flooding the Market
Philippe Le Pape, VP Sales Biometrics Solutions, Morpho, France
• Banks and financial institutions’ challenge is to improve customer’s trust assessment to provide access to more valuable operations in an omni-channel environment. More
• KYC (Know Your Customers) process: How to ensure customer’s state-issued identity, uniqueness and eligibility?
• Usage of biometrics as strong authentication method.
• Identity derivation: a way to leverage upon trusted ID

Mobile ID Part II:
m-Government Services
National Mobile ID Schemes: Learning from Today’s Best Practices
Coralie Mesnard, Digital Identity Solutions Marketing Manager, Gemalto, France
• Unique study on Mobile ID in 14 countries/regions More
• Give some readability on Mobile ID projects : trends are shown
• Lessons learnt: Learning from past experience and today’s best practices
• Not about Gemalto but countries
Mobile ID – Strong Authentication Tool for e-Services
Jana Krimpe, Founder “B.est Solutions” LLC,  Head of the Mobile ID project consortium in the Republic of Azerbaijan
• How to establish Mobile ID infrastructure based on private-public-partnership (PPP) model? More
• Asan İmza (Mobile ID) – a technology needed for moving from e-government to m-government
• How Asan İmza functions – the complete description of the Mobile ID ecosystem in Azerbaijan
• Cases of use of Asan İmza – from e-services to cross-border digital signature platforms
Realizing Mobile Identity Solutions with GlobalPlatform Specifications
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• An overview of the mobile ID landscape, key use cases and enabling technologies More
• An insight into how GlobalPlatform Specifications can be leveraged to meet the mobile ID needs for a wide variety of markets such as government-to-government, government-to-citizen, enterprise, eHealth, financial and commercial
• An explanation of the key findings from GlobalPlatform’s mobile ID white paper
e-ID-services goes mobiles: lessons and perspectives

Mobile (smart) devices opened a new chapter for the security industry. This session will review the challenge posed to service providers and enterprises to ally security limitations within mobility with the users wish for usability.
Changing The Game with Hardware Based Security in Windows 10
Janne Uusilehto, Senior Manager, Product Security & Privacy,, Microsoft
• Hardware or software only solutions are not enough More
• How Windows 10 takes advantage of hardware rooted trust to provide security from the inside out
• How developers can benefit from Windows hardware security services
• Focus on the hardware features (UEFI, TPM, processor-based visualization and memory protection)
Mobile Security Technologies Revolutionize Consumer and Enterprise Applications
Thierry Spanjaard, CEO & Principal, Smart Insights, France
• Mobile security: an issue More
• TEE: software vs. hardware, functionalities, threats, standardization, etc.
• TEE security applications: corporate security, content management,mobile payment, etc.
• Mobile forecast and market trends
Hookdroid –Dynamic Analysis of Android Applications on Real-World Devices
Valerio Costamagna, PhD Student, University of Turin, Italy
• Android applications dynamic instrumentation on real-world devices More
• Supporting latest Android runtime (ART)
• Android application behaviour analysis and anomaly detection at runtime

Mobile Device Security
GlobalPlatform’s Secure Component and the Root of Trust
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• Insight into the need for a root of trust in delivering secure mobile services. More
• Overview of the two secure components as defined by GlobalPlatform.
• Details of why a trusted certification and compliance program are needed to support the development of a scalable and interoperable ecosystem.
Trusted Execution Environment in a Virtual Machine
Mike Borza, Member of Technical Staff, Synopsys, Canada
• Virtualizing the SoC architecture extends the usual notion of virtualization beyond the CPU More
• Virtualization at this level has implications at the lowest levels of the IC architecture
• Hardware virtualization allows enforcement of the separation between virtual machines
TAM for TEE – Trusted Application Delivery
Chris Edwards, Chief Technology Officer, Intercede, UK
• Trusted Execution Environments offer significant security benefits” More
• TEE adoption has been held back until recently by the cost and complexity of deployment
• The Trusted Application lifecycle
• Practical experiences of deploying Trusted Applications via a cloud service
1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

Security for m-Payment & Contactless Transactions
(jointly with Smart Contactless World)
Security is a crucial issue for the contactless services adoption especially with sensitive services such as m-payment. From standards and regulation to Secure Element integrations, this session covers the elements of the security chain required to ensure end users’ trust.
Comparative Analysis of Information Security in Contactless Transactions
Matti Penttila, Senior Researcher, VTT Technical Research Centre of Finland
• Different use cases for contactless transactions give different requirements for security More
• What are the common features of different use cases and what are the differences?
• Privacy-related risks in these transactions
Mobile Transaction Security: What do you need to protect?
Robert Fargier, Senior Consultant, ISTIUM, France – Jean-Luc Garnier, Senior Consultant, Knowbile Consulting, France
• Consumers love their smartphones but do not trust it, slowing down mobile services adoption More
• How can we build this trust and which techno do we have at hand to build it?
• Overview of the components that participate the global security fence into mobile devices.
• Value of the data we want to protect: do we need techno or education?
GlobalPlatform’s Value Proposition for mPOS
Kevin Gillick, Executive Director, GlobalPlatform, USA
• Overview of the trusted execution environment (TEE) and the value of the TEE for enabling smartphones as MPOS devices. More
• Insight into the role of the trusted user interface in securing payment transactions.
• Snapshot of GlobalPlatform’s work in this area and details of upcoming developments.

End-to-End Security with NFC
Implications of HCE, SE and TEE-Based Security For Mobile Services
Christian Damour, Security Business Line Manager, FIME, France
• NFC mobile ecosystem main security risks More
• Security implications for HCE, SE and TEE-based mobile services and market status
• A view to the future in mobile payment regarding security aspects
Providing Chip to Cloud Security to Fight Against Cloning and Gray Market
Florent Renahy, Embedded Security Architect IoT, Inside Secure, France
• Provide an innovative and highly secure solution to the counterfeiting problems More
• This solution relies on cutting-edge technologies in the fields of both hardware and software
• The answer to such problems can be achieved by tight combination of relevant products
• The presentation will show different aspects of security, in chip and in mobile phone application
Using Secure Element in the Cloud From HCE-SE Open Platform
Prof. Pascal Urien, Telecom ParisTech, France
• Host Card emulation is a promising technology, does it need an open model? We believe yes. More
• An open technology based on secure elements in the cloud and secure elements hosted in the mobile.
• RACS (Remote APDU Call Secure) is a core building block for this technology
• Open mobile software platform based on these concepts

Overcoming Standards Challenges

Security Tokens are still largely dominated by proprietary or not interoperable solutions and new domains like Big Data, Cloud and IoT added to the growing attention to the Privacy aspects are challenging Security experts in the industry and government. This session explores possible convergences among standards across different area of interest but even across different standards organization.
GlobalPlatform: Supporting the Development of a Global TEE Certification Program
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• The current mobile threat landscape and how it is evolving. More
• The importance of developing a stable and scalable TEE ecosystem and the benefits this brings to the industry.
• GlobalPlatform Trusted Execution Environment Protection Profile and the steps that association has undertaken to gain support from national certification bodies globally
The Path to Inter-Industry Standards for Utilizing Smart Card in Web Applications
Olivier Potonniée, Senior Research Engineer, Gemalto, France
• Web applications using smart cards More
• Review of existing and ongoing standards
• Privacy aware security policies
Privacy and Mobile ID :  Standardisation and Certification
Dr. Matthias Schwan, Bundesdruckerei, Berlin, Bundesdruckerei, Germany; Dr. Gisela Meister, Head of Technology Consulting R&D, Standardisation Manager C-TO, Giesecke & Devrient, Germany (speaker)
ID Management and Security: Standards convergence
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• ISO: a national and international standardization collaboration More
• ISO standard and Global Platform Specifications
• Overview of the standardization effort in the ID Management and Privacy space effort
PANEL DEBATE: How Can End-to-End Security Benefit From (and Influence) Regional and International Standards?
Expected panellist include ETSI, ISO representatives

End of the Conference