Home > Program
last update: September 11, 2015
This program will be enriched continuously in the coming weeks. Keep posted and follow us on LinkedIn and Twitter!
DAY 1 –Tuesday Sept. 15
10.00am – 1.00pm: Opening Session Part 1 | 1.00pm -2.00pm: Lunch | 2.00pm– 6.30pm:  Opening Session Part 2
| 4.15pm – 4.55pm: Coffee & Refreshment Break – Networking – Smart Innovation Show
This cross-disciplinary day will outline the next five years changes and challenges for the connected consumers, citizens, employees, cities and smart devices. The Grand Opening is common to Smart Contactless World, M2M Innovation World, World e-ID & Cybersecurity and Connect Security World.
The Digital Identity in 5 years
Moderated by Dr. Detlef Houdeau, Senior Director of Business Development, Identification Market, Infineon;
Member of Silicon Trust, Eurosmart and BITKOM
NIST’s work to support critical infrastructure
I2IAM – Intelligent Identity and Access Management
Donna Dodson, Chief Cybersecurity Advisor and Executive Director CCoE, US NIST

Dr. Angelika Steinacker, IAM Competency Leader Europe / Global Security Practice, IBM


Jon Shamah, European eID Subject Matter Expert

Co-presenting with:

Raghu K Dev, World Wide Identity and Access Management Lead, IBM

The Connected Objects and Systems in 5 Years
Moderated by Jim Morrish, Founder & Chief Research Officer, Machina Research

Richard van Hooijdonk,
SoftLayer, an IBM Company

IoT in Connected World
Dr. Mohan Reddy, Founder & Chairman, Cyient

From here to IoT
Jim Morrish, Founder & Chief Researcher Officer, Machina Research

Connected Objects and Digital Markets
Prof. Janusz Filipiak, Founder & CEO, Comarch

1.00pm -2.00pm: Lunch – 2.00pm: Exhibition Opening

The Connected Consumer in 5 Years
Moderated by François Lecomte-Vagniez, Associate Partner, Lobary; Conference Program Committee Chair

“NFC Services in France : Status & Challenges
François-Xavier Godron, Director Contactless Services, Orange

NFC and the Growth of Connected Consumer Devices
Alexander Rensink, Vice Chairman, NFC Forum

Connected Commerce
Michel Léger, Senior VP Innovation, Ingenico

What’s next with digital payments ?
Christophe Zehnacker, Emerging Payments Head Western Europe, Mastercard

The m-Wallet War Relaunched: Apple Vs. Google Vs. Samsung
How will Apple, Google, Samsung and Traditional Payment Players Boost Contactless Payments?
Animated by François Lecomte-Vagniez, Associate Partner, Lobary; Conference Program Committee Chair

Confirmed Panellists include:
Gilles Bourron, Head of Payments and Mobility, Total
Michel Léger, Senior VP Innovation, Ingenico
Samee Zafar, Director, Edgar, Dunn & Company
Christophe Zehnacker, Emerging Payments Head Western Europe, Mastercard

After several years of slow growth, contactless payment has finally found its path to (relative) success with Apple Pay More
Its US launch in September 2014 has marked an important step: Apple Pay accounts for more than two thirds of American contactless payments. And it now takes a new dimension with its expansion to the UK in July, and more European countries soon (including Slovakia, the Czech Republic). In addition to its attractive, secure NFC solution for the consumers, Apple Pay has been receiving a large support from major card providers, hundreds banks, retailers, brands, merchants in the US and UK. The other contactless payment big players aren’t outdone and have made important announcement: a new Wallet War is on the way, around a phone-based payment system rather than digital wallet apps. The new Samsung Pay solution is announced to launch in Korea and the US in September 2015, with an extra feature (LoopPay) not requiring contactless PoS, a selling point in the US. Android Pay, successor to Google Wallet will add tokenization and fingerprint verification for any Android device with NFC. This open platform is to be launched by the end of the year (September again?!). If these competitors bet on similar technologies – NFC, cloud-based HCE, tokenization… – their business models differ. For example, Android Pay will not charge any transaction fee from credit card issuers unlike Apple Pay. Models are not settled yet!

• Apple Pay one year after its launch: results and lessons
• Impact of Apple Pay in Europe for retailers and merchants? For the banks and payment networks?
• Is the Apple Pay business model compatible with every regional market?
• Do the Internet players’ wallets threaten the traditional payment players?
• What about the latest updates of the m-payment solutions of other big Internet names such as Paypal, Facebook, etc. ?

The Connected Security in 5 Years

Living Securely in the Connected World
Helmut Scherzer, Senior Technology  Manager CTO Office, Giesecke & Devrient

EKSISTENZ "Identity Theft Community" Launch
The EU project EKSISTENZ will deliver a set of innovativeand interoperable tools, procedures, methods and processes to tackle identity theft in the EU. More

The entire life-cycle of identity will be taken into account and the privacy of citizens will always be considered paramount.

In order to demonstrate the achievement of its mission, EKSISTENZ will develop a proof of concept relating to banking/finance that will be proven as scalable and deployable at the national level.

Its members and “sister” projects will launch an “Identity Theft Community” to collectively address issues and to shape the development of a “European Observatory on Identity Theft”.

ID Theft Threats by Raul Sanchez-Reillo, Universidad Carlos III de Madrid
- Damages and their consequences in both cyber and physical worlds More
- Setting the scene for our collaboration.
– How we expect the Community to progress and what the Observatory will be expected to do
The EKSISTENZ Project by Stephane Caillebotte, Morpho
- Strengthening the existing electronic-based primary identity document More
- Deriving from the primary identity document secondary identities
– Aid future verification of primary and secondary identities and the bearers of such identities
Identity Theft and the concept of an Identity Theft register by Charles de Couessin, IDPartners
- Creating a common set of definitions More
- What is the purpose of having an Identity Theft Register?
Social expectations and ID Fraud by Marek Tiits, Institute for Baltic Studies
- Interesting results from extensive study carried out. More
- Embracing results from around the world as well as Europe.
– Interesting international comparisons on attitudes to different authentication mechanisms

Conclusions: the Strategy for taking the initiative forward

DAY 2 – Wednesday Sept. 16

9.00am – 1.00pm: Conference | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Smart Innovation Show
IoT Security Part I: Securing IoT Devices, Infrastructure and Ecosystems
Session Chair: Jean-Paul Thomasson, Security Expert Strategies Telecoms & Multimedia, Program Committee Chair
The world of connected “everything” offers an exciting future, but it presents unprecedented challenges in the way we secure and manage devices, the data they produce, and entire systems themselves. This session reviews the different options to integrate security in the IoT context at device, infrastructure, standards and ecosystems levels. Multiple focuses on specific use cases will show also the evolving needs.
Threat Modelling for the Internet of Things
Eric Vetillard, Product Manager, Java Card and IoT Security, Oracle, France
• Identifying the specific threats to Internet of Things More
• Mitigation of threats around an IoT Cloud Service
• Countermeasures applied on an IoT Gateway
• Determining the appropriate level of security for a deployment
Creating a ‘Fabric of Trust’ for IoT
Phil Attfield, CEO, Sequitur Labs, USA
• Scalable management framework with highly flexible deployment options: data center/cloud, gateways, mobile devices, Internet of Things, or other embedded devices More
• Distributed, end-to-end device and service management of IoT and mobile devices via trusted-execution-environment (TEE) and/or secure element, backed by hardware root of trust
• Programmable policy enabling real time, event driven, context aware security & management
• Use-case scenarios that position the management & control framework in terms of enterprise, industrial & consumer applications.
Rethinking Security for the Internet of Things
Mikael Dubreucq, IoT Marketing Director, Inside Secure, France
• The IoT ecosystem will require flexible levels of protection: optimized and adapted for the object to object environment More
• Which IoT security solution (chip, HW platform, software & applications) is best depends on the use case
• The right security architecture for IoT will secure the root of trust in the value chain
Developing the Right Architecture for Secure IoT Devices
Kerry Maletsky, Senior Director, Cryptographic Products, ATMEL, USA
• IoT designers cannot ignore the accelerating rate of publicized security problems More
• IoT Systems can be re-architected to include cost effective hardware security
• Most current systems can be easily attacked in multiple ways
• Every IoT device, no matter how small, needs to include hardware security
Privacy Issues in 6LoWPAN Wireless Sensor Networks
Florian Pebay-Peyroula, Head of connected objects/systems security Laboratory, CEA, France
• Description of 6LoWPAN standard and protocols More
• Analysis of privacy information contained in the headers when no security is used
• Study of private information still disclosed when security is enabled
• Synthesis of information intercepted in a 6LoWPAN network with a proper use of the security
Secure Element for IoT (title TBC)
Loic Bonvarlet, Product Marketing Director M2M , Gemalto
Securing the Lifecycle of Smart Home Environments
Cedric Levy-Bencheton, ENISA
• Threats applicable to IoT in Smart Home Environments More
• Security measures for Smart Home Environments
• Challenges and next steps
1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show  | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

IoT Security Part II: Data Protection in IoT/Cloud Environment
Session Chair: Eric Vétillard Product Manager,
Java Card & IoT Security, Oracle France
The sessions address the latest issues in security and privacy ofcloud services/data, mainly seen from a client-side security perspective. Besides virtualization risks and HSMs, “end -to-end encryption vs client-side encryption for cloud” debate is on the agenda.
Cloud Centric Data Security
Michael Osborne, Manager Cloud Solutions and Security, IBM Research Division, Zurich Research Laboratory
· Extracting business insights from big data using cloud technologies More
• The uniqueness of data
• The challenges with protecting data, approaches to desensitising data
• Insight into the future data protection technologies
How One to One Sharing Enforces Secure Collaboration
Laurent Henocque, Founder and CEO, Keeex, France
• Cloud and sharing solutions abound, but do not make our life easier More
• Collaborating over heterogeneous clouds or systems is impossible in confidentiality
• Secure One2one sharing over legacy cloud/technical solutions solves the problem
Mobile Health: How Big Data Analysis will Improve Healthcare Systems
Silvana Pintão, Industry Analyst, Smart Insights
Connected Health and Cybersecurity
Edmond Cisse, IS Risk Manager, URAEUS Consult, France
• IoT and BYOD concepts growing implantation in healthcare industry More
• Focus on new intentional cyber-threats against healthcare organizations
• The cybersecurity threats mitigation tools (regulations, risk management, controls… )

Strong Authentication on the Move
Session Chair: Jonas Andersson, Principal, Marine Vision Consultants
FIDO Revolution: phishing attacks prevention & secure identity for cloud services
Frederic Martin, System Architect, Neowave, France
• Live “phishing” attacks: how standard security tools and recommendations(Antivirus, Firewall, OTP, SMS…) fail to protect victims More
• New easy-to-use security devices, compatible with the last FIDO Alliance specifications, to provide secure strong authentication to Gmail, Dropbox and other web services
• Future of FIDO compatible or inspired solutions, reconciling cloud based solutions users with transparent smart card security, from simple applications to critical solutions for banks, certification authorities or healthcare companies
Why we need an Offline Personal Authentication Device
Audun Josang, Professor, University of Oslo, Norway
• The OffPAD (offline personal authentication device) concept More
• Portable multilateral authentication
• Id model and device compatibility
• Immunity against malware
A Password Is Not Enough
Ing. Boudewijn Kiljan, CTO, Wave Systems EMEA, Netherlands
• Multifactor authentication is required as password does not provide sufficient security anymore More
• A couple a challenges exist
• Many of those authentication challenges are covered by using Virtual Smartcards

Authentication "Vs." Biometrics?
Session Chair: Jonas Andersson, Principal, Marine Vision Consultants
Advances in Biometrics for an ID Government program
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• The real experience of biometrics in government applications – Performance testing results for Face, Fingerprint, Iris, Voice and the studies of multibiometric fusion More
• Disregarding the limitations of biometrics when implemented on resource constrained and ergonomically limited mobile and IoT devices, there are still constraints fundamental to each biometry
BIOPRIV: A Systematic Approach to Privacy by Design for Biometric Access Control
Julien Bernet, Senior Security Consultant, Trusted Labs, France
• Definition of a systematic method for privacy by design More
• Integration of privacy requirements in the design of a biometric system
• Evaluation of a solution with respect to privacy requirements
• Make privacy by design achievable at reasonable costs
Identity Protection and Privacy: Is There Hope for Wearable Security?
Jerome Schang, Cyber Security & Wearable Global Business Development Manager, NXP Semiconductors, USA
• Secure payment and access for wearable More
• Biometric challenges for wearable
• Leading the way towards FDA/HIPAA/FTC Telehealth standards`

DAY 3 – Thursday Sept. 17
9.00am – 1.00pm: Conference | 10.30 – 11.15am: Coffee & Refreshments Break – Networking – Smart Innovation Show

Mobile ID Part I:
Mobile ID for e-Payment
Moderated by: Detlef Houdeau, Senior Director of Business Development, Identification Market, Infineon; Member of Silicon Trust, Eurosmart and BITKOM
Electronic identity is more and more the bond of trust between citizens and online public services, and in some countries banking services. As m-payment industry is looking for stronger customer authentication, Mobile ID solutions can provide a strong level of identity assurance while keeping it simple for end users. Review of the latest mobile ID projects round the world, their convergence with m-payment and the technology requirements.
Mobile Identity – The Fusion of Financial Services, Mobility and Identity in a Hyper-Connected World
Rocky Scopelliti, Global Industry Executive – Banking, Finance & Insurance, Telstra, Australia
• In a world where the smartphone has become the link between our human identity and our digital one, how do consumers now prefer to be identified? More
• How can mobile technologies shift the trust paradigm from one of having to prove who we are, to one of being recognised for whom we are?
Where e-Payments and Mobile ID Meet
David Ruana, Product Manager, Safelayer Secure Communications, Spain
• Using National eIDs, in general, and MobileID, in particular, as a form of identification for e-payments More
• eIDAS contribution to the e-payment industry
• Compliance with SecuRe Pay and Payment Service Directive (PSD2) in the EU
Mobile Connect and Banking (title TBC)
Claire Maslen, Head of Financial Services, GSMA
From Mobile KYC (Know Your Customer) to Strong Authentication, Biometrics is Flooding the Market
Philippe Le Pape, VP Sales Biometrics Solutions, Morpho, France
• Banks and financial institutions’ challenge is to improve customer’s trust assessment to provide access to more valuable operations in an omni-channel environment. More
• KYC (Know Your Customers) process: How to ensure customer’s state-issued identity, uniqueness and eligibility?
• Usage of biometrics as strong authentication method.
• Identity derivation: a way to leverage upon trusted ID

Mobile ID Part II:
m-Government Services
Moderated by: Detlef Houdeau, Senior Director of Business Development, Identification Market, Infineon; Member of Silicon Trust, Eurosmart and BITKOM
National Mobile ID Schemes: Learning from Today’s Best Practices
Coralie Mesnard, Digital Identity Solutions Marketing Manager, Gemalto, France
• Unique study on Mobile ID in 14 countries/regions More
• Give some readability on Mobile ID projects : trends are shown
• Lessons learnt: Learning from past experience and today’s best practices
• Not about Gemalto but countries
Mobile ID – Strong Authentication Tool for e-Services
Jana Krimpe, Founder “B.est Solutions” LLC,  Head of the Mobile ID project consortium in the Republic of Azerbaijan
• How to establish Mobile ID infrastructure based on private-public-partnership (PPP) model? More
• Asan İmza (Mobile ID) – a technology needed for moving from e-government to m-government
• How Asan İmza functions – the complete description of the Mobile ID ecosystem in Azerbaijan
• Cases of use of Asan İmza – from e-services to cross-border digital signature platforms
Realizing Mobile Identity Solutions with GlobalPlatform Specifications
Gil Bernabeu, Technical Director, GlobalPlatform, USA
• An overview of the mobile ID landscape, key use cases and enabling technologies More
• An insight into how GlobalPlatform Specifications can be leveraged to meet the mobile ID needs for a wide variety of markets such as government-to-government, government-to-citizen, enterprise, eHealth, financial and commercial
• An explanation of the key findings from GlobalPlatform’s mobile ID white paper
e-ID-services goes mobiles: lessons and perspectives

Mobile Device Security

Session Chair: Gisela Meister, Head of Technology Consulting R&D, Standardisation Manager CTO, Giesecke & Devrient
Changing The Game with Hardware Based Security in Windows 10
Janne Uusilehto, Senior Manager, Product Security & Privacy, Microsoft
• Hardware or software only solutions are not enough More
• How Windows 10 takes advantage of hardware rooted trust to provide security from the inside out
• How developers can benefit from Windows hardware security services
• Focus on the hardware features (UEFI, TPM, processor-based visualization and memory protection)
Trusted Execution Environment in a Virtual Machine
Mike Borza, Member of Technical Staff, Synopsys, Canada
• Virtualizing the SoC architecture extends the usual notion of virtualization beyond the CPU More
• Virtualization at this level has implications at the lowest levels of the IC architecture
• Hardware virtualization allows enforcement of the separation between virtual machines
GlobalPlatform’s Secure Component and the Root of Trust
Gil Bernabeu, Technical Director, GlobalPlatform, USA
Mobile Security Technologies Revolutionize Consumer and Enterprise Applications
Thierry Spanjaard, CEO & Principal, Smart Insights, France
• Mobile security: an issue More
• TEE: software vs. hardware, functionalities, threats, standardization, etc.
• TEE security applications: corporate security, content management,mobile payment, etc.
• Mobile forecast and market trends
Hookdroid –Dynamic Analysis of Android Applications on Real-World Devices
Valerio Costamagna, PhD Student, University of Turin, Italy
• Android applications dynamic instrumentation on real-world devices More
• Supporting latest Android runtime (ART)
• Android application behaviour analysis and anomaly detection at runtime
Hardware Design to Support Secure Embedded Virtualization
Mike Borza, Member of Technical Staff, Synopsys, Canada
HINT’s Technologies for IC Authenticity & Integrity Checking
Thomas Hübner, Security Projects Manager, Morpho, Germany
1.00 – 2.00pm: Lunch – Networking – Smart Innovation Show | 2.00 – 6.45pm: Conference
| 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Smart Innovation Show

Security for m-Payment & Contactless Transactions
(jointly with Smart Contactless World)
Security is a crucial issue for the contactless services adoption especially with sensitive services such as m-payment. From standards and regulation to Secure Element integrations, this session covers the elements of the security chain required to ensure end users’ trust.
Comparative Analysis of Information Security in Contactless Transactions
Matti Penttila, Senior Researcher, VTT Technical Research Centre of Finland
• Different use cases for contactless transactions give different requirements for security More
• What are the common features of different use cases and what are the differences?
• Privacy-related risks in these transactions
Mobile Transaction Security: What do you need to protect?
Robert Fargier, Senior Consultant, ISTIUM, France – Jean-Luc Garnier, Senior Consultant, Knowbile Consulting, France
• Consumers love their smartphones but do not trust it, slowing down mobile services adoption More
• How can we build this trust and which techno do we have at hand to build it?
• Overview of the components that participate the global security fence into mobile devices.
• Value of the data we want to protect: do we need techno or education?
GlobalPlatform’s Value Proposition for mPOS
Kevin Gillick, Executive Director, GlobalPlatform, USA
• Overview of the trusted execution environment (TEE) and the value of the TEE for enabling smartphones as MPOS devices. More
• Insight into the role of the trusted user interface in securing payment transactions.
• Snapshot of GlobalPlatform’s work in this area and details of upcoming developments.

End-to-End Security with NFC
Implications of HCE, SE and TEE-Based Security For Mobile Services
Christian Damour, Security Business Line Manager, FIME, France
• NFC mobile ecosystem main security risks More
• Security implications for HCE, SE and TEE-based mobile services and market status
• A view to the future in mobile payment regarding security aspects
Providing Chip to Cloud Security to Fight Against Cloning and Gray Market
Florent Renahy, Embedded Security Architect IoT, Inside Secure, France
• Provide an innovative and highly secure solution to the counterfeiting problems More
• This solution relies on cutting-edge technologies in the fields of both hardware and software
• The answer to such problems can be achieved by tight combination of relevant products
• The presentation will show different aspects of security, in chip and in mobile phone application
Using Secure Element in the Cloud From HCE-SE Open Platform
Prof. Pascal Urien, Telecom ParisTech, France
• Host Card emulation is a promising technology, does it need an open model? We believe yes. More
• An open technology based on secure elements in the cloud and secure elements hosted in the mobile.
• RACS (Remote APDU Call Secure) is a core building block for this technology
• Open mobile software platform based on these concepts

Overcoming Standards Challenges

Session Chair: Jean-Paul Thomasson, Security Expert Strategies Telecoms & Multimedia, Program Committee Chair
Security Tokens are still largely dominated by proprietary or not interoperable solutions and new domains like Big Data, Cloud and IoT added to the growing attention to the Privacy aspects are challenging Security experts in the industry and government. This session explores possible convergences among standards across different area of interest but even across different standards organization.
GlobalPlatform: Supporting the Development of a Global TEE Certification Program

Gil Bernabeu, Technical Director, GlobalPlatform, USA

• The current mobile threat landscape and how it is evolving. More
• The importance of developing a stable and scalable TEE ecosystem and the benefits this brings to the industry.
• GlobalPlatform Trusted Execution Environment Protection Profile and the steps that association has undertaken to gain support from national certification bodies globally
The Path to Inter-Industry Standards for Utilizing Smart Card in Web Applications
Olivier Potonniée, Senior Research Engineer, Gemalto, France
• Web applications using smart cards More
• Review of existing and ongoing standards
• Privacy aware security policies
Privacy and Mobile ID :  Standardisation and Certification
Dr. Matthias Schwan, Bundesdruckerei, Berlin, Bundesdruckerei, Germany; Dr. Gisela Meister, Head of Technology Consulting R&D, Standardisation Manager C-TO, Giesecke & Devrient, Germany (speaker)
ID Management and Security: Standards convergence
Salvatore Francomacaro, Information Technology Lab, Computer Security Division, NIST
• ISO: a national and international standardization collaboration More
• ISO standard and Global Platform Specifications
• Overview of the standardization effort in the ID Management and Privacy space effort
PANEL DEBATE: How Can End-to-End Security Benefit From (and Influence) Regional and International Standards?
Expected panellist include ETSI, ISO representatives

End of the Conference