Skip to main content
Mobile Identity in Identity Management

Mobile Identity in Identity Management

$249.00
When you get access:
Course access is prepared after purchase and delivered via email
Who trusts this:
Trusted by professionals in 160+ countries
How you learn:
Self-paced • Lifetime updates
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
Your guarantee:
30-day money-back guarantee — no questions asked
Adding to cart… The item has been added

This curriculum spans the technical and operational complexity of a multi-workshop program focused on integrating mobile identity across enterprise systems, comparable to an internal capability build for securing mobile access at scale.

Module 1: Foundational Mobile Identity Architecture

  • Selecting between native, hybrid, and web-based mobile application architectures based on identity integration requirements and platform-specific security constraints.
  • Implementing secure bootstrapping of identity artifacts (e.g., client certificates, app attestation tokens) during mobile app provisioning.
  • Integrating mobile identity components with existing enterprise identity providers (IdPs) using SAML, OIDC, or WS-Fed with mobile-optimized profiles.
  • Designing fallback authentication mechanisms for offline mobile scenarios while maintaining compliance with access control policies.
  • Evaluating the use of mobile device identifiers (IMEI, advertising ID) versus identity-derived identifiers to minimize privacy risks.
  • Enforcing app integrity checks through runtime application self-protection (RASP) to prevent tampering with identity components.

Module 2: Authentication and Credential Management on Mobile

  • Implementing secure credential storage using platform-specific keystores (Android Keystore, iOS Keychain) with hardware-backed protection.
  • Configuring biometric authentication (Touch ID, Face ID, Android BiometricPrompt) with fallback to PIN/password while preserving FIDO2 compliance.
  • Managing lifecycle of refresh and access tokens in mobile apps, including silent reauthentication and secure revocation handling.
  • Integrating FIDO2 passkeys with mobile identity flows to replace password-based login across enterprise applications.
  • Designing secure fallback paths when biometric sensors are unavailable or user enrollment fails.
  • Enforcing conditional access policies based on authentication method strength (e.g., biometric vs. knowledge-based) at the resource server.

Module 3: Mobile Device Identity and Trust Assessment

  • Integrating mobile device management (MDM) or unified endpoint management (UEM) signals into identity decision engines for access evaluation.
  • Implementing device attestation using Android SafetyNet or Apple DeviceCheck to verify device integrity before granting access.
  • Mapping device compliance status (e.g., jailbreak detection, OS version) to dynamic risk scores in adaptive authentication policies.
  • Establishing trust chains from device hardware roots of trust to enterprise identity systems via attested TLS channels.
  • Handling identity decisions for personally owned devices (BYOD) versus corporate-owned devices with different trust assumptions.
  • Syncing device identity state across multiple identity providers and cloud services without creating stale authorization conditions.

Module 4: Federated Identity and Single Sign-On on Mobile

  • Configuring brokered authentication via platform identity agents (e.g., Microsoft Authenticator, Google Smart Lock) for SSO across enterprise apps.
  • Implementing custom tab and app linking strategies to prevent phishing and maintain context during OAuth2 authorization flows.
  • Managing account selection and multi-account support in mobile SSO without exposing credential caching vulnerabilities.
  • Handling token sharing across related apps using platform-specific mechanisms (e.g., iOS app groups, Android shared user IDs).
  • Securing inter-app communication when passing identity tokens between enterprise applications on the same device.
  • Enforcing session isolation between work and personal profiles on Android Enterprise and iOS Managed Apps.

Module 5: Risk-Based Authentication and Adaptive Policies

  • Collecting and normalizing mobile-specific risk signals (location velocity, network type, device motion) for real-time risk scoring.
  • Integrating fraud detection engines with mobile identity flows to trigger step-up authentication or block access.
  • Designing policy rules that adjust authentication requirements based on transaction sensitivity and user behavior baselines.
  • Implementing silent risk evaluation in the background to avoid disrupting user workflows during low-risk interactions.
  • Storing and auditing risk decision logs in compliance with data retention and privacy regulations (e.g., GDPR, CCPA).
  • Calibrating risk thresholds to balance usability and security, particularly in high-mobility user populations.

Module 6: Privacy, Consent, and Regulatory Compliance

  • Implementing granular consent mechanisms for mobile app permissions (camera, location, contacts) aligned with data minimization principles.
  • Designing identity data flows to support right to access and right to deletion requests under privacy regulations.
  • Encrypting personally identifiable information (PII) in local app storage and during transmission using app-specific keys.
  • Documenting data processing activities involving mobile identity for compliance with GDPR Article 30 requirements.
  • Managing consent persistence across app updates and reinstalls without violating user autonomy.
  • Auditing third-party SDKs for identity-related data collection and ensuring contractual compliance with privacy obligations.

Module 7: Lifecycle Management and Identity Orchestration

  • Automating provisioning and deprovisioning of mobile access rights through integration with HR and IT service management systems.
  • Orchestrating identity workflows across multiple systems (IdP, MDM, application gateways) during onboarding and offboarding.
  • Handling identity recovery scenarios when a user loses or resets their mobile device without compromising account security.
  • Implementing just-in-time (JIT) provisioning for federated mobile users while enforcing attribute validation rules.
  • Synchronizing identity state across cloud and on-premises directories when mobile access depends on hybrid identity models.
  • Monitoring and alerting on stale mobile sessions and orphaned device registrations to reduce attack surface.

Module 8: Monitoring, Forensics, and Incident Response

  • Centralizing mobile authentication logs (success/failure, MFA triggers, device changes) in a SIEM for correlation.
  • Establishing baselines for normal mobile access patterns to detect anomalous behavior indicative of compromise.
  • Designing forensic data collection procedures for mobile devices involved in security incidents while preserving chain of custody.
  • Integrating identity systems with SOAR platforms to automate response actions (e.g., session termination, MFA reset).
  • Conducting post-incident reviews to identify gaps in mobile identity controls and update policies accordingly.
  • Testing incident response playbooks for mobile-specific scenarios such as mass device theft or phishing campaigns targeting mobile users.
!