Mobile device (e.g, tablets, personal digital assistants (PDAs), phones, etc.) ownership and usage have skyrocketed in the last decade and continues to grow at near exponential rates. Parents have bought phones for small children; individuals considered poor by economic standards possess phones; just about everyone classified as not being poor possess phones; and phone ownership spans the globe and is not tied to any particular country.
The security of mobile devices is difficult to manage. These devices can be lost, stolen or used without the owner's permission. Once the device is stolen, the thief has complete control over the device. This may allow passwords and Personal Identification Numbers (PINs) to be hacked. This can expose the contents of the device and expose any use of the device to a hacker.
More and more these mobile devices are being used to manage and control cloud resources and systems. For example, mobile devices are quickly becoming the face to Intelligent Workload Management (IWM). In the past, additional security for devices that control IWM could be locked down to physical or network locations, but this is not possible with these mobile devices. Part of the value of a portable mobile device is that it can be used from almost anywhere and at anytime. Once control of one of these devices is lost the entire management of an IWM system may be at risk.
Furthermore, passwords entered on a mobile device may not be enough to protect an entire IWM system. There has been some effort to use multifactor authentication to solve some of the above-referenced problems, but the approaches taken heretofore have only moved the security burden to the owner of the device because mobile devices have limited keyboards and screen sizes.
Also, anything used to authenticate the user, which is on the mobile device, is susceptible to landing in the hands of a thief that appropriates the mobile device and is therefore capable of being compromised.