Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2014 FIDO Alliance. Who… What… Why… 142+ & growing…

Similar presentations


Presentation on theme: "© 2014 FIDO Alliance. Who… What… Why… 142+ & growing…"— Presentation transcript:

1 © 2014 FIDO Alliance

2 Who… What… Why…

3

4 142+ & growing…

5

6 To Change Authentication Online by: (a) Developing unencumbered Specifications that define interoperable mechanisms that supplant reliance on passwords (b) Operating programs to help ensure industry adoption (c) Submitting mature Specifications for formal standardization

7 FIDO Alliance’s Role… “Paper” Specifications Interoperability and Conformance testing Trademark licensing against criteria Thought leadership, nurture ecosystem The Alliance does not ship products! Implementations left to commercial vendors

8 Identity & Authentication Building Blocks ©NOK NOK LABS – Used by Permission8 Physical-to-digital identity User Management Authentication Federation Single Sign-On E-Gov Payments Security Passwords Risk-Based Strong MODERN AUTHENTICATION Personalization

9 Why Authentication is Cybersecurity Priority #1 Poor authentication mechanisms are a commonly exploited vector of attack by adversaries; the 2013 Data Breach Investigations Report (conducted by Verizon in concert with the U.S. Department of Homeland Security) noted that 76% of 2012 network intrusions exploited weak or stolen credentials. -- NIST Roadmap for Improving Critical Infrastructure Cybersecurity,12-Feb-2014

10 Today’s Passwords REUSEDPHISHEDKEYLOGGED

11 Today’s Password Alternatives One Time Codes with SMS or Device SMS USABILITY DEVICE USABILITY USER EXPERIEN CE STILL PHISHABL E Coverage | Delay | CostOne per site | $$ | FragileUser find it hardKnown attacks today

12 Major Industry Trend Simpler, Stronger Local Device Auth PERSONAL DEVICES LOCAL LOCKING NEW WAVE: CONVENIENT SECURITY Carry Personal Data Pins & Patterns today Simpler, Stronger local authentication

13 Putting It Together The problem: Simpler, Stronger online The trend: Simpler, Stronger local device auth Why not: Use local device auth for online auth? This is the core idea behind FIDO standards!

14 FIDO Experiences LOCAL DEVICE AUTHSUCCESS ONLINE AUTH REQUEST PASSWORDLESS EXPERIENCE (UAF standards) SECOND FACTOR EXPERIENCE (U2F standards) Show a biometric Transaction Detail Done Login & Password Insert Dongle, Press button Done

15 State of Market Adoption

16 Version 1.0 is in Public Review

17 13+ products have participated in and satisfied the requirements of our testing program and are conferred the right to use the FIDO Ready™ mark.

18 OEMs SHIPPING FIDO-READY ™ PRODUCTS New and existing devices are supported OEM Enabled: Samsung Galaxy S5 OEM Enabled: Lenovo ThinkPads with Fingerprint Sensors Clients available for these operating systems : Software Authenticator Examples: Voice/Face recognition, PIN, QR Code, etc. Aftermarket Hardware Authenticator Examples: USB fingerprint scanner, MicroSD Secure Element

19 First FIDO Deployment already live… Customers can use their finger to pay with PayPal from their new Samsung Galaxy S5 because the FIDO Ready™ software on the device securely communicates between the fingerprint sensor on their device and PayPal’s service in the cloud. The only information the device shares with PayPal is a unique cryptographic “public key” that allows PayPal to verify the identity of the customer without having to store any biometric information on PayPal’s servers.

20 From July 2014… Alipay – formerly a part of Alibaba Group in China Processed $519 Billion in transactions in 2013 Launched FIDO-based payments using Galaxy S5

21 How it works

22 FIDO Registration REGISTRATION BEGINSUSER APPROVAL REGISTRATION COMPLETENEW KEY CREATED USER APPROVAL KEY REGISTERED 12 Using Public key Cryptography 43

23 FIDO Login LOGINUSER APPROVAL LOGIN COMPLETEKEY SELECTED LOGIN CHALLENGE LOGIN RESPONSE Login Using Public key Cryptography

24 Decouple User Verification Method from Authentication Protocol LOGINUSER APPROVAL REGISTRATION COMPLETEKEY SELECTED LOGIN CHALLENGE LOGIN RESPONSE Leverage public key cryptography ONLINE SECURITY PROTOCOL PLUGGABLE LOCAL AUTH

25 No 3 rd Party in the Protocol

26 No secrets on Server side

27 Key Benefit for Service Providers

28 FIDO’s Focus on User Privacy Biometric data (if used) never leaves device No link-ability between Services No link-ability between Accounts

29 Call to Action FIDO is ready for use o launch a Proof-of-Concept & Pilot Get involved: o Adapt your strategy & roadmap to include FIDO o Join the Alliance – we are non-profit & volunteer  Contact Brett McDowell –

30 THANK YOU


Download ppt "© 2014 FIDO Alliance. Who… What… Why… 142+ & growing…"

Similar presentations


Ads by Google