This presentation outlines how the FIDO standards can be integrated with Mobile Connect to offer authentication services within the Mobile Connect framework. This presentation is an output of the collaboration between FIDO Alliance and GSMA and covers an overview of the architecture, FIDO authentication, handling of assurance levels, authentication context for an OpenID Connect profile, and security guidelines.
3. Why
• Liaison relationship between FIDO Alliance and GSMA to
explore how FIDO authentication fits with Mobile Connect
established in May 2017.
• FIDO objectives align with Mobile Connect
• Addressing the same problem: easier, safer online authentication.
• Leverage the mobile phone to provide easy secure two-factor
authentication.
• Create a pluggable framework that can support a variety of security
levels as well as supporting new authentication methods as they arise.
• Promote the adoption of FIDO Authentication with Mobile
Connect.
5. What
• Highlight the synergies between Mobile Connect and FIDO
along with how both technologies are complimentary to one
another.
• Mobile Connect modular design support a range of authentication
methods.
• Leverage Mobile Connect as a global federated authentication service
with FIDO as the preferred authenticator.
• Demonstrate how FIDO can be integrated into Mobile Connect
• Focus initially on the use of UAF and then move on to consider
U2F and FIDO2 (W3C Web Authentication / FIDO Client-to-
Authenticator Protocol).
7. • Federation based on
OpenID Connect
Profile.
• Supported by
development in OpenID
Foundation MODRNA
working group.
How
Mobile Connect
Framework for
Federation
• Minimum profiles for
FIDO Authenticator to
meet particular
assurance levels.
• Discovery process to
identify available
device authenticators.
FIDO Authenticator
Policy
• Assurance level
mapped to appropriate
FIDO Authenticator
policy.
• Authentication Context
Reference used during
authentication process.
Authentication
Context
8. Resources
• FIDO Alliance specifications: https://fidoalliance.org/download/
• FIDO Alliance White Papers: https://fidoalliance.org/white-
papers/
• Mobile Connect: https://www.gsma.com/identity/mobile-connect
• OpenID Foundation working groups: http://openid.net/wg/