Submit Search
Upload
FIDO Authentication in the Shifting Regulatory Landscape
•
3 likes
•
816 views
FIDO Alliance
Follow
Presented at the FIDO Authentication Seminar in Austin, Texas on January 28, 2019
Read less
Read more
Law
Report
Share
Report
Share
1 of 28
Download now
Download to read offline
Recommended
FIDO & Mobile Connect
FIDO & Mobile Connect
FIDO Alliance
Javelin Research's State of Strong Authentication 2019 Report Webinar
Javelin Research's State of Strong Authentication 2019 Report Webinar
FIDO Alliance
Deployment Snapshot from Japan: NTT DOCOMO, Yahoo! Japan
Deployment Snapshot from Japan: NTT DOCOMO, Yahoo! Japan
FIDO Alliance
Lifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key Deployments
FIDO Alliance
European Regulation And The Need For Strong Customer Authentication
European Regulation And The Need For Strong Customer Authentication
FIDO Alliance
Strong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
The State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
FIDO Alliance Vision and Updates
FIDO Alliance Vision and Updates
FIDO Alliance
Recommended
FIDO & Mobile Connect
FIDO & Mobile Connect
FIDO Alliance
Javelin Research's State of Strong Authentication 2019 Report Webinar
Javelin Research's State of Strong Authentication 2019 Report Webinar
FIDO Alliance
Deployment Snapshot from Japan: NTT DOCOMO, Yahoo! Japan
Deployment Snapshot from Japan: NTT DOCOMO, Yahoo! Japan
FIDO Alliance
Lifecycle Consideration for Security Key Deployments
Lifecycle Consideration for Security Key Deployments
FIDO Alliance
European Regulation And The Need For Strong Customer Authentication
European Regulation And The Need For Strong Customer Authentication
FIDO Alliance
Strong Customer Authentication & Biometrics
Strong Customer Authentication & Biometrics
FIDO Alliance
The State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
FIDO Alliance Vision and Updates
FIDO Alliance Vision and Updates
FIDO Alliance
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO Alliance
FIDO Support for the GDPR
FIDO Support for the GDPR
FIDO Alliance
Integrating FIDO & Federation Protocols
Integrating FIDO & Federation Protocols
FIDO Alliance
FIDO and the Future of User Authentication
FIDO and the Future of User Authentication
FIDO Alliance
Technical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
FIDO Alliance
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
FIDO Alliance
FIDO Masterclass
FIDO Masterclass
FIDO Alliance
Fido Technical Overview
Fido Technical Overview
FIDO Alliance
Biometrics for Payment Authentication
Biometrics for Payment Authentication
FIDO Alliance
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance
FIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong Kong
FIDO Alliance
A First Step to a World without Passwords
A First Step to a World without Passwords
FIDO Alliance
FIDO Authentication in a Mobile Network
FIDO Authentication in a Mobile Network
FIDO Alliance
Introduction to FIDO's Identity Verification & Binding Initiative
Introduction to FIDO's Identity Verification & Binding Initiative
FIDO Alliance
FIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
FIDO and Adaptive Authentication
FIDO and Adaptive Authentication
FIDO Alliance
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
Digital Identity In Government
Digital Identity In Government
FIDO Alliance
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
More Related Content
What's hot
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO Alliance
FIDO Support for the GDPR
FIDO Support for the GDPR
FIDO Alliance
Integrating FIDO & Federation Protocols
Integrating FIDO & Federation Protocols
FIDO Alliance
FIDO and the Future of User Authentication
FIDO and the Future of User Authentication
FIDO Alliance
Technical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
FIDO Alliance
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
FIDO Alliance
FIDO Masterclass
FIDO Masterclass
FIDO Alliance
Fido Technical Overview
Fido Technical Overview
FIDO Alliance
Biometrics for Payment Authentication
Biometrics for Payment Authentication
FIDO Alliance
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance
FIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong Kong
FIDO Alliance
A First Step to a World without Passwords
A First Step to a World without Passwords
FIDO Alliance
FIDO Authentication in a Mobile Network
FIDO Authentication in a Mobile Network
FIDO Alliance
Introduction to FIDO's Identity Verification & Binding Initiative
Introduction to FIDO's Identity Verification & Binding Initiative
FIDO Alliance
FIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO Alliance
FIDO and Adaptive Authentication
FIDO and Adaptive Authentication
FIDO Alliance
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
Digital Identity In Government
Digital Identity In Government
FIDO Alliance
What's hot
(20)
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO Support for the GDPR
FIDO Support for the GDPR
Integrating FIDO & Federation Protocols
Integrating FIDO & Federation Protocols
FIDO and the Future of User Authentication
FIDO and the Future of User Authentication
Technical Principles of FIDO Authentication
Technical Principles of FIDO Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
FIDO Masterclass
FIDO Masterclass
Fido Technical Overview
Fido Technical Overview
Biometrics for Payment Authentication
Biometrics for Payment Authentication
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO UAF Adoption in Hong Kong
FIDO UAF Adoption in Hong Kong
A First Step to a World without Passwords
A First Step to a World without Passwords
FIDO Authentication in a Mobile Network
FIDO Authentication in a Mobile Network
Introduction to FIDO's Identity Verification & Binding Initiative
Introduction to FIDO's Identity Verification & Binding Initiative
FIDO Authentication and GDPR
FIDO Authentication and GDPR
FIDO and Adaptive Authentication
FIDO and Adaptive Authentication
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
Digital Identity In Government
Digital Identity In Government
Similar to FIDO Authentication in the Shifting Regulatory Landscape
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
FIDO Alliance
GDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準について
FIDO Alliance
2019 FIDO Seoul Seminar - Moving Beyond Passwords
2019 FIDO Seoul Seminar - Moving Beyond Passwords
FIDO Alliance
2019 FIDO Tokyo Seminar - Welcome Keynote Andrew Shikiar
2019 FIDO Tokyo Seminar - Welcome Keynote Andrew Shikiar
FIDO Alliance
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Alliance
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Alliance
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Idan Tohami
Deployment Case Study: Login.gov & FIDO2
Deployment Case Study: Login.gov & FIDO2
FIDO Alliance
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays
Introduction to FIDO Authentication
Introduction to FIDO Authentication
FIDO Alliance
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
FIDO Alliance
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Alliance
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
Olivier Busolini
201201 b innopay presentation hft
201201 b innopay presentation hft
bakkertje99999
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Burton Lee
The Value of FIDO Alliance Membership
The Value of FIDO Alliance Membership
FIDO Alliance
Chapter 5 the kyc utility
Chapter 5 the kyc utility
Quan Risk
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Alliance
Introduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
Similar to FIDO Authentication in the Shifting Regulatory Landscape
(20)
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
Beyond Passwords: FIDO and the Future of User Authentication
Beyond Passwords: FIDO and the Future of User Authentication
GDPR(一般データ保護規則)とFIDO標準について
GDPR(一般データ保護規則)とFIDO標準について
2019 FIDO Seoul Seminar - Moving Beyond Passwords
2019 FIDO Seoul Seminar - Moving Beyond Passwords
2019 FIDO Tokyo Seminar - Welcome Keynote Andrew Shikiar
2019 FIDO Tokyo Seminar - Welcome Keynote Andrew Shikiar
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Authentication in Europe the Momentum and Opportunities
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Open Banking / PSD2 & GDPR Regulations and How They Are Changing Fraud & Fina...
Deployment Case Study: Login.gov & FIDO2
Deployment Case Study: Login.gov & FIDO2
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
Introduction to FIDO Authentication
Introduction to FIDO Authentication
Introduction to FIDO Biometric Authentication
Introduction to FIDO Biometric Authentication
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
201201 b innopay presentation hft
201201 b innopay presentation hft
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
The Value of FIDO Alliance Membership
The Value of FIDO Alliance Membership
Chapter 5 the kyc utility
Chapter 5 the kyc utility
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
Introduction to FIDO Alliance
Introduction to FIDO Alliance
More from FIDO Alliance
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
FIDO Alliance
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
FIDO Alliance
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
FIDO Alliance
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
FIDO Alliance
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
FIDO Alliance
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
FIDO Alliance
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
FIDO Alliance
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
FIDO Alliance
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
FIDO Alliance
YubiOnが目指す未来
YubiOnが目指す未来
FIDO Alliance
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
FIDO Alliance
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
FIDO Alliance
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
FIDO Alliance
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
FIDO Alliance
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
FIDO Alliance
More from FIDO Alliance
(20)
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
YubiOnが目指す未来
YubiOnが目指す未来
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
Recently uploaded
Reason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in India
Yash
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
Airst S
Chambers Global Practice Guide - Canada M&A
Chambers Global Practice Guide - Canada M&A
SkyLaw Professional Corporation
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
F La
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
Airst S
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
Lugenbuhl, Wheaton, Peck, Rankin & Hubbard
Performance of contract-1 law presentation
Performance of contract-1 law presentation
Khushdeep Kaur
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
e9733fc35af6
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
elysemiller87
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
Finlaw Associates
一比一原版(Waterloo毕业证书)加拿大滑铁卢大学毕业证如何办理
一比一原版(Waterloo毕业证书)加拿大滑铁卢大学毕业证如何办理
e9733fc35af6
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
seri bangash
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
F La
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
Airst S
Career As Legal Reporters for Law Students
Career As Legal Reporters for Law Students
Nilendra Kumar
Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdf
Britto Valan
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
irst
一比一原版(Carleton毕业证书)加拿大卡尔顿大学毕业证如何办理
一比一原版(Carleton毕业证书)加拿大卡尔顿大学毕业证如何办理
e9733fc35af6
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
CssSpamx
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.
tanughoshal0
Recently uploaded
(20)
Reason Behind the Success of Law Firms in India
Reason Behind the Success of Law Firms in India
一比一原版伦敦南岸大学毕业证如何办理
一比一原版伦敦南岸大学毕业证如何办理
Chambers Global Practice Guide - Canada M&A
Chambers Global Practice Guide - Canada M&A
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(TheAuckland毕业证书)新西兰奥克兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
一比一原版(CQU毕业证书)中央昆士兰大学毕业证如何办理
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
It’s Not Easy Being Green: Ethical Pitfalls for Bankruptcy Novices
Performance of contract-1 law presentation
Performance of contract-1 law presentation
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
一比一原版(纽大毕业证书)美国纽约大学毕业证如何办理
Navigating Employment Law - Term Project.pptx
Navigating Employment Law - Term Project.pptx
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
How do cyber crime lawyers in Mumbai collaborate with law enforcement agencie...
一比一原版(Waterloo毕业证书)加拿大滑铁卢大学毕业证如何办理
一比一原版(Waterloo毕业证书)加拿大滑铁卢大学毕业证如何办理
3 Formation of Company.www.seribangash.com.ppt
3 Formation of Company.www.seribangash.com.ppt
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版(Monash毕业证书)澳洲莫纳什大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
一比一原版埃克塞特大学毕业证如何办理
Career As Legal Reporters for Law Students
Career As Legal Reporters for Law Students
Hely-Hutchinson v. Brayhead Ltd .pdf
Hely-Hutchinson v. Brayhead Ltd .pdf
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(USC毕业证书)南加州大学毕业证学位证书
一比一原版(Carleton毕业证书)加拿大卡尔顿大学毕业证如何办理
一比一原版(Carleton毕业证书)加拿大卡尔顿大学毕业证如何办理
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ASMA JILANI EXPLAINED CASE PLD 1972 FOR CSS
ARTICLE 370 PDF about the indian constitution.
ARTICLE 370 PDF about the indian constitution.
FIDO Authentication in the Shifting Regulatory Landscape
1.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20191 FIDO AUTHENTICATION IN THE SHIFTING EUROPEAN REGULATORY LANDSCAPE ALAIN MARTIN CO-CHAIR FIDO EUROPE WG VP STRATEGIC PARTNERSHIPS - GEMALTO
2.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20192 AGENDA • How FIDO helps with the SCA requirements under PSD2 • Compliance • The customer journey • How FIDO helps with GDPR • The need for strong authentication • The privacy by design
3.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20193 FIDO, PSD2 AND THE CUSTOMER JOURNEY
4.
Open APIs FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20194 PSD2 IN A FEW WORDS • New Access to Account mandate Open APIs • New Strong Customer Authentication mandate • New Third Party Provider (TPP) roles : Open APIs Open APIs Payment execution Open APIs Open APIs Open APIs Gives consent Payment Initiation Service Provider (PISP) Account Information Service Provider (AISP)
5.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20195 THE CUSTOMER JOURNEY KEY SUCCESS FACTOR FOR THE ROLL OUT OF PSD2 IN EUROPE Authentication models have been created and… much debated by the stakeholders
6.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20196 AUTHENTICATION MODELS • Redirection AISPAISP ASPSP Authenticate authentication AISP AISPASPSP Authenticate
7.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20197 AUTHENTICATION MODELS • Decoupled • An Out of Band model PISP Merchant Merchant Authenti- cate ASPSP authentication
8.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20198 POTENTIAL UX ISSUES IN THE REDIRECTION/DECOUPLED MODELS • In account aggregation use cases ASPSP C Sign in with OTP ASPSP C Login Go AISP ASPSP A App AISP ASPSP B token ASPSP C OTP generator ASPSP B Login Pswd Go
9.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 20199 POTENTIAL UX ISSUES IN THE REDIRECTION MODEL • In payment initiation use cases PISP ASPSP Login Merchant Merchant Merchant PISP Bank 1 Bank 2 Bank 3 Select Bank Select account ASPSP Approve transaction ASPSP ASPSP OTP: 123456 Enter OTP: ****** Pswd
10.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201910 FIDO SIMPLIFIES THE CUSTOMER JOURNEY PISP Merchant ASPSP Authorise payment? ASPSP Login Pswd OTP: ****** ASPSP Enter OTP: ****** FIDO Authenticator PISP Merchant Merchant Merchant 1 step authentication 3 step authentication With FIDO With OTP by SMS
11.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201911 WHAT THE REGULATOR AND STAKEHOLDERS SAY • The European Commission • Added article 32-3 in the RTS on “obstacles” ASPSP may have to provide alternatives to Redirection if not properly implemented • EBA opinion paper (June 2018) • Redirection not an obstacle per se • Implementation is key, whichever the model, for a satisfactory user journey • The Fintechs • Some happy with redirection, some wanting no friction in the user experience • The Berlin Group • Are working on 2 additional authentication models: Embedded and Delegated
12.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201912 ALTERNATIVE AUTHENTICATION MODELS • Embedded • Delegated AISP authentication AISPAISP AISP Authenticate AISPAISP AISP Authenticate authentication
13.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201913 EMBEDDED MODEL = AUTHENTICATION BY THE BANK • Not in line with customer education • Difference with phishing attacks • Similar to Apple Pay • Requires enrolment • Requires trust in local user verification the FIDO approach TPPBank OTP generator Enter Pswd: ****** Enter OTP: ****** Pswd, OTP TPP Authen- ticate Bank keys generated in device Challenge/ Response
14.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201914 DELEGATED MODEL: FIDO/EMVCO COLLABORATION ON 3DSECURE Merchant Directory Service FIDO Authentication 3D Secure message Device ACS 3 1 2 Authenticator metadata Risk assessment Step up authentication 4
15.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201915 FIDO COMPLIANCE TO PSD2/RTS ON STRONG CUSTOMER AUTHENTICATION • Based on multi-factor authentication [RTS] Articles 4, 6, 7, 8 • Protection of the “security elements” [RTS] Articles 22, 23, 25 • Separation of execution environments [RTS] Article 9 • Support of dynamic linking [RTS] Article 5 … a detailed analysis of FIDO compliance is published on https://fidoalliance.org/
16.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201916 FIDO AND THE GDPR
17.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201917 GDPR – GENERAL DATA PROTECTION REGULATION • Applies since 25 May 2018 • Very large fines for infringement: Up to €20,000,000 or 4% total worldwide turnover • Data protection • Consent of data subject • Data subject rights • Adequacy, relevance, etc. of data collection • … The subject for FIDO
18.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201918 PROTECTION AGAINST UNAUTHORIZED ACCESS • Level of security to be appropriate to the risk FIDO recommendation: implement strong authentication to prevent phishing and hacking Data subject right to access, modify, etc.
19.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201919 RECENT HEALTHCARE DATA BREACHES July 2018 – Singapore “Hackers stole data of PM Lee and 1.5 million patients in 'major cyberattack' on SingHealth” October 2018 – USA “US Center for Medicare & Medicaid Services says 75,000 individuals' files accessed in data breach” July 2018 – USA “1.4M records breached in UnityPoint Health phishing attack” July 2018 – USA “Patient data exposed for months after phishing attack on Sunspire” August 2018 - USA “3 phishing hacks breach 20,000 Catawba Valley patient records”
20.
20 SPECIAL CATEGORIES OF
DATA • Processing of this data prohibited, unless allowed in specific cases • If allowed, requires • Explicit consent • Suitable safeguards to protect personal data • Data protection impact assessment • Assessment of the measures, safeguards and mechanisms envisaged for mitigating risk and ensuring the protection of personal data Special Categories of data Political opinions Racial or ethnic origin Healthcare Sexual life Religious beliefs Biometric data FIDO Alliance © 2019 - Austin FIDO seminar Jan 2019
21.
21 USER CONSENT • Data
subject must give consent to processing of his/her personal data • For special categories: explicit consent FIDO Alliance © 2019 - Austin FIDO seminar Jan 2019 FIDO recommendation: Strong authentication is a good practice to properly identify the data subject providing consent
22.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201922 THE CONTROLLER SHOULD BE ABLE TO DEMONSTRATE THIS CONSENT • FIDO authenticators are capable of signing transaction data • Server message can include consent information • Signed response is a non forgeable proof • Can be used in case of dispute Do you agree to providing your health data to ABCHealth ? Authenticate to confirm
23.
23 EXEMPTION • GDPR does
not apply to the processing of personal data by a natural person in the course of a purely personal or household activity • Biometrics on smartphone can be exempted • e.g. French Data Protection Authority (CNIL) exemption IF ON DEVICE STORAGE AND MATCHING • If remote storage and matching, there must be an impact assessment FIDO Alliance © 2019 - Austin FIDO seminar Jan 2019
24.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201924 FIDO’S USE OF BIOMETRICS • With FIDO, biometrics can only be stored and matched on a consumer’s device • FIDO prohibit biometrics from being stored or matched in servers No Data Protection Impact Assessment for the use of biometric data
25.
25 DATA PROTECTION BY
DESIGN PRINCIPLE • Proactive • Embedded from the start in design • For authentication solutions, this would mean, by design: Protection of user authentication credentials and biometric data Protection against phishing or MITM attacks FIDO Alliance © 2019 - Austin FIDO seminar Jan 2019
26.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201926 FIDO EMBRACES PROTECTION/PRIVACY-BY-DESIGN Based on public key cryptography No server-side shared secrets Keys generated and stored on device Verification of web origin /channel id Biometrics, if used, never leave device No link-ability between services or accounts
27.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201927 IN SUMMARY In light of the heavy fines and ever increasing attacks from hackers Service providers should consider replacing passwords with stronger means of authentication Password Data protection measures
28.
FIDO Alliance ©
2019 - Austin FIDO seminar Jan 201928 RESOURCES: PSD2 HTTPS://FIDOALLIANCE.ORG/HOW_FIDO_MEETS_THE_RTS_REQUIREMENTS/ HTTPS://FIDOALLIANCE.ORG/.../FIDO-PSD2_CUSTOMER_JOURNEY_WHITE_PAPER.PDF GDPR HTTPS://FIDOALLIANCE.ORG/.../FIDO_AUTHENTICATION_AND_GDPR_WHITE_PAPER_ MAY2018-1.PDF HTTPS://FIDOALLIANCE.ORG/EVENT/WEBINAR-FIDO-AUTHENTICATION-GDPR/
Download now