SlideShare una empresa de Scribd logo

Introduction to FIDO Alliance

FIDO Alliance
FIDO Alliance

Introduction to FIDO Alliance by Brett McDowell, FIDO Alliance, Executive Director from the FIDO Alliance Seminar in New York City on March 3, 2016, entitled "Key Trends in Strong Authentication" The FIDO Alliance invites you to learn how simplify strong authentication for web services. FIDO specifications can help all organizations, especially service providers who want to scale these features for consumer services over the web. Essentially, FIDO offers a simple, low-cost way to improve security and the online experience.

Tecnología
1 de 37
Descargar para leer sin conexión
INTRODUCTION TO FIDO ALLIANCE FIDO Seminar, New York City, 31 March 2016 Brett McDowell, Executive Director brett@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.
The Problem The Solution The Alliance The Market
781 data breaches in 2015 Data Breaches… 170 million records in 2015 (up 50%) $3.8 million cost/breach (up 23% f/2013)
“A look through the details of these incidents shows a common sequence of phish customer ≥ get credentials ≥ abuse web application ≥ empty bank/bitcoin account.” 2015 Data Breach Investigations Report
The world has a PASSWORD PROBLEM 5Confidential
ONE-TIME PASSCODES Improve security but aren’t easy enough to use Still Phishable User Confusion Token Necklace SMS Reliability 6Confidential
WE NEED A NEW MODEL
WE CALL OUR NEW MODEL Fast IDentity Online online authentication using public key cryptography
The Problem The Solution The Alliance The Market
THE OLD PARADIGM USABILITYSECURITY
THE FIDO PARADIGM Poor Easy WeakStrong USABILITY SECURITY
HOW OLD AUTHN WORKS ONLINE The user authenticates themselves online by presenting a human-readable “shared secret”
HOW FIDO AUTHN WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography
Passwordless Experience (UAF Standards) Second Factor Experience (U2F Standards) *There are other types of authenticators Second Factor Challenge 1 Authenticated Online 3 Insert Dongle* / Press Button 2 Biometric Verification* 2 Authentication Challenge 1 ? Authenticated Online 3
OPEN STANDARDS R.O.I. FIDO-ENABLE ONCE GAIN EVERY DEVICE YOU TRUST NO MORE ONE-OFF INTEGRATIONS
USABILITY, SECURITY, R.O.I. and PRIVACY
No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No Link-ability Between Services No Link-ability Between Accounts
Better security for online services Reduced cost for the enterprise Simpler and safer for consumers
The Problem The Solution The Alliance The Market
The FIDO Alliance is an open industry association of over 250 global member organizations
Physical-to-digital identity User Management Authentication Federation Single Sign-On Passwords Risk-BasedStrong MODERN AUTHENTICATION FIDO SCOPE
FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3
Board Members 23 23 23
Alliance Working Groups Standards & Technology 1. FIDO UAF 2. FIDO U2F 3. FIDO 2.0 4. Certification Market Adoption 5. Marketing 6. Privacy & Public Policy 7. Deployment-at-Scale 8. FIDO China https://fidoalliance.org/working-groups
25 Industry Partners Our mission is highly complementary to many other associations around the world. 25
FIDO DEVELOPMENT TIMELINE FIDO 1.0 FINALFirst DeploymentsSpecification Review Draft FIDO Ready Program Alliance Announced FEB 2013 6 Members DEC 2013 FEB 2014 FEB-OCT 2014 DEC 9 2014 MAY 2015 TODAY >250 Members Market Adoption JUNE 2015 Certification Program New U2F Transports
The Problem The Solution The Alliance The Market
“PayPal and Samsung Enable Consumer Payments with Fingerprint Authentication on New Samsung Galaxy S5” Feb 24, 2014 “Secure Consumer Payments Enabled for Alipay Customers with Easy-to-Use Fingerprint Sensors on Recently-Launched Samsung Galaxy S5” September 17, 2014 “Google Launches Security Key, World’s First Deployment of Fast Identity Online Universal Second Factor (FIDO U2F) Authentication” October 21, 2014 2014 FIDO ADOPTION
“Microsoft Announces FIDO Support Coming to Windows 10” Feb 23, 2015 “Qualcomm launches Snapdragon fingerprint scanning technology” March 2, 2015 “Google for Work announced Enterprise admin support for FIDO® U2F ‘Security Key’” April 21, 2015 “Largest mobile network in Japan becomes first wireless carrier to enhance customer experience with natural, simple and strong ways to authenticate to DOCOMO’s services using FIDO standards.” May 26, 2015 2015 FIDO ADOPTION “Today, we’re adding Universal 2nd Factor (U2F) security keys as an additional method for two-step verification, giving you stronger authentication protection.” August 12, 2015 “[T]he technology supporting fingerprint sign-in was built according to FIDO (Fast IDentity Online) standards.” September 15, 2015 “GitHub says it will now handle what is called the FIDO Universal 2nd Factor, or U2F, specification.” October 1, 2015
“NTT DOCOMO is now offering FIDO-enabled biometric authentication for customers using Apple iOS devices” Mar 7, 2016 2016 FIDO ADOPTION “FIDO Universal 2nd Factor (U2F) authentication is now being used to allow all UK citizens to easily and securely access GOV.UK Verify digital public services. Mar 23, 2016 “BC Card provides Token and FIDO services to strengthen security and safety of Samsung Pay” March 1, 2016 “KEB Hana’s new solution is notably FIDO Certified.” February 3, 2016
Deployments are enabled by FIDO® Certified products available today
Leading OEMs Now Shipping FIDO Certified Devices Tab S, Tab S2S5, Mini Note 4, 5Alpha Note Edge S6, S6 Edge Sharp Aquos Zeta Sony Experia Z5 Fujitsu Arrows (Iris Biometrics) Samsung LG V10 & G5
 Available to anyone  Ensures interoperability  Promotes the FIDO ecosystem Steps to certification: 1. Conformance Self-Validation 2. Interoperability Testing 3. Certification Request 4. Trademark License (optional) fidoalliance.org/certification
JOIN THE FIDO ECOSYSTEM
JOIN THE FIDO ALLIANCE
All Rights Reserved. FIDO Alliance. Copyright 2016. THANK YOU FOR COMING! @FIDOAlliance www.fidoalliance.org brett@fidoalliance.org

Recomendados

FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Alliance
 
FIDO Overview: Status and Future
FIDO Overview: Status and FutureFIDO Overview: Status and Future
FIDO Overview: Status and Future
FIDO Alliance
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
FIDO Alliance
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
FIDO Alliance
 
Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
FIDO Alliance
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
FIDO Alliance
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance
 

Recomendados

FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Webinar – A New Model for Online Authentication: Implications for Policy...
FIDO Alliance
 
FIDO Overview: Status and Future
FIDO Overview: Status and FutureFIDO Overview: Status and Future
FIDO Overview: Status and Future
FIDO Alliance
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
FIDO Alliance
 
FIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - PresentationFIDO® for Government & Enterprise - Presentation
FIDO® for Government & Enterprise - Presentation
FIDO Alliance
 
FIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology LandscapeFIDO & Strong Authentication Technology Landscape
FIDO & Strong Authentication Technology Landscape
FIDO Alliance
 
Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
FIDO Alliance
 
FIDO Masterclass
FIDO MasterclassFIDO Masterclass
FIDO Masterclass
FIDO Alliance
 
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance: Year in Review Webinar slides from January 20 2016
FIDO Alliance
 
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
FIDO Alliance
 
FIDO - The Value of Membership
FIDO - The Value of Membership FIDO - The Value of Membership
FIDO - The Value of Membership
FIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
FIDO Alliance
 
FIDO Alliance Today: Status and News
FIDO Alliance Today: Status and NewsFIDO Alliance Today: Status and News
FIDO Alliance Today: Status and News
FIDO Alliance
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance
 
Fido China Working Group (FCWG)
Fido China Working Group (FCWG)Fido China Working Group (FCWG)
Fido China Working Group (FCWG)
FIDO Alliance
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
 
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
FIDO Alliance
 
FIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government RequirementsFIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government Requirements
FIDO Alliance
 
The Value of FIDO Alliance Membership
The Value of FIDO Alliance MembershipThe Value of FIDO Alliance Membership
The Value of FIDO Alliance Membership
FIDO Alliance
 
NTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More SimpleNTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More Simple
FIDO Alliance
 
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger AuthenticatonGoogle Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
FIDO Alliance
 
Google Case Study: Becoming Unphishable
Google Case Study: Becoming UnphishableGoogle Case Study: Becoming Unphishable
Google Case Study: Becoming Unphishable
FIDO Alliance
 
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
FIDO Alliance
 
Authentication and ID Proofing in Education
Authentication and ID Proofing in EducationAuthentication and ID Proofing in Education
Authentication and ID Proofing in Education
FIDO Alliance
 
FIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming WebinarFIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming Webinar
FIDO Alliance
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
 
DOCOMO Joins FIDO Alliance Board of Directors
DOCOMO Joins FIDO Alliance Board of DirectorsDOCOMO Joins FIDO Alliance Board of Directors
DOCOMO Joins FIDO Alliance Board of Directors
FIDO Alliance
 

Más contenido relacionado

La actualidad más candente

Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
FIDO Alliance
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
FIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming WebinarFIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming Webinar
FIDO Alliance
 

La actualidad más candente (20)

Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.comConsumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
 
FIDO - The Value of Membership
FIDO - The Value of Membership FIDO - The Value of Membership
FIDO - The Value of Membership
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
Google Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and ConsumersGoogle Case Study: Strong Authentication for Employees and Consumers
Google Case Study: Strong Authentication for Employees and Consumers
 
FIDO Alliance Today: Status and News
FIDO Alliance Today: Status and NewsFIDO Alliance Today: Status and News
FIDO Alliance Today: Status and News
 
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDOFIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
 
Fido China Working Group (FCWG)
Fido China Working Group (FCWG)Fido China Working Group (FCWG)
Fido China Working Group (FCWG)
 
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
 
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
Google Case Study: Becoming Unphisable: Towards Simpler, Stronger Authenticat...
 
FIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government RequirementsFIDO as Regtech - Addressing Government Requirements
FIDO as Regtech - Addressing Government Requirements
 
The Value of FIDO Alliance Membership
The Value of FIDO Alliance MembershipThe Value of FIDO Alliance Membership
The Value of FIDO Alliance Membership
 
NTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More SimpleNTT DOCOMO Deployment Case Study: Your Security, More Simple
NTT DOCOMO Deployment Case Study: Your Security, More Simple
 
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger AuthenticatonGoogle Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
Google Case Sudy: Becoming Unphishable: Towards Simpler, Stronger Authenticaton
 
Google Case Study: Becoming Unphishable
Google Case Study: Becoming UnphishableGoogle Case Study: Becoming Unphishable
Google Case Study: Becoming Unphishable
 
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
2019 FIDO TOKYO Seminar - FIDO Deployment in Korea
 
Authentication and ID Proofing in Education
Authentication and ID Proofing in EducationAuthentication and ID Proofing in Education
Authentication and ID Proofing in Education
 
FIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming WebinarFIDO Authentication for Gaming Webinar
FIDO Authentication for Gaming Webinar
 

Similar a Introduction to FIDO Alliance

AY - Adaptive Access Control
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
Adrian Young
 

Similar a Introduction to FIDO Alliance (20)

Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
DOCOMO Joins FIDO Alliance Board of Directors
DOCOMO Joins FIDO Alliance Board of DirectorsDOCOMO Joins FIDO Alliance Board of Directors
DOCOMO Joins FIDO Alliance Board of Directors
 
Strong Authentication Trends in Government
Strong Authentication Trends in GovernmentStrong Authentication Trends in Government
Strong Authentication Trends in Government
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
 
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowellIntroduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
 
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA SessionWebinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
 
Global Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong AuthenticationGlobal Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong Authentication
 
An Identity Crisis at the Center of Every IoT Product
An Identity Crisis at the Center of Every IoT ProductAn Identity Crisis at the Center of Every IoT Product
An Identity Crisis at the Center of Every IoT Product
 
Fido U2F PROTOCOL
Fido U2F PROTOCOLFido U2F PROTOCOL
Fido U2F PROTOCOL
 
Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali Fido U2F Protocol by Ather Ali
Fido U2F Protocol by Ather Ali
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
 
Mobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA PresentationMobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA Presentation
 
Introduction to the FIDO Alliance: Vision and Status
Introduction to the FIDO Alliance: Vision and StatusIntroduction to the FIDO Alliance: Vision and Status
Introduction to the FIDO Alliance: Vision and Status
 
AY - Adaptive Access Control
AY - Adaptive Access ControlAY - Adaptive Access Control
AY - Adaptive Access Control
 

Más de FIDO Alliance

Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
FIDO Alliance
 
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
FIDO Alliance
 

Más de FIDO Alliance (20)

IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
 
OTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptxOTIS: Our Journey to Passwordless.pptx
OTIS: Our Journey to Passwordless.pptx
 
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptxFIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
 
CISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptxCISA: #MoreThanAPassword.pptx
CISA: #MoreThanAPassword.pptx
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向新しい認証技術FIDOの最新動向
新しい認証技術FIDOの最新動向
 
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想日立PBI技術を用いた「デバイスフリーリモートワーク」構想
日立PBI技術を用いた「デバイスフリーリモートワーク」構想
 
Introduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS ServicesIntroduction to FIDO and eIDAS Services
Introduction to FIDO and eIDAS Services
 
富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案富士通の生体認証ソリューションと提案
富士通の生体認証ソリューションと提案
 
テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察テレワーク本格導入におけるID認証考察
テレワーク本格導入におけるID認証考察
 
「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ「開けゴマ!」からYubiKeyへ
「開けゴマ!」からYubiKeyへ
 
YubiOnが目指す未来
YubiOnが目指す未来YubiOnが目指す未来
YubiOnが目指す未来
 
FIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみたFIDO2導入してみたを考えてみた
FIDO2導入してみたを考えてみた
 
中小企業によるFIDO導入事例
中小企業によるFIDO導入事例中小企業によるFIDO導入事例
中小企業によるFIDO導入事例
 
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセスVPNはもう卒業!FIDO2認証で次世代リモートアクセス
VPNはもう卒業!FIDO2認証で次世代リモートアクセス
 
CloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワークCloudGate UNOで安全便利なパスワードレスリモートワーク
CloudGate UNOで安全便利なパスワードレスリモートワーク
 
数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート数々の実績:迅速なFIDO認証の展開をサポート
数々の実績:迅速なFIDO認証の展開をサポート
 
FIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards AuthenticationFIDO Alliance Research: Consumer Attitudes Towards Authentication
FIDO Alliance Research: Consumer Attitudes Towards Authentication
 
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ20200303 ISR プライベートセミナー:パスワードのいらない世界へ
20200303 ISR プライベートセミナー:パスワードのいらない世界へ
 
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
 

Último

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Introduction to FIDO Alliance

  • 1. INTRODUCTION TO FIDO ALLIANCE FIDO Seminar, New York City, 31 March 2016 Brett McDowell, Executive Director brett@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.
  • 2. The Problem The Solution The Alliance The Market
  • 3. 781 data breaches in 2015 Data Breaches… 170 million records in 2015 (up 50%) $3.8 million cost/breach (up 23% f/2013)
  • 4. “A look through the details of these incidents shows a common sequence of phish customer ≥ get credentials ≥ abuse web application ≥ empty bank/bitcoin account.” 2015 Data Breach Investigations Report
  • 5. The world has a PASSWORD PROBLEM 5Confidential
  • 6. ONE-TIME PASSCODES Improve security but aren’t easy enough to use Still Phishable User Confusion Token Necklace SMS Reliability 6Confidential
  • 8. WE CALL OUR NEW MODEL Fast IDentity Online online authentication using public key cryptography
  • 9. The Problem The Solution The Alliance The Market
  • 12. HOW OLD AUTHN WORKS ONLINE The user authenticates themselves online by presenting a human-readable “shared secret”
  • 13. HOW FIDO AUTHN WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography
  • 14. Passwordless Experience (UAF Standards) Second Factor Experience (U2F Standards) *There are other types of authenticators Second Factor Challenge 1 Authenticated Online 3 Insert Dongle* / Press Button 2 Biometric Verification* 2 Authentication Challenge 1 ? Authenticated Online 3
  • 15. OPEN STANDARDS R.O.I. FIDO-ENABLE ONCE GAIN EVERY DEVICE YOU TRUST NO MORE ONE-OFF INTEGRATIONS
  • 17. No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No Link-ability Between Services No Link-ability Between Accounts
  • 18. Better security for online services Reduced cost for the enterprise Simpler and safer for consumers
  • 19. The Problem The Solution The Alliance The Market
  • 20. The FIDO Alliance is an open industry association of over 250 global member organizations
  • 22. FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3
  • 24. Alliance Working Groups Standards & Technology 1. FIDO UAF 2. FIDO U2F 3. FIDO 2.0 4. Certification Market Adoption 5. Marketing 6. Privacy & Public Policy 7. Deployment-at-Scale 8. FIDO China https://fidoalliance.org/working-groups
  • 25. 25 Industry Partners Our mission is highly complementary to many other associations around the world. 25
  • 26. FIDO DEVELOPMENT TIMELINE FIDO 1.0 FINALFirst DeploymentsSpecification Review Draft FIDO Ready Program Alliance Announced FEB 2013 6 Members DEC 2013 FEB 2014 FEB-OCT 2014 DEC 9 2014 MAY 2015 TODAY >250 Members Market Adoption JUNE 2015 Certification Program New U2F Transports
  • 27. The Problem The Solution The Alliance The Market
  • 28. “PayPal and Samsung Enable Consumer Payments with Fingerprint Authentication on New Samsung Galaxy S5” Feb 24, 2014 “Secure Consumer Payments Enabled for Alipay Customers with Easy-to-Use Fingerprint Sensors on Recently-Launched Samsung Galaxy S5” September 17, 2014 “Google Launches Security Key, World’s First Deployment of Fast Identity Online Universal Second Factor (FIDO U2F) Authentication” October 21, 2014 2014 FIDO ADOPTION
  • 29. “Microsoft Announces FIDO Support Coming to Windows 10” Feb 23, 2015 “Qualcomm launches Snapdragon fingerprint scanning technology” March 2, 2015 “Google for Work announced Enterprise admin support for FIDO® U2F ‘Security Key’” April 21, 2015 “Largest mobile network in Japan becomes first wireless carrier to enhance customer experience with natural, simple and strong ways to authenticate to DOCOMO’s services using FIDO standards.” May 26, 2015 2015 FIDO ADOPTION “Today, we’re adding Universal 2nd Factor (U2F) security keys as an additional method for two-step verification, giving you stronger authentication protection.” August 12, 2015 “[T]he technology supporting fingerprint sign-in was built according to FIDO (Fast IDentity Online) standards.” September 15, 2015 “GitHub says it will now handle what is called the FIDO Universal 2nd Factor, or U2F, specification.” October 1, 2015
  • 30. “NTT DOCOMO is now offering FIDO-enabled biometric authentication for customers using Apple iOS devices” Mar 7, 2016 2016 FIDO ADOPTION “FIDO Universal 2nd Factor (U2F) authentication is now being used to allow all UK citizens to easily and securely access GOV.UK Verify digital public services. Mar 23, 2016 “BC Card provides Token and FIDO services to strengthen security and safety of Samsung Pay” March 1, 2016 “KEB Hana’s new solution is notably FIDO Certified.” February 3, 2016
  • 31. Deployments are enabled by FIDO® Certified products available today
  • 32.
  • 33. Leading OEMs Now Shipping FIDO Certified Devices Tab S, Tab S2S5, Mini Note 4, 5Alpha Note Edge S6, S6 Edge Sharp Aquos Zeta Sony Experia Z5 Fujitsu Arrows (Iris Biometrics) Samsung LG V10 & G5
  • 34.  Available to anyone  Ensures interoperability  Promotes the FIDO ecosystem Steps to certification: 1. Conformance Self-Validation 2. Interoperability Testing 3. Certification Request 4. Trademark License (optional) fidoalliance.org/certification
  • 37. All Rights Reserved. FIDO Alliance. Copyright 2016. THANK YOU FOR COMING! @FIDOAlliance www.fidoalliance.org brett@fidoalliance.org