SlideShare una empresa de Scribd logo

Identity Tech Talks #3 FIDO futur of authentication

Leonard Moustacchis
Leonard Moustacchis

3rd Identity Tech Talks in Paris. FIDO explained by Sebastien Bahloul

Internet
1 de 19
Descargar para leer sin conexión
FIDO: LE FUTUR DE L’AUTHENTIFICATION ? 23 Mars 2017
SAFRAN IDENTITY AND SECURITY RESTRICTED SAFRAN IDENTITY AND SECURITY Safran Identity and Security / 15-07-2016 / Direction2 R&D Investment equal to nearly 7% of revenue Workforce 8,700+ EMPLOYEES in 57 COUNTRIES €1.9 BILLION of revenue #1 worldwide in biometric IDENTITY SOLUTIONS (fingerprint, iris and face) Systems deployed in MORE THAN 100 COUNTRIES A GLOBAL LEADER IN IDENTITY AND SECURITY
SAFRAN IDENTITY AND SECURITY RESTRICTED Intro Safran Identity & Security / 23 Mars 20173 1. FIDO en bref 2. Les cas d’usages FIDO UAF, U2F, 2.0
SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 20174 FIDO EN BREF 1
SAFRAN IDENTITY AND SECURITY RESTRICTED The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards 5 All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3 define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED Board Members 7 All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED HOW “Shared Secrets” WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret” All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED HOW FIDO WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No (*new*) Link-ability Between Services No (*new*) Link-ability Between Accounts All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED Certification Growth  An open competitive market  Ensures interoperability  Sign of mature FIDO ecosystem 250+ FIDO® Certified products available today 230 74 32 62 74 108 162 216 253 304 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Jan-17 TOTAL 11 All Rights Reserved | FIDO Alliance | Copyright 2017.
SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 201712 LES CAS D’USAGE FIDO UAF FIDO U2F FIDO 2.0 2
SAFRAN IDENTITY AND SECURITY RESTRICTED UAF (Universal Authentication Framework) • Specifications • V1.0 : Final • V1.1 : implementation draft U2F (Universal Second Factor) • Specifications • V1.0 : Final • V1.1 : implementation draft FIDO 2.0 (ex UFS) • Technical improvement • CTAP : interfaces with Authenticator • WebAuthn : Browser API defined by W3C • Specifications • Draft FIDO Specifications 13
SAFRAN IDENTITY AND SECURITY RESTRICTED ATTENTION : FIDO = AUTHENTIFICATION (et non identité) 14 = (site.com) jdoe -> Phase 1: l’enregistrement Phase 2: l’authentification 01001… 10110…
SAFRAN IDENTITY AND SECURITY RESTRICTED A Fido Server is the backend service that cryptographically authenticate an application user through a FIDO authenticator. Main features • Compliance with FIDO protocol (U2F/UAF/Fido 2.0) • Authenticator policy management • API with the user Agent (Registration) FIDO Server Safran Identity & Security / 23 Mars 201715
SAFRAN IDENTITY AND SECURITY RESTRICTED FIDO Standard : Compatibility Aspects U2F FIDO “Gold” Server FIDO2 FIDO2 FIDO2 UAF U2F Interoperability still to finalize Roaming Authenticator through CTAP bound authenticator WebAuthn/U2F U2F JS API UAF JS API UAF WebAuthn/CTAP Safran Identity & Security / 23 Mars 201716
SAFRAN IDENTITY AND SECURITY RESTRICTED Fido 2.0 (WebAuthn + CTAP) Safran Identity & Security / 23 Mars 201719 IDP User Device Browser Roaming Authenticators with transport channels and CTAP payload Relying Party WebApplication FIDO Server HTTPS Registration, Authentication & Transaction Confirmation FIDO Alliance Metadata Service BLE USB NFC Mobile Apps OS Bound authenticators
SAFRAN IDENTITY AND SECURITY RESTRICTED • Technical: • UAF: decreasing to almost stalled activity, trying to bring keystore as level 2 authenticators and bridging to WebAuthn • U2F: most of the work bridging to WebAuthn • CTAP: stalled waiting for a final status on WebAuthn • Related: WebAuthn very active development effort on Chrome, Edge and Mozilla • Working Groups • SRWG: Move initial levels 1=>4 to 2=>5 with an initial level for compliance and high level security overview (include software and TouchID authenticators) • CWG: Continue the biometric certification without PAD, rely upon TEE certification levels for 2+ levels • P3WG: Influence US NIST, EU for identity and banking standards Status update Safran Identity & Security / 23 Mars 201720
SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 201721

Recomendados

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinNew FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
FIDO Alliance
 
FIDO Technical Specifications Overview
FIDO Technical Specifications OverviewFIDO Technical Specifications Overview
FIDO Technical Specifications Overview
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
FIDO Authentication & Blockchain
FIDO Authentication & BlockchainFIDO Authentication & Blockchain
FIDO Authentication & Blockchain
FIDO Alliance
 
Implementation Case Study by eWBM
Implementation Case Study by eWBMImplementation Case Study by eWBM
Implementation Case Study by eWBM
FIDO Alliance
 
FIDO U2F & UAF Tutorial
FIDO U2F & UAF TutorialFIDO U2F & UAF Tutorial
FIDO U2F & UAF Tutorial
FIDO Alliance
 
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
 
NIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO AuthenticationNIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO Authentication
FIDO Alliance
 

Recomendados

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinNew FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin
FIDO Alliance
 
FIDO Technical Specifications Overview
FIDO Technical Specifications OverviewFIDO Technical Specifications Overview
FIDO Technical Specifications Overview
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
FIDO Authentication & Blockchain
FIDO Authentication & BlockchainFIDO Authentication & Blockchain
FIDO Authentication & Blockchain
FIDO Alliance
 
Implementation Case Study by eWBM
Implementation Case Study by eWBMImplementation Case Study by eWBM
Implementation Case Study by eWBM
FIDO Alliance
 
FIDO U2F & UAF Tutorial
FIDO U2F & UAF TutorialFIDO U2F & UAF Tutorial
FIDO U2F & UAF Tutorial
FIDO Alliance
 
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2FFIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
 
NIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO AuthenticationNIST 800-63 Guidance & FIDO Authentication
NIST 800-63 Guidance & FIDO Authentication
FIDO Alliance
 
Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
 
Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication
FIDO Alliance
 
FIDO and Strong Authentication in US Federal Government
FIDO and Strong Authentication in US Federal GovernmentFIDO and Strong Authentication in US Federal Government
FIDO and Strong Authentication in US Federal Government
FIDO Alliance
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
FIDO Alliance
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
FIDO Alliance
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & Microsoft
FIDO Alliance
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
 
FIDOAlliance
FIDOAllianceFIDOAlliance
FIDOAlliance
Sanjeev Verma, PhD
 
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native AppsUAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
FIDO Alliance
 
FIDO in Government
FIDO in GovernmentFIDO in Government
FIDO in Government
FIDO Alliance
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Alliance
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
FIDO Alliance
 
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CloudIDSummit
 
FIDO Specifications Tutorial
FIDO Specifications TutorialFIDO Specifications Tutorial
FIDO Specifications Tutorial
FIDO Alliance
 
FIDO UAF 1.0 Specs: Overview and Insights
FIDO UAF 1.0 Specs: Overview and InsightsFIDO UAF 1.0 Specs: Overview and Insights
FIDO UAF 1.0 Specs: Overview and Insights
FIDO Alliance
 
U2F/FIDO2 implementation of YubiKey
U2F/FIDO2 implementation of YubiKeyU2F/FIDO2 implementation of YubiKey
U2F/FIDO2 implementation of YubiKey
Haniyama Wataru
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO Authentication
FIDO Alliance
 
FIDO Certification
FIDO CertificationFIDO Certification
FIDO Certification
FIDO Alliance
 
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowellIntroduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
FIDO Alliance
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
Nov Matake
 
OAuth and REST web services
OAuth and REST web servicesOAuth and REST web services
OAuth and REST web services
sullis
 
Importancia de las economias asiaticas y relaciones con el peru
Importancia de las economias asiaticas y relaciones con el peruImportancia de las economias asiaticas y relaciones con el peru
Importancia de las economias asiaticas y relaciones con el peru
Carlos Alberto Aquino Rodriguez
 

Más contenido relacionado

La actualidad más candente

Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
FIDO Alliance
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
FIDO Alliance
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
Nov Matake
 

La actualidad más candente (20)

Getting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical TutorialGetting to Know the FIDO Specifications - Technical Tutorial
Getting to Know the FIDO Specifications - Technical Tutorial
 
Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication Technical Considerations for Deploying FIDO Authentication
Technical Considerations for Deploying FIDO Authentication
 
FIDO and Strong Authentication in US Federal Government
FIDO and Strong Authentication in US Federal GovernmentFIDO and Strong Authentication in US Federal Government
FIDO and Strong Authentication in US Federal Government
 
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation ProtocolsIntegrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
 
FIDO2 & Microsoft
FIDO2 & MicrosoftFIDO2 & Microsoft
FIDO2 & Microsoft
 
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
 
FIDOAlliance
FIDOAllianceFIDOAlliance
FIDOAlliance
 
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native AppsUAF Tutorial: Passwordless, Biometric Authentication for Native Apps
UAF Tutorial: Passwordless, Biometric Authentication for Native Apps
 
FIDO in Government
FIDO in GovernmentFIDO in Government
FIDO in Government
 
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid InnovationFIDO Authentication in Korea: Early Adoption & Rapid Innovation
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
 
FIDO Specifications Overview
FIDO Specifications OverviewFIDO Specifications Overview
FIDO Specifications Overview
 
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) SpecificationsCIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
 
FIDO Specifications Tutorial
FIDO Specifications TutorialFIDO Specifications Tutorial
FIDO Specifications Tutorial
 
FIDO UAF 1.0 Specs: Overview and Insights
FIDO UAF 1.0 Specs: Overview and InsightsFIDO UAF 1.0 Specs: Overview and Insights
FIDO UAF 1.0 Specs: Overview and Insights
 
U2F/FIDO2 implementation of YubiKey
U2F/FIDO2 implementation of YubiKeyU2F/FIDO2 implementation of YubiKey
U2F/FIDO2 implementation of YubiKey
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO Authentication
 
FIDO Certification
FIDO CertificationFIDO Certification
FIDO Certification
 
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowellIntroduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
Introduction to FIDO Alliance: Vision and Status -Tokyo Seminar -Brett McDowell
 
FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18FIDO alliance #idcon vol.18
FIDO alliance #idcon vol.18
 

Destacado

Destacado (13)

OAuth and REST web services
OAuth and REST web servicesOAuth and REST web services
OAuth and REST web services
 
Importancia de las economias asiaticas y relaciones con el peru
Importancia de las economias asiaticas y relaciones con el peruImportancia de las economias asiaticas y relaciones con el peru
Importancia de las economias asiaticas y relaciones con el peru
 
Archivio139
Archivio139Archivio139
Archivio139
 
FIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in GermanyFIDO, Strong Authentication and elD in Germany
FIDO, Strong Authentication and elD in Germany
 
Dragões alados (dragon flyz) teoria de tudo
Dragões alados (dragon flyz) teoria de tudoDragões alados (dragon flyz) teoria de tudo
Dragões alados (dragon flyz) teoria de tudo
 
Bus 475 capstone final exam new 2016 part 1
Bus 475 capstone final exam new 2016 part 1Bus 475 capstone final exam new 2016 part 1
Bus 475 capstone final exam new 2016 part 1
 
Bus 475 capstone final examination part 2 new 2016
Bus 475 capstone final examination part 2 new 2016Bus 475 capstone final examination part 2 new 2016
Bus 475 capstone final examination part 2 new 2016
 
Bus 475 final exam new 2016 phoenix
Bus 475 final exam new 2016 phoenixBus 475 final exam new 2016 phoenix
Bus 475 final exam new 2016 phoenix
 
Mkt 421 final exam 2016
Mkt 421 final exam 2016Mkt 421 final exam 2016
Mkt 421 final exam 2016
 
Tecnologia
TecnologiaTecnologia
Tecnologia
 
Hacking Health Halifax 2017 Pitching
Hacking Health Halifax 2017 PitchingHacking Health Halifax 2017 Pitching
Hacking Health Halifax 2017 Pitching
 
Plan tutoria final
Plan tutoria finalPlan tutoria final
Plan tutoria final
 
保持積極的思想 - Keep your thoughts positive
保持積極的思想 - Keep your thoughts positive 保持積極的思想 - Keep your thoughts positive
保持積極的思想 - Keep your thoughts positive
 

Similar a Identity Tech Talks #3 FIDO futur of authentication

Similar a Identity Tech Talks #3 FIDO futur of authentication (20)

Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for AuthenticationIntroduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
Introduction to the FIDO Alliance: Vision and Status
Introduction to the FIDO Alliance: Vision and StatusIntroduction to the FIDO Alliance: Vision and Status
Introduction to the FIDO Alliance: Vision and Status
 
FIDO - The Value of Membership
FIDO - The Value of Membership FIDO - The Value of Membership
FIDO - The Value of Membership
 
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview
 
Introduction to FIDO Authentication
Introduction to FIDO AuthenticationIntroduction to FIDO Authentication
Introduction to FIDO Authentication
 
Tokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and StatusTokyo Seminar: FIDO Alliance Vision and Status
Tokyo Seminar: FIDO Alliance Vision and Status
 
Introduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & StatusIntroduction to the FIDO Alliance: Vision & Status
Introduction to the FIDO Alliance: Vision & Status
 
Mobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA PresentationMobile Connections – FIDO Alliance and GSMA Presentation
Mobile Connections – FIDO Alliance and GSMA Presentation
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005Fido uaf-overview-v1.1-rd-20161005
Fido uaf-overview-v1.1-rd-20161005
 
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer AuthenticationBeyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
 
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and NewsThe FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
 
Introduction to FIDO Alliance
Introduction to FIDO AllianceIntroduction to FIDO Alliance
Introduction to FIDO Alliance
 
FIDO Alliance Vision and Updates
FIDO Alliance Vision and UpdatesFIDO Alliance Vision and Updates
FIDO Alliance Vision and Updates
 
2018 12-07 tokyo-seminar Brett McDowell
2018 12-07 tokyo-seminar Brett McDowell2018 12-07 tokyo-seminar Brett McDowell
2018 12-07 tokyo-seminar Brett McDowell
 
FIDO Alliance Vision and Status
FIDO Alliance Vision and StatusFIDO Alliance Vision and Status
FIDO Alliance Vision and Status
 
Introduction to the FIDO Alliance
Introduction to the FIDO AllianceIntroduction to the FIDO Alliance
Introduction to the FIDO Alliance
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 

Más de Leonard Moustacchis

Más de Leonard Moustacchis (20)

Identity verification and AI
Identity verification and AIIdentity verification and AI
Identity verification and AI
 
De la bonne utilisation de OAuth2
De la bonne utilisation de OAuth2 De la bonne utilisation de OAuth2
De la bonne utilisation de OAuth2
 
WebAuthn & FIDO2
WebAuthn & FIDO2WebAuthn & FIDO2
WebAuthn & FIDO2
 
Facebook data breach and OAuth2
Facebook data breach and OAuth2 Facebook data breach and OAuth2
Facebook data breach and OAuth2
 
Identity techtalk orange
Identity techtalk orangeIdentity techtalk orange
Identity techtalk orange
 
Intelligent authentication Identity tech talks
Intelligent authentication Identity tech talksIntelligent authentication Identity tech talks
Intelligent authentication Identity tech talks
 
Blockchain et ses cas d'usages - Identity Tech Talk#10
Blockchain et ses cas d'usages - Identity Tech Talk#10 Blockchain et ses cas d'usages - Identity Tech Talk#10
Blockchain et ses cas d'usages - Identity Tech Talk#10
 
iProov et Biométrie Identity Tech Talk #10
iProov et Biométrie Identity Tech Talk #10iProov et Biométrie Identity Tech Talk #10
iProov et Biométrie Identity Tech Talk #10
 
Microservice et identité
Microservice et identitéMicroservice et identité
Microservice et identité
 
Évènement 01 Business - GDPR, confiance et confidentialité des données, défi ...
Évènement 01 Business - GDPR, confiance et confidentialité des données, défi ...Évènement 01 Business - GDPR, confiance et confidentialité des données, défi ...
Évènement 01 Business - GDPR, confiance et confidentialité des données, défi ...
 
201707 dsp2 standards, sécurité, quels impacts - wavestone
201707 dsp2 standards, sécurité, quels impacts - wavestone201707 dsp2 standards, sécurité, quels impacts - wavestone
201707 dsp2 standards, sécurité, quels impacts - wavestone
 
Identité et Automobile
Identité et AutomobileIdentité et Automobile
Identité et Automobile
 
Meetup devops
Meetup devopsMeetup devops
Meetup devops
 
Quels sont les enjeux de la réglementation GDPR
Quels sont les enjeux de la réglementation GDPRQuels sont les enjeux de la réglementation GDPR
Quels sont les enjeux de la réglementation GDPR
 
Présentation de UMA (User Managed Access)
Présentation de UMA (User Managed Access)Présentation de UMA (User Managed Access)
Présentation de UMA (User Managed Access)
 
Mon Raspberry PI a une identité !
Mon Raspberry PI a une identité ! Mon Raspberry PI a une identité !
Mon Raspberry PI a une identité !
 
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
Comment ça marche: OpenID Connect fournisseur d’identité universel de Google ...
 
Pas d'IoT sans Identité!
Pas d'IoT sans Identité!Pas d'IoT sans Identité!
Pas d'IoT sans Identité!
 
Valorisez votre écosystème d'identités
Valorisez votre écosystème d'identitésValorisez votre écosystème d'identités
Valorisez votre écosystème d'identités
 
L’identité numérique : un atout incontournable pour construire une relation c...
L’identité numérique : un atout incontournable pour construire une relation c...L’identité numérique : un atout incontournable pour construire une relation c...
L’identité numérique : un atout incontournable pour construire une relation c...
 

Último

Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
anilsa9823
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Delhi Call girls
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
soniya singh
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
soniya singh
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Delhi Call girls
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
sexy call girls service in goa
 

Último (20)

Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 

Identity Tech Talks #3 FIDO futur of authentication

  • 1. FIDO: LE FUTUR DE L’AUTHENTIFICATION ? 23 Mars 2017
  • 2. SAFRAN IDENTITY AND SECURITY RESTRICTED SAFRAN IDENTITY AND SECURITY Safran Identity and Security / 15-07-2016 / Direction2 R&D Investment equal to nearly 7% of revenue Workforce 8,700+ EMPLOYEES in 57 COUNTRIES €1.9 BILLION of revenue #1 worldwide in biometric IDENTITY SOLUTIONS (fingerprint, iris and face) Systems deployed in MORE THAN 100 COUNTRIES A GLOBAL LEADER IN IDENTITY AND SECURITY
  • 3. SAFRAN IDENTITY AND SECURITY RESTRICTED Intro Safran Identity & Security / 23 Mars 20173 1. FIDO en bref 2. Les cas d’usages FIDO UAF, U2F, 2.0
  • 4. SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 20174 FIDO EN BREF 1
  • 5. SAFRAN IDENTITY AND SECURITY RESTRICTED The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards 5 All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 6. SAFRAN IDENTITY AND SECURITY RESTRICTED FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3 define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 7. SAFRAN IDENTITY AND SECURITY RESTRICTED Board Members 7 All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 8. SAFRAN IDENTITY AND SECURITY RESTRICTED HOW “Shared Secrets” WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret” All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 9. SAFRAN IDENTITY AND SECURITY RESTRICTED HOW FIDO WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 10. SAFRAN IDENTITY AND SECURITY RESTRICTED No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No (*new*) Link-ability Between Services No (*new*) Link-ability Between Accounts All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 11. SAFRAN IDENTITY AND SECURITY RESTRICTED Certification Growth  An open competitive market  Ensures interoperability  Sign of mature FIDO ecosystem 250+ FIDO® Certified products available today 230 74 32 62 74 108 162 216 253 304 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Jan-17 TOTAL 11 All Rights Reserved | FIDO Alliance | Copyright 2017.
  • 12. SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 201712 LES CAS D’USAGE FIDO UAF FIDO U2F FIDO 2.0 2
  • 13. SAFRAN IDENTITY AND SECURITY RESTRICTED UAF (Universal Authentication Framework) • Specifications • V1.0 : Final • V1.1 : implementation draft U2F (Universal Second Factor) • Specifications • V1.0 : Final • V1.1 : implementation draft FIDO 2.0 (ex UFS) • Technical improvement • CTAP : interfaces with Authenticator • WebAuthn : Browser API defined by W3C • Specifications • Draft FIDO Specifications 13
  • 14. SAFRAN IDENTITY AND SECURITY RESTRICTED ATTENTION : FIDO = AUTHENTIFICATION (et non identité) 14 = (site.com) jdoe -> Phase 1: l’enregistrement Phase 2: l’authentification 01001… 10110…
  • 15. SAFRAN IDENTITY AND SECURITY RESTRICTED A Fido Server is the backend service that cryptographically authenticate an application user through a FIDO authenticator. Main features • Compliance with FIDO protocol (U2F/UAF/Fido 2.0) • Authenticator policy management • API with the user Agent (Registration) FIDO Server Safran Identity & Security / 23 Mars 201715
  • 16. SAFRAN IDENTITY AND SECURITY RESTRICTED FIDO Standard : Compatibility Aspects U2F FIDO “Gold” Server FIDO2 FIDO2 FIDO2 UAF U2F Interoperability still to finalize Roaming Authenticator through CTAP bound authenticator WebAuthn/U2F U2F JS API UAF JS API UAF WebAuthn/CTAP Safran Identity & Security / 23 Mars 201716
  • 17. SAFRAN IDENTITY AND SECURITY RESTRICTED Fido 2.0 (WebAuthn + CTAP) Safran Identity & Security / 23 Mars 201719 IDP User Device Browser Roaming Authenticators with transport channels and CTAP payload Relying Party WebApplication FIDO Server HTTPS Registration, Authentication & Transaction Confirmation FIDO Alliance Metadata Service BLE USB NFC Mobile Apps OS Bound authenticators
  • 18. SAFRAN IDENTITY AND SECURITY RESTRICTED • Technical: • UAF: decreasing to almost stalled activity, trying to bring keystore as level 2 authenticators and bridging to WebAuthn • U2F: most of the work bridging to WebAuthn • CTAP: stalled waiting for a final status on WebAuthn • Related: WebAuthn very active development effort on Chrome, Edge and Mozilla • Working Groups • SRWG: Move initial levels 1=>4 to 2=>5 with an initial level for compliance and high level security overview (include software and TouchID authenticators) • CWG: Continue the biometric certification without PAD, rely upon TEE certification levels for 2+ levels • P3WG: Influence US NIST, EU for identity and banking standards Status update Safran Identity & Security / 23 Mars 201720
  • 19. SAFRAN IDENTITY AND SECURITY RESTRICTED Safran Identity & Security / 23 Mars 201721