Enviar búsqueda
Cargar
FIDO Masterclass
•
Descargar como PPTX, PDF
•
1 recomendación
•
5,270 vistas
F
FIDO Alliance
Seguir
FIDO Masterclass
Leer menos
Leer más
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 44
Descargar ahora
Recomendados
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
FIDO Alliance
Web Authentication API
Web Authentication API
FIDO Alliance
FIDO2 Specifications Overview
FIDO2 Specifications Overview
FIDO Alliance
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
Recomendados
FIDO Specifications Overview: UAF & U2F
FIDO Specifications Overview: UAF & U2F
FIDO Alliance
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
FIDO Alliance
Web Authentication API
Web Authentication API
FIDO Alliance
FIDO2 Specifications Overview
FIDO2 Specifications Overview
FIDO Alliance
Introduction to FIDO: A New Model for Authentication
Introduction to FIDO: A New Model for Authentication
FIDO Alliance
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
Introduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
Getting Started With WebAuthn
Getting Started With WebAuthn
FIDO Alliance
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
OpenID Foundation Japan
The Value of FIDO Certification
The Value of FIDO Certification
FIDO Alliance
WebAuthn and Security Keys
WebAuthn and Security Keys
FIDO Alliance
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
FIDO Alliance
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
FIDO Alliance
Going Passwordless with Microsoft
Going Passwordless with Microsoft
FIDO Alliance
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
FIDO Alliance
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
FIDO Alliance
FIDO2 & Microsoft
FIDO2 & Microsoft
FIDO Alliance
FIDO U2F Specifications: Overview & Tutorial
FIDO U2F Specifications: Overview & Tutorial
FIDO Alliance
Fido Technical Overview
Fido Technical Overview
FIDO Alliance
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
FIDO Alliance
Passwordless Authentication
Passwordless Authentication
Enterprise Management Associates
Getting Started with FIDO2
Getting Started with FIDO2
FIDO Alliance
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Google & FIDO Authentication
Google & FIDO Authentication
FIDO Alliance
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
FIDO Alliance
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
Más contenido relacionado
La actualidad más candente
Introduction to FIDO Alliance
Introduction to FIDO Alliance
FIDO Alliance
Getting Started With WebAuthn
Getting Started With WebAuthn
FIDO Alliance
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO Alliance
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
OpenID Foundation Japan
The Value of FIDO Certification
The Value of FIDO Certification
FIDO Alliance
WebAuthn and Security Keys
WebAuthn and Security Keys
FIDO Alliance
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
FIDO Alliance
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
FIDO Alliance
Going Passwordless with Microsoft
Going Passwordless with Microsoft
FIDO Alliance
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
FIDO Alliance
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
FIDO Alliance
FIDO2 & Microsoft
FIDO2 & Microsoft
FIDO Alliance
FIDO U2F Specifications: Overview & Tutorial
FIDO U2F Specifications: Overview & Tutorial
FIDO Alliance
Fido Technical Overview
Fido Technical Overview
FIDO Alliance
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
FIDO Alliance
Passwordless Authentication
Passwordless Authentication
Enterprise Management Associates
Getting Started with FIDO2
Getting Started with FIDO2
FIDO Alliance
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
Google & FIDO Authentication
Google & FIDO Authentication
FIDO Alliance
La actualidad más candente
(20)
Introduction to FIDO Alliance
Introduction to FIDO Alliance
Getting Started With WebAuthn
Getting Started With WebAuthn
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
次世代 IDaaS のポイントは本人確認 NIST と、サプライチェーンセキュリティと、みなしご ID - OpenID Summit 2020
The Value of FIDO Certification
The Value of FIDO Certification
WebAuthn and Security Keys
WebAuthn and Security Keys
FIDO Workshop-Demo Breakdown.pptx
FIDO Workshop-Demo Breakdown.pptx
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
2020 0218 - パスワードのいらない世界へ:FIDOアライアンスとFIDO認証の最新状況
Going Passwordless with Microsoft
Going Passwordless with Microsoft
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Integrating FIDO Authentication & Federation Protocols
Integrating FIDO Authentication & Federation Protocols
Microsoft's Implementation Roadmap for FIDO2
Microsoft's Implementation Roadmap for FIDO2
FIDO2 & Microsoft
FIDO2 & Microsoft
FIDO U2F Specifications: Overview & Tutorial
FIDO U2F Specifications: Overview & Tutorial
Fido Technical Overview
Fido Technical Overview
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
2019 FIDO Tokyo Seminar - FIDO認定と国内で初めて開催したFIDO相互接続性試験について
Passwordless Authentication
Passwordless Authentication
Getting Started with FIDO2
Getting Started with FIDO2
OpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Google & FIDO Authentication
Google & FIDO Authentication
Similar a FIDO Masterclass
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
FIDO Alliance
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO Alliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO Alliance
Solving the IoT Challenge
Solving the IoT Challenge
FIDO Alliance
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
FIDO Alliance
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance
The State of FIDO
The State of FIDO
FIDO Alliance
The State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
ssuserc1c6091
The State of FIDO
The State of FIDO
FIDO Alliance
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
FIDO Alliance
Strong Authentication Trends in Government
Strong Authentication Trends in Government
FIDO Alliance
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
FIDO Alliance
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
ssuser365526
Global Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong Authentication
FIDO Alliance
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
Cybersecurity Slides
Cybersecurity Slides
Jim Kaplan CIA CFE
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays
Similar a FIDO Masterclass
(20)
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
Introducing FIDO Device Onboard (FDO)
Introducing FIDO Device Onboard (FDO)
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
FIDO & PSD2 – Achieving Strong Customer Authentication Compliance
Solving the IoT Challenge
Solving the IoT Challenge
Webinar: Catch Up with FIDO Plus AMA Session
Webinar: Catch Up with FIDO Plus AMA Session
FIDO Alliance Webinar: Catch Up WIth FIDO
FIDO Alliance Webinar: Catch Up WIth FIDO
The State of FIDO
The State of FIDO
The State of Strong Authentication
The State of Strong Authentication
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
The State of FIDO
The State of FIDO
The FIDO Alliance Today: Status and News
The FIDO Alliance Today: Status and News
Strong Authentication Trends in Government
Strong Authentication Trends in Government
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
Beyond Passwords: FIDO & the Future of Consumer Authentication
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Global Regulatory Landscape for Strong Authentication
Global Regulatory Landscape for Strong Authentication
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Cybersecurity Slides
Cybersecurity Slides
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
apidays LIVE Hong Kong 2021 - Digital Identity Centric Approach to Accelerate...
Más de FIDO Alliance
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
FIDO Alliance
CISA - More Than A Password.pptx
CISA - More Than A Password.pptx
FIDO Alliance
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
FIDO Alliance
IBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experien...
OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experien...
FIDO Alliance
FIDO: The Value of Certification
FIDO: The Value of Certification
FIDO Alliance
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
FIDO Alliance
Ask FIDO About Anything: Certification
Ask FIDO About Anything: Certification
FIDO Alliance
Más de FIDO Alliance
(8)
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
Making FIDO Deployments Accessible to Users with Disabilities_slides.pptx
CISA - More Than A Password.pptx
CISA - More Than A Password.pptx
Workshop-Demo Breakdown.pptx
Workshop-Demo Breakdown.pptx
IBM - Hey FIDO, Meet Passkey!.pptx
IBM - Hey FIDO, Meet Passkey!.pptx
OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experien...
OTIS - Our Journey to Passwordless: Secure Authn & Frictionless User Experien...
FIDO: The Value of Certification
FIDO: The Value of Certification
Webinar: Considerations for Deploying FIDO in the Enterprise
Webinar: Considerations for Deploying FIDO in the Enterprise
Ask FIDO About Anything: Certification
Ask FIDO About Anything: Certification
Último
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Último
(20)
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
FIDO Masterclass
1.
© FIDO Alliance
2021 FIDO Masterclass Andrew Shikiar Executive Director & Chief Marketing Officer David Turner Director of Standards Development
2.
© FIDO Alliance
2021 Orgs suffered a successful phishing attack in 2020 (RiskBased Security) 57% 18 million COVID-19 themed malware and phishing emails blocked per day by Google $18.5 million Average cost of cyberattack in financial services, higher than any other vertical (Accenture) Increase in cyberattacks against financial services between February and April 2020 (VMWare) 238% Orgs breached as a result of a user password compromise (MobileIron) 42% Verified accounts that tweeted in Bitcoin scam after social engineering attack on Twitter 45 Number of times more likely the financial services sector is to be hit by a cyberattack (Boston Consulting Group) 300x 2 Execs who say their digital transformation plans have sped up due to COVID-19 (Trulioo) 97%
3.
© FIDO Alliance
2021 SMS and OTPs add security, but are inconvenient and still phishable Passwords are not fit for purpose • Clumsy • Hard to remember • Easy to phish, harvest, replay 3
4.
© FIDO Alliance
2021 Industry imperative: Simpler and stronger Security Usability Poor Easy Weak Strong = Single Gesture Possession-based Authentication Open standards for simpler, stronger authentication using public key cryptography 4
5.
© FIDO Alliance
2021 2013 The FIDO Alliance was launched 5 Simpler, IDentity Online Fast Stronger Authentication
6.
© FIDO Alliance
2021 Backed by global tech leaders 7 + Sponsor members + Associate members + Liaison members + Government members
7.
© FIDO Alliance
2021 How Does FIDO Authentication Work?
8.
© FIDO Alliance
2021 FIDO Authentication: How it works User verification Require user gesture before private key can be used Authenticator FIDO Authentication Private key dedicated to one app Public key
9.
© FIDO Alliance
2021 c,kpub,clientData,ac,tbs, s accountInfo, challenge, [cOpts] c,kpub,clientData,ac,cdh,rpId,cntr,AAGUID[,exts], signature(tbs) s FIDO Registration rpId, ai, hash(clientData), cryptoP, [exts] verify user generate: key kpub key kpriv credential c store: key kpub c Authenticator select Authenticator according to cOpts; determine rpId, get tlsData; clientData := {challenge, origin, rpId, hAlg, tlsData} cOpts: crypto params, credential black list, extensions cdh ai tbs ac: attestation certificate chain
10.
© FIDO Alliance
2021 clientData, cntr, exts, s FIDO Authentication Authenticator Relying Party rpId, [c,] hash(clientData) select Authenticator according to policy; check rpId, get tlsData (i.e. channel id, etc.); lookup key handle h; clientData := {challenge, rpId, tlsData} clientData,cntr,[exts],signature(cdh,cntr,exts) s cdh challenge, [aOpts] verify user find key kpriv cntr++; process exts lookup kpub from DB check: exts + signature using key kpub
11.
© FIDO Alliance
2021 Attestation + Metadata Private attestation key Signed Attestation Object Metadata Understand Authenticator security characteristic by looking into Metadata from mds.fidoalliance.org FIDO Registration Verify using trust anchor included in Metadata
12.
© FIDO Alliance
2021 In summary: Simpler Reduces reliance on complex passwords Single gesture to log on Same authentication on multiple devices Works with commonly used devices Fast and convenient
13.
© FIDO Alliance
2021 In summary: Stronger Based on public key cryptography No server-side shared secrets Keys stay on device No 3rd party in the protocol Biometrics, if used, never leave device No link-ability between services or accounts
14.
© FIDO Alliance
2021 Certification makes ecosystem tick Functional Certification (End-to-End): ▸ Conformance Testing ▸ Interoperability Testing ▸ Universal Server Security Certification Levels ▸ How well do you protect the private key? ▸ 3rd-party laboratory verification ▸ Complemented by Biometric Component certification Biometric Certification Program ▸ Empirically validate biometrics through third-party labs ▸ Assure that they correctly identify users regardless of biometric modality on all FIDO implementation types
15.
© FIDO Alliance
2021 FIDO Progress: Becoming Part of the Web’s DNA
16.
© FIDO Alliance
2021 How to become part of the Web’s DNA Industry collaboration & standardization Shipping in devices & platforms at massive scale Strong regulatory and government embrace 18
17.
© FIDO Alliance
2021 2021 Devices Support FIDO 4 Billion+ FIDO Certified Products 800+ People are using passwordless methods each month* 150 million *Microsof t 19
18.
© FIDO Alliance
2021 + 20
19.
© FIDO Alliance
2021 Now supported cross-platform Hello 21
20.
© FIDO Alliance
2021 22 Supported by growing number of service providers
21.
© FIDO Alliance
2021 23 Growing trend of government recognition of FIDO
22.
© FIDO Alliance
2021 FIDO is becoming part of the Web’s DNA Industry collaboration & standardization Shipping in devices & platforms at massive scale Strong regulatory and government embrace 24
23.
© FIDO Alliance
2021 Cross platform login in action 25
24.
© FIDO Alliance
2021 26
25.
© FIDO Alliance
2021 27
26.
© FIDO Alliance
2021 Filling the Gaps: Adjacent Work in Identity & IoT 28
27.
© FIDO Alliance
2021 Identity Verification and Binding
28.
© FIDO Alliance
2021 FIDO Authentication has been proven to protect against account takeover through phishing and other trial-based attacks. But… “What happens if I lose my FIDO authenticator?” Why FIDO and ID Verification? For accounts protected with FIDO Authentication, the account recovery process when a FIDO device is lost or stolen becomes critical to maintaining the integrity of the user’s account.
29.
© FIDO Alliance
2021 Market gaps – and a need to fill them FIDO promotes remote identity proofing through possession. Possessed item could be gov’t ID, device, etc. However, no criteria exist for determining what’s “good enough” for verifying possessed element used during remote identity proofing Relying parties are left to their own devices to establish acceptance criteria and performing “bake-offs” across different vendors • This testing is time-consuming and expensive • Testing typically isn’t representative of real-world fraud vectors
30.
© FIDO Alliance
2021 DocAuth performance criteria status* • Document security features define levels of sophistication • Attack vectors and key threats defined • Performance metrics such as false acceptance / rejection rates help • Relying Parties navigate market solutions • Verification algorithms and end-to-end user journey both tested • Geographic flexibility *Under review
31.
© FIDO Alliance
2021 Face verification criteria in development • Establishing certification criteria around 1. Selfie match to photo on ID document 2. Liveness detection • Incorporate into test program • Critical steps to match document to live applicants • Borrows heavily from existing biometric certification program
32.
© FIDO Alliance
2021 Binding topics under discussion • How do we tie the identity proofing event to the FIDO authenticator? • How do we prevent an attacker from hijacking a proofing event? • What metadata should be carried with the binding? ?
33.
© FIDO Alliance
2021 Priorities & milestones Starting now Work underway Define acceptance criteria for identity document verification Engage FIDO Accredited Lab for volunteer PoC for testing program Define acceptance criteria for live face verification Binding verification results to FIDO authenticators Launch certification program based on these criteria
34.
© FIDO Alliance
2021 IoT: FIDO Device Onboard (FDO)
35.
© FIDO Alliance
2021 How long does it take to manually onboard1 10,000 Gateways, Devices, Sensors? Answer: Over 2-man years2
36.
© FIDO Alliance
2021 Aligning FIDO IOT to Use Case and Ecosystem CSP & On-prem Support IoT Platform ISV Suite Silicon/device Ecosystem SI Ready Connectivity Support Use cases where FIDO IOT delivers maximum value • Industrial and Enterprise devices: thermometers, sensors, actuators, controls, lighting, medical, etc. • Multi-ecosystem applications and services: not tied to specific cloud framework • Distributor sales: deliver from stock, specify binding info after sale to customer • Device resale / redeploy: reset to factory conditions repeat onboarding process with new credentials
37.
© FIDO Alliance
2021 Fast, Scalable Device Provisioning, Onboarding & Activation 39 Drop ship device to installation location Power-up & connect to Network Auto-provisions, Onboards to Cloud BENEFITS1 • Zero touch onboarding – integrates readily with existing zero touch solutions • Fast & more secure1 – ~1 minute • Hardware flexibility – any hardware (from ARM MCU to Intel® Xeon® processors) • Any cloud – internet & on-premise • Late binding - of device to cloud greatly reduces number of SKUs vs. other zero touch offerings • Open - LF-Edge SDO project up and running, code now on GitHub 39 1. No product or component can be absolutely secure
38.
© FIDO Alliance
2021 40 Provisioning with FDO Device Manufacturer Device Recipient 2 3 Load Ownership Voucher at Procurement Device 6 1011 Build and Ship FDO IOT Enabled Devices 1 Register Ownership to Target Platform 2 Register Device to Rendezvous Service 3 Devices use FDO to find owner location 4 Devices Authenticated and Provisioned 5 Devices send sensor data to IoT Platform 6 5 Late Binding Provisioning 1 Single SKU – Multiple Target clouds Registration Discovery 4 Target Cloud (Device Management System) with integrated FDO Owner Rendezvou s service IOT Device power on 10 01 01 11 00 10 01 01 11 00 10 01 01 11 00 Cloud Managed, IoT data flows Ownership Voucher Device manufacture – supply chain Device deployed Device power on
39.
© FIDO Alliance
2021 Summing Up: Moving to a Passwordless Future (or a less passwords future)
40.
© FIDO Alliance
2021 What Needs to Happen: Replace password logins with Biometrics or Keys No knowledge-based authentication for ID proofing Replace passwords with FIDO keypairs 42
41.
© FIDO Alliance
2021 43
42.
© FIDO Alliance
2021 44
43.
© FIDO Alliance
2021 The Future of User Authentication FIDO Authentication is the industry’s answer to the password problem INDUSTRY BACKED FIDO represents the efforts of the world’s largest companies IN MARKET Leading service providers are using FIDO today FITS ALL USE CASES Native app and web support allows scalable deployments SUPPORTED Built-in support on leading browsers and platforms STRONGER Phishing resistance prevents account takeover FASTER Reduces sign in times and increases login success rates PRIVATE Credentials and biometrics never leave device CONVENIENT Leverages technologies built into everyday consumer devices
44.
© FIDO Alliance
2021 Thank you Thank you! 46
Descargar ahora