Your SlideShare is downloading. ×
Beyond Passwords: FIDO (Fast IDentity Online) and the Larger Market for Strong Authentication
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Beyond Passwords: FIDO (Fast IDentity Online) and the Larger Market for Strong Authentication

1,530
views

Published on

From Voice Biometrics Conference San Francisco (May 8-9, 2013), Michael Barrett, Chief Information Security Officer, PayPal -- With the explosive growth of electronic commerce and mobile banking, the …

From Voice Biometrics Conference San Francisco (May 8-9, 2013), Michael Barrett, Chief Information Security Officer, PayPal -- With the explosive growth of electronic commerce and mobile banking, the need for strong authentication is growing. PayPal is helping spearhead the FIDO Alliance, which introduces a viable alternative to passwords with a standards-based approach to authentication that raises security and ensures privacy, while simplifying authentication. FIDO unleashes vast potential for both existing and many new markets. The question is: "How big is the market opportunity for voice and all biometrics in a FIDO enabled world?"

Published in: Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,530
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
62
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. PayPalTMMichael Barrett, CISM, CISSPChief Information Security OfficerVoice  Biometrics  Conference  May  8,  2013  
  • 2. Opportunity for Better Authentication is Upon UsPasswords Just Do Not Work…For Users For OrganizationsPainful to Use  •  25  Accounts  •  8  Logins  /  Day  •  6.5  Passwords  Difficult to Secure•  $5.5M / Data Breach•  $15M / PWD Reset•  $60+ / TokenFor the EcosystemImpossible to Scale•  Fragmented•  Inflexible•  Slow to Adopt
  • 3. Common experiences related to authenticationfailure (respondents who say it happened to themone or more times over the past 2 years)Users are frustrated -password complexityrequirements workingagainst them insteadof supporting themExperiences with Identity and Authentication
  • 4. JUST EASYSECURE & EASYJUST BADHighSecurityLowUNPLEASANTLow HighUsabilitySecurity is not a Continuum…
  • 5. DO YOU REALLY WANT YOURREFRIGERATOR TO KNOW YOUR PAYPALPASSWORD?Do You Really Want Your Refrigerator to Know YourPayPal Password?
  • 6. Newer Technologies Exist
  • 7. 0204060801001202006 2007 2008 2009 2010 2011 2012Authentication VendorsIncreasing Options
  • 8. Authentication Standards Combined with Advancesin Biometrics Provide a New Path Forward
  • 9. How FIDO WorksFIDO AuthenticatorsWebsiteBrowserFIDO PluginDevice SpecificModule64123 5ValidationCachesecret secretsrefreshVendor TokensFIDORepository
  • 10. •  User picks their own token type•  User decides when/if to bind theirtoken to their account•  Existing tokens (like finger) can beused by downloading the FIDOplugin•  User can download the plugin fromvarious sites•  User could have a PIN-protectedUSB drive to use while travellingThe FIDO “User” Experience
  • 11. Please say your passphrase to log into youraccountSpeakVoice Experience
  • 12. Finger Experience
  • 13. USB Experience
  • 14. Ø The Internet needs better authentication, nowØ Stronger authentication is not “betterauthentication”Ø An industry standards based approach is theonly viable way forwardØ “Whether you believe you can do a thing, ornot, you are right” (Henry Ford)
  • 15. Michael Barrett, CISM, CISSPChief Information Security Officermbarrett@paypal.comPayPalTMThank You for Your Time!