Unblocking The Main Thread Solving ANRs and Frozen Frames
FIDO Authentication in Korea: Early Adoption & Rapid Innovation
1. All Rights Reserved | FIDO Alliance | Copyright 20181
FIDO AUTHENTICATION IN KOREA
Founder & CEO / Global PD, Inc
dongpyo@theglobalpd.com
Dongpyo Hong
Early Adoption & Rapid Innovation
3. All Rights Reserved | FIDO Alliance | Copyright 20183
Why FIDO Solution is important
All Rights Reserved | FIDO Alliance | Copyright 20183
Repeated Cybersecurity Issues in Korea *Sourced by Internet news
4. All Rights Reserved | FIDO Alliance | Copyright 20184
Why FIDO Solution is important
All Rights Reserved | FIDO Alliance | Copyright 20184
4生 = Keywords for Cybersecurity
(AI Speaker/Connected car/Smart TV Refrigerator/Washing
Machine/IP Camera/DoorLock)
(Artificial Heart Actuator/Insulin pump/ Drone/unmanned
car/Robot/Telemedicine)
①生活 (Social Life security) ②生命 (life-Treatening
security)
③生態系 (Security
ecosystem)
Family
Government
Enterprise
Individual
④生存保安 (Survival Security)
*Confidential,Integrity,Availability,Survibility
*Sourced by FIDO Forum Korea
生
6. All Rights Reserved | FIDO Alliance | Copyright 20186
FIDO Members in Korea (1/2)
31 Members : 3 Board members, 6 Sponsors, 22 Associates
Board Member
Sponsor Member
Associate Member Curay Soft
7. All Rights Reserved | FIDO Alliance | Copyright 20187
FIDO Members in Korea (2/2)
Biometrics
Digital Security & Security Platform Provider
Mobile Device Bank & Card Embeded Security SW &
HW Solution
Government Related
Mobile Carrier
Curay Soft
(70 members)
9. All Rights Reserved | FIDO Alliance | Copyright 20189
FIDO Adoptions in Korea (1/3)
Japan
UK
Canada
Germany
etc
Korea
USA
China
FIDO
certified
*Sourced by Global PD, Inc (December. 2017)
Korea is the largest country who has lots of FIDO certification
10. All Rights Reserved | FIDO Alliance | Copyright 201810
FIDO Adoptions in Korea (2/3)
B2B2C – Finance B2B2C – Telecommunication
B2B2C – Portal, Education
B2B – Enterprise
B2B – Public & Government
27 3
5
33
New Government Drive
Active Financial Institution
Mobile banking with Biometrics
*Sourced by Global PD, Inc (December. 2017)
11. All Rights Reserved | FIDO Alliance | Copyright 201811
FIDO Adaptions in Korea (3/3)
B2B2C – Finance
B2B2C – Telecommunication B2B2C – Portal, Education
B2B – Enterprise B2B – Public & Government
*Sourced by Global PD, Inc (December. 2017)
13. All Rights Reserved | FIDO Alliance | Copyright 201813
FIDO Deployments in Korea
TO-BEAS-IS
PublicPKI
PrivatePKI
OTP
...
...
APP
LIB
APP
Introduction of multiple solutions and management
environment by authentication methods
- Install many programs on PC, mobile, etc.
-Require systemimplementation for multiple authentication methods
-Increase managementpoints due to solution introduction
Various Client
Environment
Web-based
integrated
mgnt
Integrated
authentication
platform
Switch to FIDO-based authentication platform
- Integrate various authentication methods with FIDO Client
- Improve user convenience with convenient and consistent UI / UX
- Improve administrator convenience with one unified solution
Newly switch to FIDO-based authentication platform
14. All Rights Reserved | FIDO Alliance | Copyright 201814
FIDO Deployments in Korea - f i n a n c e / e n t e r p r i s e / p u b l i c
Enhanced user
authentication with 2-factor
authentication
“Apply to online certification environment”
B2B2C
Finance
Security >> Convenience > Expandability
Replacement of existing
certification system such as
OTP and accredited certificate
Combined with easy payment
service
15. All Rights Reserved | FIDO Alliance | Copyright 201815
Bank : ATM / Mobile Banking Securities : MTS App Insurance : Mobile App
FIDO Deployments in Korea - f i n a n c e / e n t e r p r i s e / p u b l i c
Digital Payment with Mobile App Card Cardless Biometric
Payment
‘Hand pay’
Fingerprint Auth. Voice Auth. Vein Auth. & digital payment
16. All Rights Reserved | FIDO Alliance | Copyright 201816
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
Support various mobile
service environments
“Strengthen service certification of B2B/B2C”
B2B
Enterprise
Expandability >> Security > Convenience
Enhanced corporate
information protection
through FIDO certification
Positive for various
extended applications of
biometric authentication
17. All Rights Reserved | FIDO Alliance | Copyright 201817
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
11st Biometric Log-in
Check registered User
(Authentication)
With registered Biometric at 11st
OCB(Mileage) check and redeem
With registered Biometric at 11st
11Pay Checkout
Provide Identity (IDP)
With user identity at 11st
OCB one click sign up
With user identity at 11st
11Pay one click sign up
*Sourced by SK Planet
*Example : SK Planet
18. All Rights Reserved | FIDO Alliance | Copyright 201818
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
*Sourced by SK Planet
*Example : SK Planet
19. All Rights Reserved | FIDO Alliance | Copyright 201819
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
*Example : Samsung
20. All Rights Reserved | FIDO Alliance | Copyright 201820
Menu Option setting Registration
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
*Example : ‘S’ Group company
Biz ServerOneGuard
Identification
RegistrationBiometrics selection
Authentication&mgmt
1
2 3
4 Registration
Device unique info &
Auth. Key Registration
Check Auth status
Access permission &
Block capture
Select ‘Bio Auth’ Verification Device info. Using biometrics Auth completion
Verification Auth. Key
Policy update
5 6
Password-less
Log in
8
Vaccine Execution &
Check Web status
7
Secured Mobile
Contents
Verification Device info
Group Bank,Card,Insurance
15 Affiliates
User 15000 employees
BIZ
Smart Office
Group Mobile Messanger
* expanded to PC based service
- Eaiser authentication for employees
- Standardization & Unified policy
- Multi tenancy for expansion
Finger Voice face Iris
for Group Authentication
Option for FIDOMenu
*Sourced by Global PD
21. All Rights Reserved | FIDO Alliance | Copyright 201821
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
Identification Authentication Access control
Work ServerOneGuard
Registration of Device unique
info. & Verification
During setting up Device Control Agent,
User Auth & Bio Auth. Setup
1 Verification of
Authorized device
2 Verification of
Authorized user
3
During App Log in,
Finger printed based FIDO Auth.
* In case of emergent log in,
SecurePIN could be used
USB
Security mode along with layer &
Policy
4
Check Auth. status
Launcher Log in &
APP Log in
Activation of Security policy & monitoring
status
Synchronization of auth. Info.
among APPs through Credential
control
Device
APP
Group 3,000 employees
Without any additional set up Security
module, Single MDM Agent make Smart
office
* Expanded to System Access Control (SAC)
Finger
MDM/MAM/MIM/MTM
By MDM based Agent
SecurePIN
PIN
- Eaiser authentication for employees
- MDM based Total Security Solution
- Deeper layer of security model upto Device-
Contents category
- Minimizing managing resources from Total solution
*Example : ‘D’ Group company
Access Control
(Voice)
Biz
*Sourced by Global PD
22. All Rights Reserved | FIDO Alliance | Copyright 201822
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
Piolot Service for civil affairs, policies,
and information on line
B2B
Public &
Government
Convenience >> Security > Expandability
Operation of financial institution
integrated certification system
through ‘joint FIDO system’ in 2016
23. All Rights Reserved | FIDO Alliance | Copyright 201823
FIDO Deployments in Korea- f i n a n c e / e n t e r p r i s e / p u b l i c
*Sourced by Webpage of https://www.gov.kr/portal/minwon
* Example : Government portal site
25. All Rights Reserved | FIDO Alliance | Copyright 201825
Next FIDO Deployments in Korea
Auth
control
Identification
Service mgnt
User mgnt
MDM
Organization mgnt
MIM
Biometric Authentication
Bio-PKI PKI OTP
Log mgnt
MAM MTM
SSO
mgnt
integrated
Auth Platform
mgnt
Behavior-based
analysis
Service-
specific auth
policies
Admin
mgnt
B2C
Service
B2B
Business
User
Step 3
B2B
business
Step 4
B2C
Service
Step 1
Step 2
MDM
Integrated authentication platform
Mobile-basedPC-based Public
network
Closed
network infra Inter-
working
Auth
means
Device
DNA
Time
Location
Rule
Various interfaces
Developed as an integrated authentication platform based on FIDO combined with various security technologies
26. All Rights Reserved | FIDO Alliance | Copyright 201826
AI Authentication (Mobile based) FIDO – IoT – (Block Chain)
Access Auth. of Smart car
Next FIDO Deployments in Korea
FIDO Server
FIDOKeyVerification
Blockchain
AdditionalVerificationofFIDOKey
StoreFIDOKey(PublicKey)intransactionledger
Safe management of FIDO public key
28. All Rights Reserved | FIDO Alliance | Copyright 201828
( a p p e n d i x ) FIDO Deployments in korea (A ppli ed ver.)
BIO accredited certificateReplacement of accredited certificate Password
*******
TEE-based electronic signature
Blocking sources of hacking risk
Connection to public certificate
organization
Strong non-repudiation
for transaction
PKCS#7
Standard Support
Security
- Prevent TEE-based accredited
certificate from theft, leakage
- EnhancedUsabilitybyPassword-less
- Issuanceofaccreditedcertificatewithvalidityof
3years
Non-repudiation
- Ensurestrongnon-repudiation&security
throughaccreditedaccreditedcertificate
Standard (PKCS#7)
- Minimizeexistinginfrastructuremodificationswith
PKCS#7StandardandCMPcompliance
Usability
Combined with an accredited certificate to provide strong non-repudiationCombined with an accredited certificate to provide strong non-repudiation
29. All Rights Reserved | FIDO Alliance | Copyright 201829
( a p p e n d i x ) FIDO Deployments in Korea (a ppli ed ver.)
Cooperative FIDO service in Finance Sector
(Distributed biometrics information mgmt system)