Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
FIDO CERTIFICATION:
VALIDATING THE NEXT GENERATION OF
STRONGER, SIMPLER AUTHENTICATION
Steve Wilson, Ramesh Kesanupalli, A...
Agenda
• Welcome
• The Importance of Interoperability
• FIDO Certification Program Overview
• Highlights from Year One
• W...
The Importance of Interoperability
3All Rights Reserved | FIDO Alliance | Copyright 2016
STEVE WILSON
Vice President and P...
Physical-to-digital identity
User Management
Authentication
Federation
Single
Sign-On
Passwords Risk-BasedStrong
MODERN
AU...
PROGRAM OVERVIEW
Ramesh Kesanupalli, FIDO Visionary & Founder Nok Nok Labs
5All Rights Reserved | FIDO Alliance | Copyrigh...
Certification Goals
• Enable implementations to be identified as
officially FIDO certified
• Ensure interoperability betwe...
Certification Overview
• Available to both members and non-members
• Four steps to certification
7All Rights Reserved | FI...
8All Rights Reserved | FIDO Alliance | Copyright 2016
Deployments are enabled by
150+ 200+ FIDO® Certified products
availa...
9All Rights Reserved | FIDO Alliance | Copyright 2016
Certification Growth
10All Rights Reserved | FIDO Alliance | Copyright 2016
151
62
32
62
74
108
159
213
Apr-15 Jul-15 Sep-...
OEMs Now Shipping FIDO Certified Devices
S5, Mini Alpha Note 4,5 Note Edge Tab S,
Tab S2
S6,
S6 Edge
S7,
S7 Edge
Vernee
Th...
FIDO Applications Now Run on iOS 9
12All Rights Reserved | FIDO Alliance | Copyright 2016
iPhone 5s iPhone 6, 6+
iPad Air ...
WHAT’S NEW WITH THE
CERTIFICATION PROGRAM
Adam Powers, Director of Technology, FIDO Alliance
13All Rights Reserved | FIDO ...
BLE
• 2014: USB
• 2015: NFC
• 2016: BLE
• Bluetooth Smart authenticators, based on new U2F BLE specification
• One-click a...
On Demand Testing Overview
On
Demand
Testing
Virtual
Shipped
In-
Person
Confidential
FIDO Alliance | Confidential | All Ri...
Upcoming Certification Programs
• Security Certification
• Third-party lab security testing
• Ensure authenticators are se...
IMPLEMENTATION HIGHLIGHTS
17All Rights Reserved | FIDO Alliance | Copyright 2016
Korean Market Growth
• Most markets seeing
healthy growth…
• Huge spike in Korean
certifications in 2016
18All Rights Rese...
BLE & NFC
All Rights Reserved | FIDO Alliance | Copyright 2016
BLE / NFC Implementations
21All Rights Reserved | FIDO Alliance | Copyright 2016
Cool Authentication
22
Voice + FacePalm Recognition
Iris Recognition PIN + Mini jack
All Rights Reserved | FIDO Alliance |...
TIPS FOR RELYING PARTIES
23All Rights Reserved | FIDO Alliance | Copyright 2016
Key Considerations
• FIDO® Certified
• Out-of-the-box interoperability
• Broad ecosystem of authenticators and devices
• O...
Deploying: Authentication
25
phone / app
FIDO Client
FIDO
Authenticator(s)
Web
Server
Relying Party Applications
FIDO Comp...
Deploying: Second Factor
Original DB
Original Database
user_id Password#
JohnDoe
4^hfd;`gpo
U2F Database
U2F DB
Relation
R...
TIPS FOR PRODUCT IMPLEMENTERS
27All Rights Reserved | FIDO Alliance | Copyright 2016
The Value of Ecosystem
28All Rights Reserved | FIDO Alliance | Copyright 2016
The Value of Certification
29All Rights Reserved | FIDO Alliance | Copyright 2016
Higher Quality
Deployment Ready
Interope...
Getting the Most from Certification
• Remember to use your FIDO Certified logo!
• Tradeshows, websites, product briefs, et...
Getting Started
• Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool-
access-request/
• F...
Next Steps
32All Rights Reserved | FIDO Alliance | Copyright 2016
https://fidoalliance.org/certification/
QUESTIONS?
33All Rights Reserved | FIDO Alliance | Copyright 2016
Upcoming SlideShare
Loading in …5
×

FIDO Certification

1,057 views

Published on

In just over one year, the FIDO Certified Program has tested and certified more than 200 implementations of the FIDO specifications. There is strong interest and momentum in the market for FIDO Certified products — including FIDO’s new BLE certification, which for the first time brings FIDO technology to wearables and other emerging form factors.

These slides include information about:

- An overview of the program, including updates on newly available certification methodologies,
- Some of the latest and greatest FIDO Certified solutions on the marketplace, and gain an understanding of how products get started through the FIDO Certification process, and also will understand the benefits of deploying FIDO Certified authentication solutions.

Published in: Technology
  • Be the first to comment

FIDO Certification

  1. 1. FIDO CERTIFICATION: VALIDATING THE NEXT GENERATION OF STRONGER, SIMPLER AUTHENTICATION Steve Wilson, Ramesh Kesanupalli, Adam Powers All Rights Reserved | FIDO Alliance | Copyright 2016
  2. 2. Agenda • Welcome • The Importance of Interoperability • FIDO Certification Program Overview • Highlights from Year One • What’s New with the Program • Implementation Highlights • Getting Certified • Q & A 2All Rights Reserved | FIDO Alliance | Copyright 2016
  3. 3. The Importance of Interoperability 3All Rights Reserved | FIDO Alliance | Copyright 2016 STEVE WILSON Vice President and Principal Analyst, Constellation Research
  4. 4. Physical-to-digital identity User Management Authentication Federation Single Sign-On Passwords Risk-BasedStrong MODERN AUTHENTICATION FIDO Scope
  5. 5. PROGRAM OVERVIEW Ramesh Kesanupalli, FIDO Visionary & Founder Nok Nok Labs 5All Rights Reserved | FIDO Alliance | Copyright 2016
  6. 6. Certification Goals • Enable implementations to be identified as officially FIDO certified • Ensure interoperability between FIDO officially recognized implementations • Promote the adoption of the FIDO ecosystem 6All Rights Reserved | FIDO Alliance | Copyright 2016
  7. 7. Certification Overview • Available to both members and non-members • Four steps to certification 7All Rights Reserved | FIDO Alliance | Copyright 2016
  8. 8. 8All Rights Reserved | FIDO Alliance | Copyright 2016 Deployments are enabled by 150+ 200+ FIDO® Certified products available today
  9. 9. 9All Rights Reserved | FIDO Alliance | Copyright 2016
  10. 10. Certification Growth 10All Rights Reserved | FIDO Alliance | Copyright 2016 151 62 32 62 74 108 159 213 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 TOTAL
  11. 11. OEMs Now Shipping FIDO Certified Devices S5, Mini Alpha Note 4,5 Note Edge Tab S, Tab S2 S6, S6 Edge S7, S7 Edge Vernee Thor Aquos Zeta Xperia Z5 Xperia Z5 Compact Xperia Z5 Premium Mate 8 V10 G5 Phab2 Pro Phab2 Plus Z2, Z2 ProArrows NX Arrows Fit Arrows Tab All Rights Reserved | FIDO Alliance | Copyright 2016
  12. 12. FIDO Applications Now Run on iOS 9 12All Rights Reserved | FIDO Alliance | Copyright 2016 iPhone 5s iPhone 6, 6+ iPad Air 2, Mini 3 iPhone 6s, 6s+ iPad Mini 4 iPad Pro Supported iOS Fingerprint Devices
  13. 13. WHAT’S NEW WITH THE CERTIFICATION PROGRAM Adam Powers, Director of Technology, FIDO Alliance 13All Rights Reserved | FIDO Alliance | Copyright 2016
  14. 14. BLE • 2014: USB • 2015: NFC • 2016: BLE • Bluetooth Smart authenticators, based on new U2F BLE specification • One-click authentication • U2F support for iOS 14 + All Rights Reserved | FIDO Alliance | Copyright 2016
  15. 15. On Demand Testing Overview On Demand Testing Virtual Shipped In- Person Confidential FIDO Alliance | Confidential | All Rights Reserved | Copyright 2016 15 • Existing Process – Interop Testing • Interop every 90 days • Plan ahead! May impact product schedules… • New Process – On Demand Testing • Pick your testing date from a calendar • Servers: remote / virtual testing • Authenticators: ship device or in-person testing • Convenience and fast turn-around
  16. 16. Upcoming Certification Programs • Security Certification • Third-party lab security testing • Ensure authenticators are secure against at-scale and targeted attacks • Biometric Certification • Biometric neutral third-party biometric testing • Ensure levels of False Accept Rate (FAR) and resistance to predefined presentation attacks • New Specification Releases • Stay tuned for more details… 16All Rights Reserved | FIDO Alliance | Copyright 2016
  17. 17. IMPLEMENTATION HIGHLIGHTS 17All Rights Reserved | FIDO Alliance | Copyright 2016
  18. 18. Korean Market Growth • Most markets seeing healthy growth… • Huge spike in Korean certifications in 2016 18All Rights Reserved | FIDO Alliance | Copyright 2016 3 16 55 73 Sept-15 Dec-15 Mar-16 May-16
  19. 19. BLE & NFC All Rights Reserved | FIDO Alliance | Copyright 2016
  20. 20. BLE / NFC Implementations 21All Rights Reserved | FIDO Alliance | Copyright 2016
  21. 21. Cool Authentication 22 Voice + FacePalm Recognition Iris Recognition PIN + Mini jack All Rights Reserved | FIDO Alliance | Copyright 2016
  22. 22. TIPS FOR RELYING PARTIES 23All Rights Reserved | FIDO Alliance | Copyright 2016
  23. 23. Key Considerations • FIDO® Certified • Out-of-the-box interoperability • Broad ecosystem of authenticators and devices • Open Source Implementations • Exist for both UAF and U2F • Great for prototyping and small deployments • Include FIDO in your RFP • The simple way to ask for secure authentication 24All Rights Reserved | FIDO Alliance | Copyright 2016
  24. 24. Deploying: Authentication 25 phone / app FIDO Client FIDO Authenticator(s) Web Server Relying Party Applications FIDO Components FIDO Client API All Rights Reserved | FIDO Alliance | Copyright 2016
  25. 25. Deploying: Second Factor Original DB Original Database user_id Password# JohnDoe 4^hfd;`gpo U2F Database U2F DB Relation Relying Party user_id Meta U2F Data JohnDoe Yubico, Security Key, USB key handle, public key, certificate JohnDoe Yubico, YubiKey NEO, USB + NFC key handle, public key, certificate John Doe Yubico, Mobile app key handle, public key, certificatediagram provided by: • Average time to integrate: < 1 week • Stats from Google Deployment: • 4x faster login • Significant fraud reduction • 40% support reduction All Rights Reserved | FIDO Alliance | Copyright 2016
  26. 26. TIPS FOR PRODUCT IMPLEMENTERS 27All Rights Reserved | FIDO Alliance | Copyright 2016
  27. 27. The Value of Ecosystem 28All Rights Reserved | FIDO Alliance | Copyright 2016
  28. 28. The Value of Certification 29All Rights Reserved | FIDO Alliance | Copyright 2016 Higher Quality Deployment Ready Interoperability Market Ready
  29. 29. Getting the Most from Certification • Remember to use your FIDO Certified logo! • Tradeshows, websites, product briefs, etc. • Being a member has its privileges • Connect with RPs at plenaries, networking events, etc. • Certification discounts • Early access to specifications = first mover advantage 30All Rights Reserved | FIDO Alliance | Copyright 2016
  30. 30. Getting Started • Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool- access-request/ • For UAF, you will need to complete both automated and manual testing • UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/ • Complete Self-Conformance Testing at least two weeks prior to interoperability event. • Elect to Participate in Pre-Testing in the two weeks prior to the interoperability event (recommended) • Register for the next interoperability event to be held in Korea : https://fidoalliance.org/interop-registration/ • Next Interoperability Event Host: CrucialTec (Korea) • August 30 – 31, 2016: UAF • September 1, 2016: U2F 31All Rights Reserved | FIDO Alliance | Copyright 2016
  31. 31. Next Steps 32All Rights Reserved | FIDO Alliance | Copyright 2016 https://fidoalliance.org/certification/
  32. 32. QUESTIONS? 33All Rights Reserved | FIDO Alliance | Copyright 2016

×