Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

FIDO Certified Program: Status & Futures

5,263 views

Published on

An update for FIDO's Technical Director, Adam Powers, on the current status and upcoming changes to the FIDO Certified Program.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

FIDO Certified Program: Status & Futures

  1. 1. All Rights Reserved | FIDO Alliance | Copyright 20171 FIDO Certified Program: Status & Futures Adam Powers Technical Director FIDO Alliance
  2. 2. Certification Goals • Enable implementations to be identified as officially FIDO certified • Ensure interoperability between FIDO officially recognized implementations • Promote the adoption of the FIDO ecosystem 2 All Rights Reserved | FIDO Alliance | Copyright 2017
  3. 3. Certification Overview Available to both members and non-members Four steps to certification 3 All Rights Reserved | FIDO Alliance | Copyright 2017
  4. 4. 4 All Rights Reserved | FIDO Alliance | Copyright 2017 Deployments are enabled by 100+ 340+ FIDO® Certified products available today
  5. 5. Certification Growth 5 All Rights Reserved | FIDO Alliance | Copyright 2017 TOTAL 343 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 Aug-16 Dec-16 May-17 254 89
  6. 6. Korean Market Growth Most markets seeing healthy growth… Huge spike in Korean certifications in 2016 6 All Rights Reserved | FIDO Alliance | Copyright 2016
  7. 7. 9 S5, Mini Alpha Note 4,5 Note Edge Tab S, Tab S2 S6, S6 Edge S7, S7 Edge Vernee Thor Xperia Z5 SO-01H Xperia Z5 Compact SO-02H Xperia Z5 Premium SO-03H Mate 8 V10 G5 Phab2 Phab2 Pro Plus Z2, Z2 Pro Xperia X Performance Xperia XZ Xperia X Compact SO-02J All Rights Reserved | FIDO Alliance | Copyright 2017. Arrows NX Arrows Fit Arrows Tab F-02HF-04HF-04G F-01H Aquos Zeta SH-01HSH-03G SH-02J FIDO Certified Mobile Devices
  8. 8. FIDO Applications on iOS 10 All Rights Reserved | FIDO Alliance | Copyright 2017 iPhone 5s iPhone 6, 6+ iPad Air 2, Mini 3 iPhone 6s, 6s+ iPad Mini 4 iPad Pro Supported iOS Fingerprint Devices
  9. 9. FIDO Certified Tokens 11All Rights Reserved. FIDO Alliance. Copyright 2017
  10. 10. All Rights Reserved | FIDO Alliance | Copyright 201612 Coming Soon to Certification
  11. 11. New Program Launching Soon: Authenticator Certification Levels Why authenticator certification? ▸ Verify the protection of FIDO secret keys and user privacy ▸ UAF and U2F authenticators will be eligible Two authenticator certification levels – L1 & L2 ▸ Level 1 – basic security validation for protecting secrets and privacy, performed by FIDO Security Secretariat ▸ Level 2 – lab-based validation of protection against at-scale attacks ▸ Other levels coming soon! 13 All Rights Reserved | FIDO Alliance | Copyright 2017
  12. 12. All Rights Reserved | FIDO Alliance | Copyright 201714 Level 1 Certification Process Similar to existing Functional Certification: ▸ Pass test tools ▸ Submit Vendor Questionnaire to FIDO that provides answers about the security and privacy of the implementation ▸ Perform a few additional tests at interop ▸ Submit for Level 1 Certification!
  13. 13. All Rights Reserved | FIDO Alliance | Copyright 201715 Level 2 Certification Process Must pass Functional Validation, and also: ▸ Select FIDO Accredited Security Lab ▸ Submit Vendor Questionnaire to lab ▸ Work with lab to validate and / or correct design ▸ Lab submits report to FIDO ▸ Submit for Level 2 Certification!
  14. 14. All Rights Reserved | FIDO Alliance | Copyright 201716 Launch Plan Launch! Trial Period Issue First Batch of Certifications Sunset Period May 30 Publish Program Policies, Websites, Accredited Lab List, and a Marketing Announcement.May 30 - August 28 90 days to perform Security Evaluations and answer Vendor and Accredited Security Laboratory questions. August 28 Issue and Announce the first batch of L1 and L2 Certifications. November 30, 2018 18 month Sunset Period. Functional Only is no longer allowed for Authenticators, baseline requirement is L1.
  15. 15. Biometric Certification Why biometric certification? ▸ Services and users need to have faith in biometrics ▸ Also verifies the FIDO Privacy Principles What gets biometric certified? ▸ Authenticators ▸ Any kind of biometric: Fingerprint, voice, iris, palm, face How to get biometric certified? ▸ Select an accredited lab ▸ Test biometric with live subjects to meet FAR / FRR ▸ Lab submits test report to FIDO 17 All Rights Reserved | FIDO Alliance | Copyright 2016 Face Palm Iris Finger
  16. 16. FIDO 2.0 Certification WebAuthn ▸ W3C browser-based authentication ▸ Browser and test tool development underway now! Client to Authenticator Protocol (CTAP) ▸ Based on U2F device transports Universal Servers* ▸ Implement all features of FIDO: UAF, U2F, WebAuthn 18 All Rights Reserved | FIDO Alliance | Copyright 2016 * Formerly refered to as “Gold Servers”
  17. 17. FIDO Alliance | All Rights Reserved | Copyright 201619 Getting Started
  18. 18. Building an Ecosystem 20 FIDO Alliance | All Rights Reserved | Copyright 2016
  19. 19. Why Get Certified? Value of Certification ▸ Highest quality products ▸ Market interoperability ▸ Deployment ready ▸ Easily identifiable by buyers Be a member: ▸ Discounts for members ▸ Early access to draft specifications 21 FIDO Alliance | All Rights Reserved | Copyright 2016
  20. 20. Deployments of FIDO Certified How to reach relying parties: ▸ Remember to use your FIDO Certified logo! ▸ Tradeshows, websites, product briefs, etc. ▸ Being a member has its privileges ▸ Connect with RPs at plenaries, networking events, etc. ▸ Certification discounts ▸ Early access to specifications = first mover advantage ▸ Be aware of upcoming requirements for FIDO ▸ For example, NIST 800-63 22 FIDO Alliance | All Rights Reserved | Copyright 2016 Confidential
  21. 21. Getting Started Register for Self-Conformance Test Tool Access : https://fidoalliance.org/test-tool-access-request/ ▸ For UAF, you will need to complete both automated and manual testing ▸ UAF Authenticators only will need a Vendor ID: http://fidoalliance.org/vendor-id-request/ Complete Self-Conformance Testing at least two weeks prior to interoperability event. Elect to Participate in Pre-Testing in the two weeks prior to the interoperability event (recommended) Register for the next interoperability event to be held in June : https://fidoalliance.org/interop-registration/ Registration for June Interop closes on May 24 Next Interoperability Event Host: Synaptics (San Jose, CA) June 7-8, 2017: UAF June 8, 2017: U2F 23 FIDO Alliance | All Rights Reserved | Copyright 2016
  22. 22. Next Steps Available to both members and non-members Four steps to certification 24 All Rights Reserved | FIDO Alliance | Copyright 2016
  23. 23. All Rights Reserved | FIDO Alliance | Copyright 201625 Questions?

×