Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Introduction to FIDO Alliance

5,785 views

Published on

Introduces FIDO Authentication: the problem, the solution, the Alliance and the market. Presented by Brett McDowell, Executive Director of the FIDO Alliance.

Published in: Technology
  • Be the first to comment

Introduction to FIDO Alliance

  1. 1. INTRODUCTION TO FIDO ALLIANCE Brett McDowell, Executive Director brett@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.
  2. 2. The Problem The Solution The Alliance The Market
  3. 3. 781 data breaches in 2015 Data Breaches… 170 million records in 2015 (up 50%) $3.8 million cost/breach (up 23% f/2013) All Rights Reserved. FIDO Alliance. Copyright 2016. 3
  4. 4. “95% of these incidents involve harvesting credentials stolen from customer devices, then logging into web applications with them.” 2015 Data Breach Investigations Report
  5. 5. “A look through the details of these incidents shows a common sequence of phish customer ≥ get credentials ≥ abuse web application ≥ empty bank/bitcoin account.” 2015 Data Breach Investigations Report
  6. 6. The world has a PASSWORD PROBLEM 5Confidential
  7. 7. ONE-TIME PASSCODES Improve security but aren’t easy enough to use Still Phishable User Confusion Token Necklace SMS Reliability 6Confidential All Rights Reserved. FIDO Alliance. Copyright 2016. 7
  8. 8. The world has a “SHARED SECRETS” PROBLEM 5Confidential
  9. 9. WE NEED A NEW MODEL All Rights Reserved. FIDO Alliance. Copyright 2016. 9
  10. 10. The Problem The Solution The Alliance The Market
  11. 11. THE NEW MODEL Fast IDentity Online online authentication using public key cryptography
  12. 12. THE OLD PARADIGM USABILITYSECURITY
  13. 13. THE FIDO PARADIGM Poor Easy WeakStrong USABILITY SECURITY All Rights Reserved. FIDO Alliance. Copyright 2016. 13
  14. 14. HOW “Shared Secrets” WORK ONLINE The user authenticates themselves online by presenting a human-readable “shared secret”
  15. 15. HOW FIDO WORKS AUTHENTICATOR LOCAL ONLINE The user authenticates “locally” to their device (by various means) The device authenticates the user online using public key cryptography All Rights Reserved. FIDO Alliance. Copyright 2016. 15
  16. 16. FIDO Registration Invitation Sent New Keys Created Pubic Key Registered With Online Server User is in a Session Or New Account Flow 1 2 3 4 Registration Complete User Approval All Rights Reserved. FIDO Alliance. Copyright 2016. 16
  17. 17. Login Complete FIDO Authentication FIDO Challenge Key Selected & Signs Signed Response verified using Public Key Cryptography User needs to login or authorize a transaction 1 2 3 4 User Approval All Rights Reserved. FIDO Alliance. Copyright 2016. 17
  18. 18. OPEN STANDARDS R.O.I.  FIDO-ENABLE ONCE  GAIN EVERY DEVICE YOU TRUST  NO MORE ONE-OFF INTEGRATIONS All Rights Reserved. FIDO Alliance. Copyright 2016. 18
  19. 19. USABILITY, SECURITY, R.O.I. and PRIVACY All Rights Reserved. FIDO Alliance. Copyright 2016. 19
  20. 20. No 3rd Party in the Protocol No Secrets on the Server Side Biometric Data (if used) Never Leaves Device No Link-ability Between Services No Link-ability Between Accounts
  21. 21. FIDO Delivers on Key Priorities Security • Authentication using strong asymmetric Public Key cryptography • Superior to old “shared secrets” model – there is nothing to steal on the server • Biometrics as second factor Privacy • Privacy architected in up front; supports EU Privacy Principles, other national privacy initiatives • No linkability or tracking • Biometric data never leaves device • Consumer control and consent Interoperability • Open standards: FIDO 2.0 specs are in W3C standardization process • FIDO compliance/ conformance testing to ensure interoperability of “FIDO certified” products Usability • Designed with the user experience (UX) first – with a goal of making authentication as easy as possible. • Security built to support the user’s needs, not the other way around
  22. 22. Better security for online services Reduced cost for the enterprise Simpler and safer for consumers All Rights Reserved. FIDO Alliance. Copyright 2016. 22
  23. 23. The Problem The Solution The Alliance The Market
  24. 24. The FIDO Alliance is an open industry association of over 250 organizations with a focused mission: authentication standards
  25. 25. Physical-to-digital identity User Management Authentication Federation Single Sign-On Passwords Risk-BasedStrong MODERN AUTHENTICATION FIDO SCOPE
  26. 26. FIDO Alliance Mission Develop Specifications Operate Adoption Programs Pursue Formal Standardization 1 2 3
  27. 27. Board Members All Rights Reserved. FIDO Alliance. Copyright 2016.
  28. 28. Sponsor Members All Rights Reserved. FIDO Alliance. Copyright 2016. 28
  29. 29. Associate Members All Rights Reserved. FIDO Alliance. Copyright 2016. 29
  30. 30. Government & Research 30 30All Rights Reserved. FIDO Alliance. Copyright 2016.
  31. 31. Liaison Program 31 31
  32. 32. FIDO DEVELOPMENT TIMELINE FIDO 1.0 FINALFirst DeploymentsSpecification Review Draft FIDO Ready Program Alliance Announced FEB 2013 DEC 2013 FEB 2014 FEB-OCT 2014 DEC 2014 MAY 2015 NOV 2015 Submission of FIDO Web API into W3C JUNE 2015 Certification Program New U2F Transports All Rights Reserved. FIDO Alliance. Copyright 2016. 32
  33. 33. The Problem The Solution The Alliance The Market
  34. 34. All Rights Reserved. FIDO Alliance. Copyright 2016. EXAMPLE: PAYPAL & SAMSUNG (FIDO DEPLOYMENT #1) Value Proposition Video 34
  35. 35. PayPal All Rights Reserved. FIDO Alliance. Copyright 2016. 35
  36. 36. More FIDO Adoption/Announcements All Rights Reserved. FIDO Alliance. Copyright 2016. 36
  37. 37. Deployments are enabled by over 200 FIDO® Certified products available today All Rights Reserved. FIDO Alliance. Copyright 2016. 37
  38. 38. Certification Growth 38 151 62 32 62 74 108 159 213 Apr-15 Jul-15 Sep-15 Dec-15 Mar-16 May-16 TOTAL All Rights Reserved. FIDO Alliance. Copyright 2016.
  39. 39. 39All Rights Reserved. FIDO Alliance. Copyright 2016.
  40. 40. Leading OEMs Shipping FIDO Certified Devices S5, Mini Alpha Note 4,5 Note Edge Tab S, Tab S2 S6, S6 Edge S7, S7 Edge Vernee Thor Aquos Zeta Xperia Z5 Xperia Z5 Compact Xperia Z5 Premium Mate 8 V10 G5 Phab2 Pro Phab2 Plus Z2, Z2 ProArrows NX Arrows Fit Arrows Tab All Rights Reserved. FIDO Alliance. Copyright 2016. 40
  41. 41. iPhone 5s iPhone 6, 6+ iPad Air 2, Mini 3 iPhone 6s, 6s+ iPad Mini 4 iPad Pro FIDO Applications Now Run on iOS Supported iOS Fingerprint Devices All Rights Reserved. FIDO Alliance. Copyright 2016. 41
  42. 42. JOIN THE FIDO ECOSYSTEM
  43. 43. JOIN THE FIDO ALLIANCE
  44. 44. THANK YOU! QUESTIONS? brett@fidoalliance.org | info@fidoalliance.org All Rights Reserved. FIDO Alliance. Copyright 2016.

×