The important role that mobile identity & authentication will have on the deployment and growth of conversational & messaging interfaces & the impact that it will have for brands & improve customer interaction.
6. Government Use Case
6
Individual
1. Smart Device controlled
by Individual & trusted by
the organization
2. An authority issues
a vetted identity in
form of certificate. –
Derived Credential3. Certificate
bound to
device
Individual
4.Used for access &
transactions to
commercial websites
7. Why FIDO
ü Complements current standard
protocols
ü Supports a surrogate model for
authentication and access
ü Abstracts user authentication
from the application
ü Change authentication
without impacting application
8. Key Value Points
• Single credential – multiple uses
o Strong Authentication: Proof of identity based on vetted credential & PIN
o Privacy Enhancing: Private data stored within user’s device, not shared
with Relying Party
o Standards-Based: Fast Identity Online (FIDO)
o Compliance: Leverages native cryptography in smartphone, meets NIST
requirements for Derived Credentials
o Storage: Can support secure container as a storage mechanism.
9. Why is this important
• Identity is going mobile
• Democratize identity – breaking identity silos
• Improve the user experience
• Enable a richer & more secure experience by combining
authentication within the conversation
• Regulations are changing to protect user
• Improves customer insights – providing user, device &
transactional information
• Reduces fraud
11. The problem
• Conversational interfaces are not a point to point
solution
o User to cloud to bot
o Bot to cloud to bot
o User to cloud to bot cloud to bot
• Conversational bots have one identity but multiple
personas
o In one they are the RP – looking to authenticate the user for a transaction
o On the following one they are the user – looking to transact with another RP –
becoming the surrogate to the end user
o Identity systems must be able to offer such flexibility
• FIDO can enable it
• Surrogating , Federation , Strong Authentication
• How to conveniently authenticate the user delivering a
natural experience
12. How it relates to this
event
• A user centric identity focus can drive adoption and
introduce new services delivers by conversational
assistants.
13. Identity is more than just
security
• Mobile identity can break down the application silos by
abstracting the authentication activity and creating a
an experience that obfuscates the background
complexity
• High assurance authentication enables commerce &
new services by offering secure & private transactions
• Authentication must become part of the conversational
• Authentication will become dynamic based on the
company & risk requirements
14. User Relying Party
Digital wallet of vetted
credentials
2. Who are you?
Smart phone Model M, GPS
Identity Certificate
Credentialing Agency
3. I am:
4. Let us guide you?
1. I need some help?
15. Conclusion
• Companies want to engage the user
• Users want a customized & secure experience
• New identity models using standards will deliver a
vetted user and provide the user with the same
convenient experience across platforms