Digital authentication

•Download as PPTX, PDF•

0 likes•58 views

People have too many applications and accounts on the internet, we don’t even count them all and need to handle so many logins nowadays.

Engineering

Digital Authentication
Allan Shih
JAN 20, 2021

● Introduction
● FIDO2 Authentication
● FIDO2 APIs for Android
● FIDO2 APIs for iOS
● Reference
Agenda

● Authentication is often described as the process of
“verifying that a user is who he claims to be”.
Introduction

● Any password-based authentication system needs to
store passwords somewhere in order to validate them
against a user’s input.
The 60s: password

● Used a cryptographic concept called a hash function
to store passwords.
The 70s: Password Hashing

● Public-key or Asymmetric Cryptography involves two
keys:
○ Public key that you can safely share with the world
to help identify yourself
○ Private key you use to sign things, thus verifying
your identity.
Mid-70s: Public-key cryptography

● A one-time password (OTP) is a password that is valid
for only one login session or transaction, on a
computer system or other digital device.
The 80s: One-time passwords

● A set of technologies and standards that manage the
creation, storage, and distribution of keys or digital
certificates.
The 90s: Public-Key Infrastructure

Mid-90s detour: CAPTCHAs
● A CAPTCHA (Completely Automated Public Turing test
to tell Computers and Humans Apart) is a type of
challenge–response test used in computing to determine
whether or not the user is human.
● We can used CAPTCHAs to prevent some automated
authentication attacks.

● Multi-factor authentication (MFA) is an authentication
method that requires the user to provide two or more
verification factors to gain access to a resource.
The 2000s: Multi-factor authentication

● The ubiquitous nature of smartphones brought two
previously less-attainable authentication technologies to
the masses: biometrics and 2FA.
The 2010s: The smartphone era

● FIDO2 (Fast Identity Online) uses public-key cryptography
to provide strong passwordless authentication to end-users.
● FIDO2 is the name given to the combination of two
specifications.
○ WebAuthn (Web Authentication)
○ CTAP (Client to Authenticator Protocol)
FIDO2 Authentication

Authenticating with a WebAuthn Credential

Authenticators
iPhones running iOS 13 or later
Yubico Security Key NFC used
on a smartphone via NFC

FIDO2 APIs for Android
● The FIDO2 API entry point is the Fido2ApiClient. The API
supports two operations:
○ Registration
○ Signing

FIDO2 APIs for iOS
● Safari supports NFC, USB, and Lightning FIDO2-Compliant
Security Keys in iOS 13.3
● Safari support password-less logins via Face ID and Touch ID
on iOS 14

● FIDO2: WebAuthn & CTAP
● FIDO2 API for Android
● Your First Android FIDO2 API
● Meet Face ID and Touch ID for the web - wwdc2020
Reference

感謝聆聽
https://codelabs.developers.google.
com/codelabs/fido2-for-android/#0

What's hot

Introduction to FIDO Biometric AuthenticationFIDO Alliance

FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Alliance

FIDO Workshop at the Cloud Identity Summit: FIDO Alliance OverviewFIDO Alliance

Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...Mike Schwartz

UAF Tutorial: Passwordless, Biometric Authentication for Native AppsFIDO Alliance

FIDO & PSD2: Solving the Strong Customer Authentication Challenge in EuropeFIDO Alliance

FIDO Alliance: Year in Review Webinar slides from January 20 2016FIDO Alliance

9.35am robert humphreyArgyle Executive Forum

FIDO Authentication Account Recovery Framework at Yahoo JapanFIDO Alliance

[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2

OAuth2 for IoT Security: Why OpenID Connect & UMA Are They KeyMike Schwartz

FIDO & GSMA Mobile ConnectFIDO Alliance

WebAuthn and Security KeysFIDO Alliance

Getting to Know the FIDO Specifications - Technical TutorialFIDO Alliance

Identity Live London 2017 | Kenneth MayForgeRock

apidays LIVE Hong Kong 2021 - API Ecosystem and Banking Open API Phase III & ...apidays

Bio-Authentication (FIDO) and PKI Trends in KoreaFIDO Alliance

Digital Identities in the Internet of Things - Securely Manage Devices at ScaleForgeRock

FIDO and Mobile ConnectFIDO Alliance

Introduction to the FIDO AllianceFIDO Alliance

What's hot (20)

Introduction to FIDO Biometric Authentication

FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...

FIDO Workshop at the Cloud Identity Summit: FIDO Alliance Overview

Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...

UAF Tutorial: Passwordless, Biometric Authentication for Native Apps

FIDO & PSD2: Solving the Strong Customer Authentication Challenge in Europe

FIDO Alliance: Year in Review Webinar slides from January 20 2016

9.35am robert humphrey

FIDO Authentication Account Recovery Framework at Yahoo Japan

[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...

OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key

FIDO & GSMA Mobile Connect

WebAuthn and Security Keys

Getting to Know the FIDO Specifications - Technical Tutorial

Identity Live London 2017 | Kenneth May

apidays LIVE Hong Kong 2021 - API Ecosystem and Banking Open API Phase III & ...

Bio-Authentication (FIDO) and PKI Trends in Korea

Digital Identities in the Internet of Things - Securely Manage Devices at Scale

FIDO and Mobile Connect

Introduction to the FIDO Alliance

Similar to Digital authentication

CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -NadalinFIDO Alliance

Go passwordless with fido2Rob Dudley

FIDO Authentication for Gaming WebinarFIDO Alliance

FIDO UAF 1.0 Specs: Overview and InsightsFIDO Alliance

Fido U2F Protocol by Ather Ali OWASP Delhi

Fido U2F PROTOCOLAther Ali

FIDO® for Government & Enterprise - PresentationFIDO Alliance

FIDO2 and MicrosoftFIDO Alliance

Beyond Passwords: FIDO & the Future of Consumer AuthenticationFIDO Alliance

Passwordless Mobile Banking.pdfKMSSolutionsMarketin

FIDO Authentication Technical OverviewFIDO Alliance

Fast IDentity Online New wave of open authentication standards.NET Crowd

Apache Milagro Presentation at ApacheCon Europe 2016Brian Spector

Smart OpenID & Mobile Network SecurityAndreas Leicher

FIDO & PSD2 – Achieving Strong Customer Authentication ComplianceFIDO Alliance

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

The FIDO Alliance Today: Status and NewsFIDO Alliance

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

Similar to Digital authentication (20)

CIS14: FIDO 101 (What, Why and Wherefore of FIDO)

New FIDO Specifications Overview -FIDO Alliance -Tokyo Seminar -Nadalin

Go passwordless with fido2

FIDO Authentication for Gaming Webinar

FIDO UAF 1.0 Specs: Overview and Insights

Fido U2F Protocol by Ather Ali

Fido U2F PROTOCOL

FIDO® for Government & Enterprise - Presentation

FIDO2 and Microsoft

Beyond Passwords: FIDO & the Future of Consumer Authentication

Passwordless Mobile Banking.pdf

FIDO Authentication Technical Overview

Fast IDentity Online New wave of open authentication standards

Apache Milagro Presentation at ApacheCon Europe 2016

Smart OpenID & Mobile Network Security

FIDO & PSD2 – Achieving Strong Customer Authentication Compliance

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...

The FIDO Alliance Today: Status and News

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...

Recently uploaded

Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000

chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis

Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxnull - The Open Security Community

Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis

What are the advantages and disadvantages of membrane structures.pptxwendy cai

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal

DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEslot gacor bisa pakai pulsa

★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR9953056974 Low Rate Call Girls In Saket, Delhi NCR

Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona

MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N

HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha

Architect Hassan Khalil Portfolio for 2024hassan khalil

(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat

High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile

Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile

SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome

Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia

Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234

Recently uploaded (20)

Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...

chaitra-1.pptx fake news detection using machine learning

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...

Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx

Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...

What are the advantages and disadvantages of membrane structures.pptx

OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...

DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE

★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR

Processing & Properties of Floor and Wall Tiles.pptx

MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE

HARMONY IN THE NATURE AND EXISTENCE - Unit-IV

Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx

Architect Hassan Khalil Portfolio for 2024

(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...

High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts

Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts

SPICE PARK APR2024 ( 6,793 SPICE Models )

Software Development Life Cycle By Team Orange (Dept. of Pharmacy)

Microscopic Analysis of Ceramic Materials.pptx

Digital authentication

1. Digital Authentication Allan Shih JAN 20, 2021

2. ● Introduction ● FIDO2 Authentication ● FIDO2 APIs for Android ● FIDO2 APIs for iOS ● Reference Agenda

3. ● Authentication is often described as the process of “verifying that a user is who he claims to be”. Introduction

4. ● Any password-based authentication system needs to store passwords somewhere in order to validate them against a user’s input. The 60s: password

5. ● Used a cryptographic concept called a hash function to store passwords. The 70s: Password Hashing

6. ● Public-key or Asymmetric Cryptography involves two keys: ○ Public key that you can safely share with the world to help identify yourself ○ Private key you use to sign things, thus verifying your identity. Mid-70s: Public-key cryptography

7. Mid-70s: Public-key cryptography

8. ● A one-time password (OTP) is a password that is valid for only one login session or transaction, on a computer system or other digital device. The 80s: One-time passwords

9. ● A set of technologies and standards that manage the creation, storage, and distribution of keys or digital certificates. The 90s: Public-Key Infrastructure

10. Mid-90s detour: CAPTCHAs ● A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenge–response test used in computing to determine whether or not the user is human. ● We can used CAPTCHAs to prevent some automated authentication attacks.

11. ● Multi-factor authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource. The 2000s: Multi-factor authentication

12. ● The ubiquitous nature of smartphones brought two previously less-attainable authentication technologies to the masses: biometrics and 2FA. The 2010s: The smartphone era

13. The Problem With Passwords

14. ● FIDO2 (Fast Identity Online) uses public-key cryptography to provide strong passwordless authentication to end-users. ● FIDO2 is the name given to the combination of two specifications. ○ WebAuthn (Web Authentication) ○ CTAP (Client to Authenticator Protocol) FIDO2 Authentication

15. THE ORGANIZATIONS LEADING THE WAY

16. FIDO2 Authentication

17. Registering a WebAuthn Credential

18. Registering a WebAuthn Credential

19. Authenticating with a WebAuthn Credential

20. Introduction

21. Authenticators iPhones running iOS 13 or later Yubico Security Key NFC used on a smartphone via NFC

22. FIDO2 APIs for Android ● The FIDO2 API entry point is the Fido2ApiClient. The API supports two operations: ○ Registration ○ Signing

23. FIDO2 APIs for Android

24. FIDO2 APIs for iOS ● Safari supports NFC, USB, and Lightning FIDO2-Compliant Security Keys in iOS 13.3 ● Safari support password-less logins via Face ID and Touch ID on iOS 14

25. FIDO2 APIs for iOS 13

26. FIDO2 APIs for iOS 14

27. ● FIDO2: WebAuthn & CTAP ● FIDO2 API for Android ● Your First Android FIDO2 API ● Meet Face ID and Touch ID for the web - wwdc2020 Reference

28. 感謝聆聽 https://codelabs.developers.google. com/codelabs/fido2-for-android/#0